{"report_id":"9490bbc7-8842-4b02-a0e0-dddc8741c240","version":6,"status":"done","tags":[],"date":"2025-06-18T18:52:17Z","url":{"schema":"https","addr":"assets.adobedtm.com/d4d114c60e50/26178116b576/launch-4bbdd556e8d0-rules.zip","fqdn":"assets.adobedtm.com","domain":"adobedtm.com","tld":"com"},"ip":{"addr":"96.6.17.25","port":0,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-27T18:52:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"assets.adobedtm.com","ip":{"addr":"96.6.17.25","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"domain_registered":"2013-11-22","domain_rank":512,"first_seen":"2014-01-28T04:51:35Z","last_seen":"2025-06-18T16:11:25.818695Z","alert_count":0,"request_count":1,"received_data":598,"sent_data":543,"comment":"","tags":null,"fingerprints":null}],"files":[{"md5":"248f77d85f0b10ea893f080eee60e165","sha1":"ff16f85f800013c30203934f6b44cdfd29765985","sha256":"87ea56c317724d09e286ed5cd1af55937162626c421687d345b27de77ef89bf3","sha512":"7449801e7a78bb6fe2dade26f9126a342b61f7fa99436cc57c3a556736d8147bb86208ce9f10b18a37a67c77dbb337423646d918669915931e5bb532ed3028ba","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":160,"url":{"schema":"https","addr":"assets.adobedtm.com/d4d114c60e50/26178116b576/launch-4bbdd556e8d0-rules.zip","fqdn":"assets.adobedtm.com","domain":"adobedtm.com","tld":"com"},"ip":{"addr":"96.6.17.25","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"archive":[{"path":"rules.json","filename":"rules.json","modified":"2025-05-24T07:35:30Z","Modified":"","magic":"JSON text data","size":24,"md5":"fdedf47b08be80584d16887f12ac2e68","sha1":"8f6591027fe0bba8596f6d095efdfeee2c072971","sha256":"6be6bac38f2d35217ca3cd98e36322f9e8fb6638564f5a87ff660589f6302103","sha512":"17c35fe70fc6a7bb9b3d893a955408ad6b47db865b5f8c12ac6674cf472b63ec1d0543c1f5e67ced8a5a32e77b602f1756d41dc2eec0baf56702fcae5ce7e2a2","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":null}}],"artifacts":{"windows_shortcuts":null,"files":[{"md5":"248f77d85f0b10ea893f080eee60e165","sha1":"ff16f85f800013c30203934f6b44cdfd29765985","sha256":"87ea56c317724d09e286ed5cd1af55937162626c421687d345b27de77ef89bf3","sha512":"7449801e7a78bb6fe2dade26f9126a342b61f7fa99436cc57c3a556736d8147bb86208ce9f10b18a37a67c77dbb337423646d918669915931e5bb532ed3028ba","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":160,"url":{"schema":"https","addr":"assets.adobedtm.com/d4d114c60e50/26178116b576/launch-4bbdd556e8d0-rules.zip","fqdn":"assets.adobedtm.com","domain":"adobedtm.com","tld":"com"},"ip":{"addr":"96.6.17.25","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"archive":[{"path":"rules.json","filename":"rules.json","modified":"2025-05-24T07:35:30Z","Modified":"","magic":"JSON text data","size":24,"md5":"fdedf47b08be80584d16887f12ac2e68","sha1":"8f6591027fe0bba8596f6d095efdfeee2c072971","sha256":"6be6bac38f2d35217ca3cd98e36322f9e8fb6638564f5a87ff660589f6302103","sha512":"17c35fe70fc6a7bb9b3d893a955408ad6b47db865b5f8c12ac6674cf472b63ec1d0543c1f5e67ced8a5a32e77b602f1756d41dc2eec0baf56702fcae5ce7e2a2","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":null}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2025-06-18T18:52:05Z","timestamp":1750272725,"ip_dst":{"addr":"91.208.104.10","port":80,"asn":932,"as":"XNNET","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.16","port":46464,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-06-18T18:52:05.393789+0000\",\"flow_id\":417662118479029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":46464,\"dest_ip\":\"91.208.104.10\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"118tk.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":3,\"bytes_toserver\":600,\"bytes_toclient\":206,\"start\":\"2025-06-18T18:49:25.804021+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"assets.adobedtm.com/d4d114c60e50/26178116b576/launch-4bbdd556e8d0-rules.zip","fqdn":"assets.adobedtm.com","domain":"adobedtm.com","tld":"com"},"ip":{"addr":"96.6.17.25","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-18T18:51:56.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"assets.adobedtm.com","organization":"Adobe Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 09 Jul 2024 00:00:00 GMT","end":"Sat, 09 Aug 2025 23:59:59 GMT"},"fingerprint":{"sha1":"24:B9:4C:5D:2A:33:DC:55:5D:0F:7B:A4:84:1D:8B:E5:2F:9A:41:AA","sha256":"F5:D1:6E:77:A7:6B:B5:1C:97:B6:F8:14:8F:AA:7B:62:5C:74:D8:75:DF:FF:34:47:A3:B1:0B:9C:80:4D:84:A1"}}},"request":{"raw":"GET /d4d114c60e50/26178116b576/launch-4bbdd556e8d0-rules.zip HTTP/1.1\r\nHost: assets.adobedtm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":170,"data":"-----------------------------3347749564449841488552282268\r\nContent-Disposition: form-data; name=\"q\"\r\n\r\nsafe\r\n-----------------------------3347749564449841488552282268--\r\n"}},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-length: 160\r\ncontent-type: application/zip\r\netag: \"248f77d85f0b10ea893f080eee60e165:1748072132.256347\"\r\nlast-modified: Sat, 24 May 2025 07:35:32 GMT\r\nserver: AkamaiNetStorage\r\ncache-control: max-age=3600\r\nexpires: Wed, 18 Jun 2025 19:51:56 GMT\r\ndate: Wed, 18 Jun 2025 18:51:56 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":160,"size_decoded":0,"mime_type":"application/zip","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","md5":"248f77d85f0b10ea893f080eee60e165","sha1":"ff16f85f800013c30203934f6b44cdfd29765985","sha256":"87ea56c317724d09e286ed5cd1af55937162626c421687d345b27de77ef89bf3","sha512":"7449801e7a78bb6fe2dade26f9126a342b61f7fa99436cc57c3a556736d8147bb86208ce9f10b18a37a67c77dbb337423646d918669915931e5bb532ed3028ba","ssdeep":"","tlshash":"cbc02b650c93c4f4c00b60747c4b43414ac89e624001614b1f08d1347ce3a360d00c9b","first_seen":"2025-06-18T18:52:18.342537Z","last_seen":"2025-06-18T18:52:18.342537Z","times_seen":1,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":17,"dns":1,"connect":1,"send":0,"wait":2,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}