{"report_id":"75a84304-767a-4d83-8259-541171373c1b","version":6,"status":"done","tags":[],"date":"2023-08-17T17:20:15Z","url":{"schema":"http","addr":"133.18.65.41/","fqdn":"133.18.65.41","domain":"133.18.65.41","tld":""},"ip":{"addr":"133.18.65.41","port":0,"asn":24282,"as":"KAGOYA JAPAN Inc.","country":"Japan","country_code":"JP"},"final":{"url":{"schema":"http","addr":"133.18.65.41/","fqdn":"133.18.65.41","domain":"133.18.65.41","tld":"41"},"title":"アクセス権限がありません"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-28T08:50:58Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"133.18.65.41","ip":{"addr":"133.18.65.41","port":80,"asn":24282,"as":"KAGOYA JAPAN Inc.","country":"Japan","country_code":"JP"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2016-11-28 00:48:24","last_seen":"2023-08-17 18:59:46","alert_count":2,"request_count":2,"received_data":1592,"sent_data":722,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-17","alert":"Sinkholed","trigger":"133.18.65.41","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-17","alert":"Sinkholed","trigger":"133.18.65.41","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"133.18.65.41/","fqdn":"133.18.65.41","domain":"133.18.65.41","tld":"41"},"ip":{"addr":"133.18.65.41","port":80,"asn":24282,"as":"KAGOYA JAPAN Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-08-17T17:19:53.018Z","timestamp":1692292793018,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 133.18.65.41\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Thu, 17 Aug 2023 17:19:59 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 26 Mar 2014 02:45:29 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 574\r\nMS-Author-Via: DAV\r\nConnection: close\r\nContent-Type: text/html\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":574,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document, Unicode text, UTF-8 text","md5":"980610540f873d8a5463115d3a363a5b","sha1":"7c4f8f3c2b98d5bd99493e25b698fd4c0ff690ba","sha256":"5cad391ce12faa0117fb8556b091afc9a62689c5f21c12238977bd90d45f912f","sha512":"51086b1cbe638cf53c3120d27f5f1aaa7a1c5f6a171ba4b762c67df1db53ec151d00c3324705a86963e765b9dcb0df26a9c55b6d94b5327a62a29c1d4be8bf3f","ssdeep":"","tlshash":"a6f08b75a4f7a417e3908a14480a5391bd93fc0bd845ae32e16c10bc1ae4600d1ab7b8","first_seen":"2023-06-28T17:13:10Z","last_seen":"2025-10-21T08:18:51.08903Z","times_seen":7,"resource_available":false,"data":null}},"time_used":738,"timings":{"blocked":229,"dns":0,"connect":254,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-17","alert":"Sinkholed","trigger":"133.18.65.41","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"133.18.65.41/favicon.ico","fqdn":"133.18.65.41","domain":"133.18.65.41","tld":"41"},"ip":{"addr":"133.18.65.41","port":80,"asn":24282,"as":"KAGOYA JAPAN Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://133.18.65.41/","date":"2023-08-17T17:19:53.693Z","timestamp":1692292793693,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 133.18.65.41\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://133.18.65.41/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 17 Aug 2023 17:19:59 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 26 Mar 2014 02:45:29 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 558\r\nMS-Author-Via: DAV\r\nConnection: close\r\nContent-Type: text/html\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":558,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document, Unicode text, UTF-8 text","md5":"ff648db89106b564a7d809da5e660ec3","sha1":"1467a52cdfc879ec52a4ee1bb23b24bd94651d22","sha256":"743630291d28048e80a685c67eda488c8cbc3e592789674c515ddb6017e61085","sha512":"bcde70dc8192a5f7e937240baf1b8b706c191f36bd18190191f1cb0584882cd597d0d25e82f3a393f314a7bdb2fe102ca1fd6a44f7b69f5c12519e4b4c995249","ssdeep":"","tlshash":"5ff0c0b8a1db6c97d350c9009c2c21a0bd55fc0bd9458d32f06d40b92eec600d26bbbc","first_seen":"2023-06-28T17:13:10Z","last_seen":"2025-10-21T08:18:51.089811Z","times_seen":10,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":254,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-17","alert":"Sinkholed","trigger":"133.18.65.41","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}