{"report_id":"ba0c44a4-a7c7-462c-a07f-002ad63f8c03","version":6,"status":"done","tags":[],"date":"2025-10-13T23:44:47Z","url":{"schema":"http","addr":"files.prodkeys.net/ProdKeys.NET-v20.4.0.zip","fqdn":"files.prodkeys.net","domain":"prodkeys.net","tld":"net"},"ip":{"addr":"172.67.213.110","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"http","addr":"files.prodkeys.net/ProdKeys.NET-v20.4.0.zip","fqdn":"files.prodkeys.net","domain":"prodkeys.net","tld":"net"},"ip":{"addr":"172.67.213.110","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-17T23:44:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"files.prodkeys.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"files.prodkeys.net","ip":{"addr":"172.67.213.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-11-27","domain_rank":0,"first_seen":"2022-12-19T07:27:11Z","last_seen":"2025-09-07T03:32:18.356146Z","alert_count":1,"request_count":1,"received_data":7885,"sent_data":511,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"7e47fff65b0294516fd00d5c89e41284","sha1":"fa193f3ff744574706caf885342a2ffbce697f89","sha256":"86e45e5a6274c9afa232fee9cf2192d8711433d04f36f57189d8258ed962cd02","sha512":"ad376e77d836ab26d7b29df5ba474787894e902713ce2cad7c21078151c8142aa2d08f90f08a347430474fbac507b291e71fddbbd607e18dc05f11ef2448314c","magic":"Zip archive data, at least v1.0 to extract, compression method=store","size":7213,"url":{"schema":"https","addr":"files.prodkeys.net/ProdKeys.NET-v20.4.0.zip","fqdn":"files.prodkeys.net","domain":"prodkeys.net","tld":"net"},"ip":{"addr":"172.67.213.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"archive":[{"path":"ProdKeys.NET-v20.4.0/prod.keys","filename":"prod.keys","modified":"2025-09-10T21:20:57+05:00","Modified":"","magic":"ASCII text, with very long lines (1078)","size":13560,"md5":"8620327f0cbd4c36158b3f3dda051444","sha1":"e59cafbe53b4540e14f128509d648dd1c6d39235","sha256":"ad663997a614b127561fbb0c6ef617d08f441033cfeac1113ca3dd30166f2374","sha512":"494bd3c3c9c41192fe40e4a1993e231b82cf24ef3f0364398b74d306be2b5e6fbad32f938dec52311755a371153b6d6695cd34aec46b20c5d38cc5d0f780f192","alerts":{"urlquery":null,"analyzer":null}},{"path":"ProdKeys.NET-v20.4.0/title.keys","filename":"title.keys","modified":"2025-09-10T21:20:41+05:00","Modified":"","magic":"ASCII text","size":1224,"md5":"f65367650f88124362922994b78ede77","sha1":"bfee8e708dc4c8f27bfe51a12d57caaa0b7f74de","sha256":"3ed66f7e82df79922739c6c2d34de90bc36a48d13acdff24f9d51013bd8c0677","sha512":"1ac7b4560bba09f033e4197c1aa23fd80ff8eb2f4aa7c6429e6be523dcaa85590839a3a4fd678a49006b5e628c807ab2bb9eee671c73db11d3561dbdda9e02f3","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":null}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"files.prodkeys.net/ProdKeys.NET-v20.4.0.zip","fqdn":"files.prodkeys.net","domain":"prodkeys.net","tld":"net"},"ip":{"addr":"172.67.213.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-13T23:44:24.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3807bbc2.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 28 Sep 2025 12:16:13 GMT","end":"Sat, 27 Dec 2025 13:16:08 GMT"},"fingerprint":{"sha1":"F9:CA:05:E8:83:8B:65:9E:D8:FF:93:53:26:B1:1F:81:F8:B9:B0:BD","sha256":"E5:6C:5F:45:F0:DA:8B:77:C8:13:A9:7F:A8:50:9C:FD:DE:E6:24:D2:BB:83:5F:6B:72:D8:46:60:55:46:7C:4B"}}},"request":{"raw":"GET /ProdKeys.NET-v20.4.0.zip HTTP/1.1\r\nHost: files.prodkeys.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 23:44:24 GMT\r\ncontent-type: application/zip\r\ncontent-length: 7213\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZLCc8AMZQECjN2n13%2BoibyHZrpJpcjLfhD2jY%2FHdaOxo75pUiOu4iAo7Zw%2BVGLqQFeiiNs0Ag0X0yBsxfkkamstMNaxlJvNQaHZhVLf02pc%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"7e47fff65b0294516fd00d5c89e41284\"\r\nlast-modified: Mon, 13 Oct 2025 21:58:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 5848\r\ncache-control: max-age=14400\r\ncf-ray: 98e2b46a9a7b0b55-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7213,"size_decoded":0,"mime_type":"application/zip","magic":"Zip archive data, at least v1.0 to extract, compression method=store","md5":"7e47fff65b0294516fd00d5c89e41284","sha1":"fa193f3ff744574706caf885342a2ffbce697f89","sha256":"86e45e5a6274c9afa232fee9cf2192d8711433d04f36f57189d8258ed962cd02","sha512":"ad376e77d836ab26d7b29df5ba474787894e902713ce2cad7c21078151c8142aa2d08f90f08a347430474fbac507b291e71fddbbd607e18dc05f11ef2448314c","ssdeep":"192:EK3rXNOLFMVV7j+hDKlXWS61W6gN7eI0sj0Df:n3RA2jkKhr61W6gj0sj0T","tlshash":"92e1af9982d547e3e22405ba895d4993ec7995f4e464fd22c09cc3e6fcc05f3c39ac2a","first_seen":"2025-10-13T23:44:48.137907Z","last_seen":"2025-10-13T23:44:48.137907Z","times_seen":1,"resource_available":false,"data":null}},"time_used":345,"timings":{"blocked":164,"dns":15,"connect":2,"send":0,"wait":14,"receive":1,"ssl":145},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"files.prodkeys.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}