{"report_id":"7073dc2e-d47e-4797-a281-234f125b56e3","version":6,"status":"done","tags":[],"date":"2026-03-03T14:53:31Z","url":{"schema":"http","addr":"satinayapii.top/cuid/?f=https://spotidownloader.com","fqdn":"satinayapii.top","domain":"satinayapii.top","tld":"top"},"ip":{"addr":"172.240.212.204","port":0,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"satinayapii.top/cuid/?f=http://spotidownloader.com","fqdn":"satinayapii.top","domain":"satinayapii.top","tld":"top"},"title":"satinayapii.top/cuid/?f=http://spotidownloader.com","dom":{"size":135,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"07d105408f1cfa510c614da8e086e40f","sha1":"8f6a14cb03b1fbc956f19412a90ddeb16d8ba99c","sha256":"a171d257c0961d22637f6b6d8c1fca6c4eceba209f4769e662922f3a776adf41","sha512":"12dc8ab483f25e1e32fa4583c6a33593931b97f19e43b7404d503f9a571567f70878fd423e8ceedd3448c6fbf380889c99afde63f097731abec3b3be5b853dc6","ssdeep":"","tlshash":"93c022fb2000280bf2203ac2ec822208b880a008f02b8c22b38008bcc0c020ec08aeca","dom_hash":"domhashc1fec9cafeadbac0b33c1409ff211c3f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"satinayapii.top/cuid/?f=https://spotidownloader.com","fqdn":"satinayapii.top","domain":"satinayapii.top","tld":"top"},"ip":{"addr":"172.240.212.204","port":0,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-07T14:53:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-03T14:53:08Z","timestamp":1772549588,"ip_dst":{"addr":"172.240.212.134","port":80,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":59384,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-03-03T14:53:08.785909+0000\",\"flow_id\":530063218193429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":59384,\"dest_ip\":\"172.240.212.134\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"satinayapii.top\",\"url\":\"/cuid/?f=http://spotidownloader.com\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":400,\"length\":11},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":706,\"bytes_toclient\":406,\"start\":\"2026-03-03T14:53:08.537621+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"satinayapii.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"satinayapii.top","ip":{"addr":"172.240.212.134","port":80,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-06-26","domain_rank":0,"first_seen":"2025-12-26T20:11:36.016538Z","last_seen":"2026-02-28T21:05:56.163728Z","alert_count":4,"request_count":3,"received_data":2188,"sent_data":1342,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"satinayapii.top/cuid/?f=http://spotidownloader.com","fqdn":"satinayapii.top","domain":"satinayapii.top","tld":"top"},"ip":{"addr":"172.240.212.134","port":80,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-03T14:53:08.538Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cuid/?f=http://spotidownloader.com HTTP/1.1\r\nHost: satinayapii.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 14:53:08 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 11\r\nConnection: keep-alive\r\nKeep-Alive: timeout=10\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"0fc30646d5cf22910283967bf24ebf66","sha1":"70437a30a79f0032756805765a65aa52d05281d2","sha256":"917ef22f94f460141928531e1945453e29d89dcd58e3383c2b3ba0e2e19eb0d7","sha512":"53d37fcc3be95e02ef143fb2dd87f00cdfd715abc456489412b54bdacbd57be2b409c8206d546c6ed580ede0781e8486e84208418d31eb425970e8f55cbb23ff","ssdeep":"","tlshash":"545000c300c03000c00000000c0003000030f0f0300c003300000ccfc000000c000003","first_seen":"2023-04-12T22:32:41Z","last_seen":"2026-03-27T13:18:11.077251Z","times_seen":354,"resource_available":true,"data":null}},"time_used":373,"timings":{"blocked":124,"dns":1,"connect":124,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-03T14:53:08Z","timestamp":1772549588,"ip_dst":{"addr":"172.240.212.134","port":80,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.41","port":59384,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-03-03T14:53:08.785909+0000\",\"flow_id\":530063218193429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":59384,\"dest_ip\":\"172.240.212.134\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"satinayapii.top\",\"url\":\"/cuid/?f=http://spotidownloader.com\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":400,\"length\":11},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":706,\"bytes_toclient\":406,\"start\":\"2026-03-03T14:53:08.537621+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"satinayapii.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"satinayapii.top/favicon.ico","fqdn":"satinayapii.top","domain":"satinayapii.top","tld":"top"},"ip":{"addr":"172.240.212.134","port":80,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://satinayapii.top/cuid/?f=http://spotidownloader.com","date":"2026-03-03T14:53:08.891Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: satinayapii.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://satinayapii.top/cuid/?f=http://spotidownloader.com\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 14:53:08 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 1406\r\nLast-Modified: Tue, 03 Mar 2026 14:02:49 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=10\r\nETag: \"69a6ea09-57e\"\r\nExpires: Wed, 04 Mar 2026 14:53:08 GMT\r\nCache-Control: max-age=86400\r\nStrict-Transport-Security: max-age=1\r\nX-Content-Type-Options: nosniff\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1406,"size_decoded":0,"mime_type":"application/octet-stream","magic":"MS Windows icon resource - 1 icon, 16x16","md5":"011201ab56695ce86ea2f190bce2670b","sha1":"bb8fad6accf293e619360935047c23f00da3c769","sha256":"a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e","sha512":"56d53a1219e58ad045c96dc81d71c63c0cf5a9766add778d34895fdaa7fda8dead44161ec291f0ed3d10a405322b7973b56c6b211d68a8d82a8510b5b7c0456c","ssdeep":"","tlshash":"71210082bb20c02cc82c0b300802eba82388f00ac8e8330b30c80b8e0c0008c8ef8ae0","first_seen":"2023-04-05T07:23:52Z","last_seen":"2026-04-07T03:43:57.852157Z","times_seen":19416,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"satinayapii.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"satinayapii.top/cuid/?f=https://spotidownloader.com","fqdn":"satinayapii.top","domain":"satinayapii.top","tld":"top"},"ip":{"addr":"172.240.212.134","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-03T14:53:08.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"satinayapii.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 10 Jan 2026 22:46:57 GMT","end":"Fri, 10 Apr 2026 22:46:56 GMT"},"fingerprint":{"sha1":"22:15:A5:79:FC:6A:13:06:99:B2:48:43:44:87:89:4F:09:4A:C0:03","sha256":"84:4A:55:E7:E3:84:5F:83:A6:EE:65:EE:44:D2:D8:D1:F8:83:9E:10:8D:5B:C7:31:CA:2B:B3:CC:5C:72:20:B8"}}},"request":{"raw":"GET /cuid/?f=https://spotidownloader.com HTTP/1.1\r\nHost: satinayapii.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 Bad Request\r\nserver: nginx\r\ndate: Tue, 03 Mar 2026 14:53:08 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 11\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"0fc30646d5cf22910283967bf24ebf66","sha1":"70437a30a79f0032756805765a65aa52d05281d2","sha256":"917ef22f94f460141928531e1945453e29d89dcd58e3383c2b3ba0e2e19eb0d7","sha512":"53d37fcc3be95e02ef143fb2dd87f00cdfd715abc456489412b54bdacbd57be2b409c8206d546c6ed580ede0781e8486e84208418d31eb425970e8f55cbb23ff","ssdeep":"","tlshash":"545000c300c03000c00000000c0003000030f0f0300c003300000ccfc000000c000003","first_seen":"2023-04-12T22:32:41Z","last_seen":"2026-03-27T13:18:11.077251Z","times_seen":354,"resource_available":true,"data":null}},"time_used":710,"timings":{"blocked":292,"dns":38,"connect":124,"send":0,"wait":124,"receive":0,"ssl":128},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"satinayapii.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}