{"report_id":"dc09c324-5d7d-42e2-8eb3-840b75819d7c","version":6,"status":"done","tags":[],"date":"2026-03-03T12:33:55Z","url":{"schema":"http","addr":"admin.phantom-bot.com","fqdn":"admin.phantom-bot.com","domain":"phantom-bot.com","tld":"com"},"ip":{"addr":"46.225.79.240","port":0,"asn":0,"as":"","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"admin.phantom-bot.com/login.html","fqdn":"admin.phantom-bot.com","domain":"phantom-bot.com","tld":"com"},"title":"Phantom | Admin Login","dom":{"size":4062,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"25f28e62974e45671fdc25fe372dd896","sha1":"47930c668b995ccac10efca6cac08cb0b5c1b8ed","sha256":"83d15ca0d5adc66228bebb1186626ed88d8c582c4cd92470776b9b1178bf8caa","sha512":"eb0090978a6eef2e241b27f5278a986512e21a52585f796a042760ae7e571855bc0e16fc732b83a9d3af5df49561f5860094d6631df70904fe535b8364f07252","ssdeep":"","tlshash":"1c817296b8a308626b13e6643bf787473264d0135609dd697fcc6248df8779988e378c","dom_hash":"domhash051dd9ce1dcf0d9564c3149926363de1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"admin.phantom-bot.com","fqdn":"admin.phantom-bot.com","domain":"phantom-bot.com","tld":"com"},"ip":{"addr":"46.225.79.240","port":0,"asn":0,"as":"","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-07T12:33:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"admin.phantom-bot.com","ip":{"addr":"46.225.79.240","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"domain_registered":"2026-03-02","domain_rank":0,"first_seen":"2026-03-03T12:33:55.953835Z","last_seen":"2026-03-03T12:33:55.953835Z","alert_count":0,"request_count":3,"received_data":9050,"sent_data":1449,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"admin.phantom-bot.com/login.html","fqdn":"admin.phantom-bot.com","domain":"phantom-bot.com","tld":"com"},"ip":{"addr":"46.225.79.240","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"3721dab3439d6f38906358162c889c40","sha1":"80f15d2911eaf257648973a162fda46bb4b90fc6","sha256":"5bf68a290570aabc754300dce9ed930a52006356f6dd92db7a5849d07b040240","sha512":"4e0cdabbe01e017c5683ede5bcc121a317eee8bd30d0adf12a5ff32223e67357199fc44d927423558321735023db21ec4c4e83d63dd68466b76ae6fc25cc0bbb","ssdeep":"","tlshash":"8221af8b70772d718f9fae9d5b6b4642323080176806cd44b95c82056fa6a4a14f7b9e","size":1142,"data":"","first_seen":"2026-03-03T12:33:59.080423Z","last_seen":"2026-03-03T13:26:22.990729Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"admin.phantom-bot.com/favicon.ico","fqdn":"admin.phantom-bot.com","domain":"phantom-bot.com","tld":"com"},"ip":{"addr":"46.225.79.240","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://admin.phantom-bot.com/login.html","date":"2026-03-03T12:33:34.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phantom-bot.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 09:45:01 GMT","end":"Mon, 01 Jun 2026 09:45:00 GMT"},"fingerprint":{"sha1":"13:C4:AF:C3:DB:5A:62:64:66:CE:AC:D4:D0:1D:8A:99:F7:67:DD:2C","sha256":"33:8B:8F:40:9B:7D:D7:21:02:4C:92:51:ED:4C:64:E9:22:D0:F8:41:23:29:C7:75:42:10:D5:32:17:4A:B6:F0"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: admin.phantom-bot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://admin.phantom-bot.com/login.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 03 Mar 2026 12:33:34 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"admin.phantom-bot.com/","fqdn":"admin.phantom-bot.com","domain":"phantom-bot.com","tld":"com"},"ip":{"addr":"46.225.79.240","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-03T12:33:34.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phantom-bot.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 09:45:01 GMT","end":"Mon, 01 Jun 2026 09:45:00 GMT"},"fingerprint":{"sha1":"13:C4:AF:C3:DB:5A:62:64:66:CE:AC:D4:D0:1D:8A:99:F7:67:DD:2C","sha256":"33:8B:8F:40:9B:7D:D7:21:02:4C:92:51:ED:4C:64:E9:22:D0:F8:41:23:29:C7:75:42:10:D5:32:17:4A:B6:F0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: admin.phantom-bot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 03 Mar 2026 12:33:34 GMT\r\nContent-Type: text/html\r\nContent-Length: 178\r\nConnection: keep-alive\r\nLocation: https://admin.phantom-bot.com/login.html\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4215,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":73,"dns":6,"connect":26,"send":0,"wait":26,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"admin.phantom-bot.com/login.html","fqdn":"admin.phantom-bot.com","domain":"phantom-bot.com","tld":"com"},"ip":{"addr":"46.225.79.240","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-03T12:33:34.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phantom-bot.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 09:45:01 GMT","end":"Mon, 01 Jun 2026 09:45:00 GMT"},"fingerprint":{"sha1":"13:C4:AF:C3:DB:5A:62:64:66:CE:AC:D4:D0:1D:8A:99:F7:67:DD:2C","sha256":"33:8B:8F:40:9B:7D:D7:21:02:4C:92:51:ED:4C:64:E9:22:D0:F8:41:23:29:C7:75:42:10:D5:32:17:4A:B6:F0"}}},"request":{"raw":"GET /login.html HTTP/1.1\r\nHost: admin.phantom-bot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 03 Mar 2026 12:33:34 GMT\r\nContent-Type: text/html\r\nLast-Modified: Fri, 27 Feb 2026 11:07:03 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69a17ad7-1077\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4215,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"ea680c5913ce9b6f0605038e97057613","sha1":"3a7f7abd8098c14200e557c1e277037632baf2f9","sha256":"37411c0e33ea5e9e029f47361eafd0eca6924b09e67e27e742cc9421824d98f6","sha512":"25de1ab7eb388b4833579afee93303b6b7dd96b90fd46a676e473f63e496626acef7cdfc7597aac14ae8df5500f8c826a0fe4e4c95662f409b709d983dffa791","ssdeep":"48:tg99mDkqpVTVO8kXRLL0sAts9P3TvDtwwH+V5INZcdhxyGEbovigz1+3Gw4dYidf:e8TVO1FAvtsp7pwaOjUovi81qjiJ","tlshash":"ae91b115f44218625633e3686bb3834afb609023474182aa7fdc62069fb769885e3fcc","first_seen":"2026-03-03T12:33:59.079227Z","last_seen":"2026-03-03T13:26:22.990036Z","times_seen":2,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}