{"report_id":"06f09946-f766-4662-b829-01eaee6fff21","version":6,"status":"done","tags":[],"date":"2026-02-18T22:08:50Z","url":{"schema":"http","addr":"setup.pekora.zip/version?guid29435","fqdn":"setup.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"setup.pekora.zip/version?guid29435","fqdn":"setup.pekora.zip","domain":"pekora.zip","tld":"zip"},"title":"setup.pekora.zip/version?guid29435","dom":{"size":148,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"192799e3aacf04a771316a9cd6f9b54d","sha1":"18cb0f0998c8c2d8c4044027e2c5f0bb735d0dff","sha256":"eb2c9096eec5d94490cd161cff271700a2ddca4388b87cf1082add4ba615c858","sha512":"873af201f25d63aeba9f35f42d6f6ba40a7567982fbe97b7616a0fd7a9db1cb8c9efe72d1acb46cc391e2889658f14dcae233877d74830d8fcf79aca019e533c","ssdeep":"","tlshash":"4ac02bf7140a145fb63036c6ec837108a7e01004e1360c34b744006cc3d430cc085d82","dom_hash":"domhashc1fec9cafeadbac0b33c1409ff211c3f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"setup.pekora.zip/version?guid29435","fqdn":"setup.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-25T22:08:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"setup.pekora.zip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"setup.pekora.zip","ip":{"addr":"104.21.95.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-12-16","domain_rank":0,"first_seen":"2024-12-21T05:30:22.11876Z","last_seen":"2026-01-07T21:09:46.818421Z","alert_count":2,"request_count":2,"received_data":28332,"sent_data":958,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"setup.pekora.zip/version?guid29435","fqdn":"setup.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-18T22:08:28.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"deb1fe9d.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Feb 2026 01:47:01 GMT","end":"Thu, 07 May 2026 02:46:51 GMT"},"fingerprint":{"sha1":"89:73:F1:C5:10:C9:2F:AF:1E:F0:6C:2B:3A:CB:C3:AA:5A:B3:C0:81","sha256":"12:26:F7:66:E0:9C:FA:E6:0B:7A:5E:F6:31:4B:00:5F:7F:9F:56:74:9A:F7:DF:3C:72:6E:72:B5:48:78:AF:9D"}}},"request":{"raw":"GET /version?guid29435 HTTP/1.1\r\nHost: setup.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Feb 2026 22:08:28 GMT\r\ncontent-length: 24\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hghifop2cbkmAD9RbsKBGIU6HDiHMgbwLx0GWRCK2aJ8ECXYK1TO5muqwM0VJ%2BslnGl9mpf3HuC6kq8jTh9ZvjW2GArspzyrtHrCEsEtbjQ%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"23e492d90258582f55d47b98c8ddefd4\"\r\nlast-modified: Mon, 03 Nov 2025 14:57:35 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-ray: 9d00d7e18cc96e70-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"23e492d90258582f55d47b98c8ddefd4","sha1":"1eef20de5f5020a01ad03f33064d225473ba170e","sha256":"9d1072cfd469a5d74fc85ebe15e49810c1d13bb22f13a54f4ac7e8887891a4a0","sha512":"3309ab79bbc4a093e7eb89adba25405739c2c2523219ce210a814f915d46b7fb3e3b36c29e9f09512b1a11bfb34cf6cace31ab764f74c34c51e7a89767380e8d","ssdeep":"","tlshash":"02700083080ba0ea0832220aae22a00883f02a80022002300800008003282000000803","first_seen":"2026-02-18T22:08:51.727261Z","last_seen":"2026-02-18T22:08:51.727261Z","times_seen":1,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":34,"dns":0,"connect":8,"send":0,"wait":86,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"setup.pekora.zip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"setup.pekora.zip/favicon.ico","fqdn":"setup.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://setup.pekora.zip/version?guid29435","date":"2026-02-18T22:08:28.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"deb1fe9d.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Feb 2026 01:47:01 GMT","end":"Thu, 07 May 2026 02:46:51 GMT"},"fingerprint":{"sha1":"89:73:F1:C5:10:C9:2F:AF:1E:F0:6C:2B:3A:CB:C3:AA:5A:B3:C0:81","sha256":"12:26:F7:66:E0:9C:FA:E6:0B:7A:5E:F6:31:4B:00:5F:7F:9F:56:74:9A:F7:DF:3C:72:6E:72:B5:48:78:AF:9D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: setup.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://setup.pekora.zip/version?guid29435\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Wed, 18 Feb 2026 22:08:28 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FazhEZmFegL%2Bs%2FHiE%2FqInsmDbaT9qDk2Zz80m74vqGvRoB%2Bcl%2FAYsCraBCnYWm23BMfafV2srLb3Xge59PWJu0pWxC%2BQMukmGDkUfts7xoU%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncontent-encoding: br\r\ncf-ray: 9d00d7e2fe016e70-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27150,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (611)","md5":"46dd133ee00dc1bae5e4eeba7b88432f","sha1":"8af86a4ac91ce48c062216fb94a6e1d57618a19b","sha256":"9eb52ee46c7ab5ea4ca0982415da99fded1b7d7354f75e50847bdae6cb44eb66","sha512":"cb49f9e3812e2c262af374e79bd8905cb508a45bf2c2d6af62eed85af43770872486a55e9425882feda9fb3a57a317a3c18be1e286adaf0c76be7f1b0dfa8474","ssdeep":"384:6bamwIluB0sJQqCeSQup5szCUXAG0VVi82OgoKACZQQofNJXY3gW3:603Mp5If8WOmgW3","tlshash":"e3c291dc7be968e4e5de43aaef2831a8320ba0fb17425904f51d12142f0655cec6f6ed","first_seen":"2024-07-03T19:18:11Z","last_seen":"2026-04-04T18:19:54.139852Z","times_seen":30099,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"setup.pekora.zip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}