{"report_id":"a9d02658-44ef-4176-bb7b-bf39df927149","version":0,"status":"done","tags":[],"date":"2026-06-17T14:48:32Z","url":{"schema":"http","addr":"btcdirectdesktop.com","fqdn":"btcdirectdesktop.com","domain":"btcdirectdesktop.com","tld":"com"},"ip":{"addr":"91.92.241.250","port":0,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"btcdirectdesktop.com/","fqdn":"btcdirectdesktop.com","domain":"btcdirectdesktop.com","tld":"com"},"title":"BTC Direct Desktop App – Download","dom":{"size":54596,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (517)","md5":"d5e4f56f08f119611b97c94fd32a51a1","sha1":"79e6776297e081a1ed24929691576ef5b840525c","sha256":"df4fb03ead626e2491eb4b771b5f27c7c126be10edcce35fea69e85f93d20f66","sha512":"7c78b3bbd811925171ae6d11954c6d5e213739433c8b05904649ffdcb8c4ad82ca1dba80af01faf27926f0500c72e79c8e4c0aa5a41272a4ab37c6bdae4e1241","ssdeep":"768:SJgevyDeU7BHUbJVyvg4elkxDOPkwO+f1yrP:SJceU7BHUtVyvg4eorwO+f1cP","tlshash":"7233647655a314267853cd5cab352f562265f003f10ac6187aec32e88fee9d8dc636bc","dom_hash":"domhash0e9c6c2bfd5ad9bd7151f42c40a90b59","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"btcdirectdesktop.com","fqdn":"btcdirectdesktop.com","domain":"btcdirectdesktop.com","tld":"com"},"ip":{"addr":"91.92.241.250","port":0,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T14:48:32Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"btcdirectdesktop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"btcdirectdesktop.com","ip":{"addr":"91.92.241.250","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"domain_registered":"2026-06-15","domain_rank":0,"first_seen":"2026-06-16T07:41:06.39071Z","last_seen":"2026-06-16T07:41:06.39071Z","alert_count":1,"request_count":1,"received_data":54592,"sent_data":489,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"btcdirectdesktop.com/","fqdn":"btcdirectdesktop.com","domain":"btcdirectdesktop.com","tld":"com"},"ip":{"addr":"91.92.241.250","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"3056bd1cda0d8fe35fd8adc40e12dcd5","sha1":"275996b466e2de19a4d147db7a9489af4fc7e83b","sha256":"bda4a634c71e422f4c9962ea1c9c0425b891e5460861bfaf9f5e6b76cfd279f3","sha512":"bf8f49abad32cbdb4b1645805893232b5f67b0e093f9b316f5d013b28572e1d8dd9f76aa1ace14e9bff0f2f73d853a7c72acda47e5de83ecf3be8cce533ceb09","ssdeep":"","tlshash":"fa611c3abca31870b567e03e93af9359796630073a02ca80789cf4550fdcd9461b6ef4","size":3328,"data":"","first_seen":"2026-06-17T14:48:33.408656Z","last_seen":"2026-06-17T14:48:33.408656Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"btcdirectdesktop.com/","fqdn":"btcdirectdesktop.com","domain":"btcdirectdesktop.com","tld":"com"},"ip":{"addr":"91.92.241.250","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T14:48:09.412Z","timestamp":1781707689412,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcdirectdesktop.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Jun 2026 12:20:19 GMT","end":"Sun, 13 Sep 2026 12:20:18 GMT"},"fingerprint":{"sha1":"53:E3:4D:67:D8:CB:A0:0E:A3:6D:00:BF:95:BA:15:F9:26:40:D7:D6","sha256":"F5:E6:9A:81:F5:4D:72:52:48:9F:1F:3D:D5:78:EB:DB:2B:60:0C:92:28:A6:EA:5B:22:A8:09:65:BE:07:FE:19"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: btcdirectdesktop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nalt-svc: h3=\":443\"; ma=2592000\r\ncontent-encoding: zstd\r\ncontent-type: text/html\r\ndate: Wed, 17 Jun 2026 14:48:09 GMT\r\netag: \"6a2ffb9c-d435\"\r\nlast-modified: Mon, 15 Jun 2026 13:18:20 GMT\r\nserver: nginx/1.31.1\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54325,"size_decoded":13694,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (511)","md5":"a096b4aa62cc5c0093ca90a9b053cf39","sha1":"68d34076c80f86610f94128291fb9514a294f08f","sha256":"e431ff9d99f107d0e02d027d81b54b7f766171617e38dc7d88b5fcf299722275","sha512":"47f9b2e987919c738acc6e2784d71b1d583fffd730a149283ed3598baef61afffa3ec36acdd85886ff5aea80cf8d052561dfbf26f867d80e6b0f8338af25803d","ssdeep":"768:1cgevyDeX7YglSJ/T093PsW4G5PuhDcfXyQX:1cceX7Yglw/T093Pq3hDcfXPX","tlshash":"de33547655a700297853cc6cab351f562265f003f50ac6187aec32e88fee9d9dc636bc","first_seen":"2026-06-17T14:48:33.407809Z","last_seen":"2026-06-17T14:48:33.407809Z","times_seen":1,"resource_available":true,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":73,"connect":59,"send":0,"wait":65,"receive":0,"ssl":102},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"btcdirectdesktop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}