{"report_id":"84a7f87c-f3a7-441d-8dc0-c03ed13509cc","version":6,"status":"done","tags":[],"date":"2026-03-25T14:25:53Z","url":{"schema":"http","addr":"irestore.apple.doxicora.cloud","fqdn":"irestore.apple.doxicora.cloud","domain":"doxicora.cloud","tld":"cloud"},"ip":{"addr":"159.198.32.232","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"irestore.apple.doxicora.cloud/","fqdn":"irestore.apple.doxicora.cloud","domain":"doxicora.cloud","tld":"cloud"},"title":"Apple iRestore","dom":{"size":12319,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8006)","md5":"6363ff77593a0375f0b61ea4a4d8a229","sha1":"cbe8bfb7f09fc033ab5652c87295963fad810f89","sha256":"58f25e12ffe2613ac1fb978ac24e813ce6a3f517ad8aec62147c6c9a80f3a2b2","sha512":"8e3eebde26ca11d8ea303a477723e66e08e8b56f6d33a046544f212df5f75f1ecaa624597968e14582846654ec1d0d4c0a8d22548c5de9d82453a802372a2437","ssdeep":"96:n0uEU1pXVGzMU2VpKxLtdbjW996uaOqL3ZabeAT1sJ9AgIsM1p7PFvt6kLiZC+Jz:0UXedcpUSPnBe3j9Av/xvtzbH/TNByR1","tlshash":"5342b494ba20cd1250cf2ef99732846929be131298b652dffe2487f447ee97ce633454","dom_hash":"domhashd9755a6f94eebfb2d13b37d4771a3fa0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"irestore.apple.doxicora.cloud","fqdn":"irestore.apple.doxicora.cloud","domain":"doxicora.cloud","tld":"cloud"},"ip":{"addr":"159.198.32.232","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-29T14:25:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"irestore.apple.doxicora.cloud","ip":{"addr":"159.198.32.232","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2025-06-25","domain_rank":0,"first_seen":"2026-03-25T14:25:53.907084Z","last_seen":"2026-03-25T14:25:53.907084Z","alert_count":0,"request_count":3,"received_data":12670,"sent_data":1383,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"irestore.apple.doxicora.cloud/","fqdn":"irestore.apple.doxicora.cloud","domain":"doxicora.cloud","tld":"cloud"},"ip":{"addr":"159.198.32.232","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6853fb61dfb46c2b69c2cbfd9bcc0040","sha1":"87238dd73aac0d6abecc15f90c52715aed6be311","sha256":"74af47335dc161745b13a3f8febcc519eb08893ae5dc5856aaa4f6e154e8019a","sha512":"e1def5831cf1be4cb178b3e70aaf633b22db99f2b155393cdd24fde780201d470570d1aeff673652956c68d55094515e8ff57cffae42fa23b14350c6058746ea","ssdeep":"","tlshash":"2a31145532b4453155af45e372b7be6a662b02307486e1b2f94c2ccc1fd5d80e867ec6","size":1659,"data":"","first_seen":"2026-03-25T14:25:57.006408Z","last_seen":"2026-03-25T15:09:13.242862Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"irestore.apple.doxicora.cloud/","fqdn":"irestore.apple.doxicora.cloud","domain":"doxicora.cloud","tld":"cloud"},"ip":{"addr":"159.198.32.232","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-25T14:25:32.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"irestore.apple.doxicora.cloud","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 05:16:48 GMT","end":"Tue, 09 Jun 2026 05:16:47 GMT"},"fingerprint":{"sha1":"BF:4B:66:06:EA:2B:80:FB:DC:CF:24:42:2C:14:B2:A9:D6:AD:D8:F3","sha256":"90:E7:66:21:8B:B5:4A:00:EB:D0:05:CB:B9:B6:12:9B:CC:29:05:A0:D3:5B:33:DE:DA:DC:7C:B3:6F:0C:E0:F4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: irestore.apple.doxicora.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Mar 2026 14:25:32 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 2117\r\nlast-modified: Thu, 17 Jul 2025 09:35:56 GMT\r\netag: \"110c-63a1cbc7bf700-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4364,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"c9704eee2e7a30125f4032f38e957daf","sha1":"4e07ca4c806bb2737bbef92862fe1ff41c82a18e","sha256":"dc2af2d5a15aba5a007e15367bc31c315dfcfff93307521aed3f8e90dc3c7dc4","sha512":"e9bfb208236be97652aef075a81917c236f565c67eaaa68b50113a0fc2e229a4ffde0cb43e50d3e29ea6c4597dc2a0cdbf8955d13390d7a4773c11b9231db116","ssdeep":"96:JuEU1pXVGzRqU2VpKxLtdbjW9YkLilVC+Jk/4GvFB7GRd3:JUXeVcpUSv2oH/TNByRZ","tlshash":"2e91e6a63770523228df85d2b2a3abde71265002f492d4f2fad8144cdfc5ee0a57169a","first_seen":"2026-03-25T14:25:57.004118Z","last_seen":"2026-03-25T15:09:13.239094Z","times_seen":2,"resource_available":false,"data":null}},"time_used":995,"timings":{"blocked":410,"dns":66,"connect":166,"send":0,"wait":174,"receive":0,"ssl":177},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"irestore.apple.doxicora.cloud/api/ipsw?list","fqdn":"irestore.apple.doxicora.cloud","domain":"doxicora.cloud","tld":"cloud"},"ip":{"addr":"159.198.32.232","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://irestore.apple.doxicora.cloud/","date":"2026-03-25T14:25:33.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"irestore.apple.doxicora.cloud","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 05:16:48 GMT","end":"Tue, 09 Jun 2026 05:16:47 GMT"},"fingerprint":{"sha1":"BF:4B:66:06:EA:2B:80:FB:DC:CF:24:42:2C:14:B2:A9:D6:AD:D8:F3","sha256":"90:E7:66:21:8B:B5:4A:00:EB:D0:05:CB:B9:B6:12:9B:CC:29:05:A0:D3:5B:33:DE:DA:DC:7C:B3:6F:0C:E0:F4"}}},"request":{"raw":"GET /api/ipsw?list HTTP/1.1\r\nHost: irestore.apple.doxicora.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://irestore.apple.doxicora.cloud/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Wed, 25 Mar 2026 14:25:33 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\ncontent-length: 300\r\nlocation: https://irestore.apple.doxicora.cloud/api/ipsw/?list\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3795,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T01:17:26.71202Z","times_seen":16255444,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"irestore.apple.doxicora.cloud/api/ipsw/?list","fqdn":"irestore.apple.doxicora.cloud","domain":"doxicora.cloud","tld":"cloud"},"ip":{"addr":"159.198.32.232","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://irestore.apple.doxicora.cloud/","date":"2026-03-25T14:25:33.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"irestore.apple.doxicora.cloud","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 05:16:48 GMT","end":"Tue, 09 Jun 2026 05:16:47 GMT"},"fingerprint":{"sha1":"BF:4B:66:06:EA:2B:80:FB:DC:CF:24:42:2C:14:B2:A9:D6:AD:D8:F3","sha256":"90:E7:66:21:8B:B5:4A:00:EB:D0:05:CB:B9:B6:12:9B:CC:29:05:A0:D3:5B:33:DE:DA:DC:7C:B3:6F:0C:E0:F4"}}},"request":{"raw":"GET /api/ipsw/?list HTTP/1.1\r\nHost: irestore.apple.doxicora.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://irestore.apple.doxicora.cloud/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Mar 2026 14:25:33 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3795,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"acc7b233c7d1452442683fb6f473bca1","sha1":"00ebb9037c9154cda617d30d9b66d4a51feee3da","sha256":"681c1580d459154dfa1342b75967481adc976f710fa73c02237d5f9260f95125","sha512":"f119c12d03db9a1040062f40104a123f312d543a1c9d900697b422c64a2d636dc0ac59e68024edd808bc029cb04993eb5bebbf4bf59f7b1bd6f973b7012bf380","ssdeep":"","tlshash":"f87121d2eb616e8491164a35bcc58c01781099339caeb0877f8c0b4e8ffc46f6836b9d","first_seen":"2026-03-25T14:25:57.005498Z","last_seen":"2026-03-25T15:09:13.23685Z","times_seen":2,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":346,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}