{"report_id":"68945ca5-12c8-4b4f-a40b-1e3069625579","version":6,"status":"done","tags":[],"date":"2025-02-15T01:54:25Z","url":{"schema":"http","addr":"mirrors.middlendian.com/dragora/v3/packages/amd64/bzip2_1.0.8_amd64-1@compressors.tlz.sha256","fqdn":"mirrors.middlendian.com","domain":"middlendian.com","tld":"com"},"ip":{"addr":"144.6.197.157","port":0,"asn":4764,"as":"Aussie Broadband","country":"Australia","country_code":"AU"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-04-26T01:54:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"mirrors.middlendian.com","ip":{"addr":"60.241.48.194","port":0,"asn":7545,"as":"TPG Telecom Limited","country":"Australia","country_code":"AU"},"domain_registered":"2024-07-29","domain_rank":0,"first_seen":"2024-08-06T11:42:29Z","last_seen":"2025-02-15T01:53:23.929761Z","alert_count":0,"request_count":2,"received_data":744,"sent_data":844,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2025-02-15T01:53:55Z","timestamp":1739584435,"ip_dst":{"addr":"172.18.0.20","port":57364,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"60.241.48.194","port":443,"asn":7545,"as":"TPG Telecom Limited","country":"Australia","country_code":"AU"},"severity":"medium","alert":"ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 762","source":"{\"timestamp\":\"2025-02-15T01:53:55.735054+0000\",\"flow_id\":1996949132934764,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"60.241.48.194\",\"src_port\":443,\"dest_ip\":\"172.18.0.20\",\"dest_port\":57364,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.TorIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2522761,\"rev\":5674,\"signature\":\"ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 762\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2008_12_01\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TOR\"],\"updated_at\":[\"2024_10_10\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2025-02-15T01:53:55.261740+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"mirrors.middlendian.com/","fqdn":"mirrors.middlendian.com","domain":"middlendian.com","tld":"com"},"ip":{"addr":"60.241.48.194","port":0,"asn":7545,"as":"TPG Telecom Limited","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2025-02-15T01:53:58.990453012Z","timestamp":1739584438990,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: mirrors.middlendian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx/1.27.3\r\nDate: Sat, 15 Feb 2025 01:53:58 GMT\r\nContent-Type: text/html\r\nContent-Length: 169\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nLocation: https://mirrors.middlendian.com/\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":169,"size_decoded":169,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"7aa8c3c90b85559164f65b1695c719a1","sha1":"70d11b4b06a6888eb5cf5c1bd97c309de4e245dc","sha256":"ba65bd604e3c2e12b9f798a2926918e6b52cdcfc07ab95701c66351e32f63065","sha512":"389a4b337c0db9f701548b8a4c59062f0874f097dc0fe5f6f9e387c92d015a9fd18d1b0c67c4a0f1fd9924f221a8b944c9c904d153e4b5151a10571c43d0365e","ssdeep":"","tlshash":"43c08cedab027ce8b8a73b7860c360a0e2ec817012d9451281b00a0bf1cf2979ec23d1","first_seen":"2024-12-02T17:41:43.903519Z","last_seen":"2025-02-24T22:40:39.329496Z","times_seen":77,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"mirrors.middlendian.com/dragora/v3/packages/amd64/bzip2_1.0.8_amd64-1@compressors.tlz.sha256","fqdn":"mirrors.middlendian.com","domain":"middlendian.com","tld":"com"},"ip":{"addr":"60.241.48.194","port":0,"asn":7545,"as":"TPG Telecom Limited","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2025-02-15T01:54:18.305721251Z","timestamp":1739584458305,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /dragora/v3/packages/amd64/bzip2_1.0.8_amd64-1@compressors.tlz.sha256 HTTP/1.1\r\nHost: mirrors.middlendian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.3\r\ndate: Sat, 15 Feb 2025 01:54:18 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 102\r\nlast-modified: Wed, 03 May 2023 23:28:54 GMT\r\netag: \"6452ee36-66\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102,"size_decoded":102,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"188f88171ea761c58670d5b9e64ef5e0","sha1":"2ce25bc53ef5bf610ce5f6b8879f800a38dd1a6d","sha256":"7b3b88571ec017be88e72ad747d6aaa1fbc249ba91c3ac51672f06178e7f2733","sha512":"6675d1ca6d090a4d42fa9ef2c9a1fe710425582c519dc64d4867bc71b30c6125e10e43853651cf2edcdaf1727f6dd226baa0757a85960c8aa5ffb3c0e17ebadc","ssdeep":"","tlshash":"e0b0121c7723419447640a81eefb854923ba1d4cf241402052fe461dd743a0d7d20b8d","first_seen":"2025-02-15T01:54:25.560204Z","last_seen":"2025-02-15T01:54:25.560204Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}