{"report_id":"90ba8a0b-3fce-47cf-918b-abda8b35ae5d","version":6,"status":"done","tags":[],"date":"2025-10-22T16:23:33Z","url":{"schema":"https","addr":"searchapi.dnnl.live/consulta?token_api=5765\u0026cpf=$70554359006","fqdn":"searchapi.dnnl.live","domain":"dnnl.live","tld":"live"},"ip":{"addr":"3.138.169.182","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"searchapi.dnnl.live/consulta?token_api=5765\u0026cpf=$70554359006","fqdn":"searchapi.dnnl.live","domain":"dnnl.live","tld":"live"},"title":"searchapi.dnnl.live/consulta?token_api=5765\u0026cpf=$70554359006"},"submit":{"url":{"schema":"https","addr":"searchapi.dnnl.live/consulta?token_api=5765\u0026cpf=$70554359006","fqdn":"searchapi.dnnl.live","domain":"dnnl.live","tld":"live"},"ip":{"addr":"3.138.169.182","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-26T16:23:33Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"searchapi.dnnl.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"searchapi.dnnl.live","ip":{"addr":"3.138.169.182","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2024-10-02","domain_rank":0,"first_seen":"2025-10-22T16:15:46.548805Z","last_seen":"2025-10-22T16:15:46.548805Z","alert_count":1,"request_count":1,"received_data":265,"sent_data":528,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"searchapi.dnnl.live/consulta?token_api=5765\u0026cpf=$70554359006","fqdn":"searchapi.dnnl.live","domain":"dnnl.live","tld":"live"},"ip":{"addr":"3.138.169.182","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-22T16:23:12.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"searchapi.dnnl.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Sep 2025 03:55:46 GMT","end":"Sun, 30 Nov 2025 03:55:45 GMT"},"fingerprint":{"sha1":"A9:2F:47:EC:16:A5:8A:A4:C8:DB:BA:0D:C8:C7:6A:F2:11:F6:E4:B8","sha256":"95:A5:25:6A:FA:88:80:2B:75:EB:D4:45:C6:38:19:B0:F4:F1:75:A9:BC:0F:35:45:3B:72:70:B1:E9:38:E4:05"}}},"request":{"raw":"GET /consulta?token_api=5765\u0026cpf=$70554359006 HTTP/1.1\r\nHost: searchapi.dnnl.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 401 UNAUTHORIZED\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 22 Oct 2025 16:23:12 GMT\r\nContent-Type: application/json\r\nContent-Length: 60\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"UNAUTHORIZED","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":60,"size_decoded":0,"mime_type":"application/vnd.mozilla.json.view","magic":"JSON text data","md5":"b2e5fe6abcd6fa9c778a08f4835db1d3","sha1":"bd141f2800c22efba20c7d48fcc451c43fa0b589","sha256":"7915de8bafd15a9ed35735a007f11e2fbd53e52b4a142591ab4b748a761a246f","sha512":"ed398ed298851ab2266f706f501b0024190a53f51d1773a80a8e256163cc0defd881f7ef6d13a79074911893d1f336014d486118c2c00a4c9a7d898b8fa8980d","ssdeep":"","tlshash":"d3a002602f7074331ce125527cf8bf619d62045950ad50d51a9dc0f359819417827214","first_seen":"2025-10-22T16:15:47.83301Z","last_seen":"2025-10-22T16:23:33.926911Z","times_seen":2,"resource_available":false,"data":null}},"time_used":889,"timings":{"blocked":278,"dns":63,"connect":105,"send":0,"wait":326,"receive":0,"ssl":114},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"searchapi.dnnl.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}