{"report_id":"ded7e4ec-3cff-49c3-8ae9-c86a1a4d06a0","version":6,"status":"done","tags":[],"date":"2025-07-22T08:33:46Z","url":{"schema":"http","addr":"cooptraexxon.com/temp/wEotIbaw.txt","fqdn":"cooptraexxon.com","domain":"cooptraexxon.com","tld":"com"},"ip":{"addr":"195.179.239.64","port":0,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cooptraexxon.com/temp/wEotIbaw.txt","fqdn":"cooptraexxon.com","domain":"cooptraexxon.com","tld":"com"},"title":"cooptraexxon.com/temp/wEotIbaw.txt"},"submit":{"url":{"schema":"http","addr":"cooptraexxon.com/temp/wEotIbaw.txt","fqdn":"cooptraexxon.com","domain":"cooptraexxon.com","tld":"com"},"ip":{"addr":"195.179.239.64","port":0,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-08-26T08:33:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"cooptraexxon.com","ip":{"addr":"195.179.239.64","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"domain_registered":"2001-11-12","domain_rank":0,"first_seen":"2014-10-29T21:59:14Z","last_seen":"2025-07-17T14:59:38.769568Z","alert_count":2,"request_count":2,"received_data":15450497,"sent_data":976,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-22","alert":"Sinkholed","trigger":"cooptraexxon.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cooptraexxon.com/temp/wEotIbaw.txt","fqdn":"cooptraexxon.com","domain":"cooptraexxon.com","tld":"com"},"ip":{"addr":"195.179.239.64","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-07-22T08:33:09.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cooptraexxon.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Wed, 02 Jul 2025 08:33:10 GMT","end":"Tue, 30 Sep 2025 08:33:09 GMT"},"fingerprint":{"sha1":"85:FD:59:21:F9:A8:EB:0B:A0:E7:CD:85:F7:A3:BC:88:1F:9B:63:37","sha256":"B1:1F:8C:CD:6E:54:A2:21:D1:D8:52:CA:98:81:F5:12:DD:83:75:6B:39:A3:EB:CD:C1:32:0F:35:12:E4:27:B6"}}},"request":{"raw":"GET /temp/wEotIbaw.txt HTTP/1.1\r\nHost: cooptraexxon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/plain\r\nlast-modified: Fri, 21 Mar 2025 18:58:19 GMT\r\netag: \"ebab9e-67ddb6cb-fd5235c3f3bf91a1;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 22 Jul 2025 08:33:09 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15444894,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (1000), with no line terminators","md5":"4c24b6c69ccfc98c8745f5dcdb89f28d","sha1":"e35e9ffec7c58815df2f1c465992021855b1bab1","sha256":"d45264fbddb6409e853da618272ede8a9888b9a9978855c39ae8d755d7d1c1e8","sha512":"4809c4f9c35901518e7115d24a14372040f9f2a5a42fae6a15389f8c59397bfeaab912e54e47f0916b8a7aba1120f29df5db6bc83e7ee6e4b9ceb523e4157320","ssdeep":"","tlshash":"75118b952e8ce8648b9f5414408f8e47e70e962e175f884197df2e4a2877c28327d8c0","first_seen":"2025-04-02T17:18:15.818123Z","last_seen":"2025-07-22T08:33:46.966098Z","times_seen":3,"resource_available":false,"data":null}},"time_used":694,"timings":{"blocked":292,"dns":57,"connect":109,"send":0,"wait":110,"receive":0,"ssl":122},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-22","alert":"Sinkholed","trigger":"cooptraexxon.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cooptraexxon.com/favicon.ico","fqdn":"cooptraexxon.com","domain":"cooptraexxon.com","tld":"com"},"ip":{"addr":"195.179.239.64","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://cooptraexxon.com/temp/wEotIbaw.txt","date":"2025-07-22T08:33:11.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cooptraexxon.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Wed, 02 Jul 2025 08:33:10 GMT","end":"Tue, 30 Sep 2025 08:33:09 GMT"},"fingerprint":{"sha1":"85:FD:59:21:F9:A8:EB:0B:A0:E7:CD:85:F7:A3:BC:88:1F:9B:63:37","sha256":"B1:1F:8C:CD:6E:54:A2:21:D1:D8:52:CA:98:81:F5:12:DD:83:75:6B:39:A3:EB:CD:C1:32:0F:35:12:E4:27:B6"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cooptraexxon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cooptraexxon.com/temp/wEotIbaw.txt\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html\r\nlast-modified: Tue, 22 Apr 2025 07:57:10 GMT\r\netag: \"119f-68074bd6-94b084848877d4bb;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1626\r\ndate: Tue, 22 Jul 2025 08:33:11 GMT\r\nserver: LiteSpeed\r\ncontent-security-policy: upgrade-insecure-requests\r\nplatform: hostinger\r\npanel: hpanel\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":4511,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (371)","md5":"b16e9097fc7d3af8ebfcfce7aba0a42d","sha1":"2af3c8408b8445fe81d9a7c8d7cc8e8a05bf80f5","sha256":"e7db95c97a5d45787cc3e40cbcb93b748fefc65bc14e162c746e37f979861729","sha512":"53a7a2c276fbc5159231c162eb863504448515f1a078832b81f1bffeedb1c82932810b66748fd4111d1b8fb866622a5cc63e79e497227b611c90886ba45d3f3b","ssdeep":"96:tr+ulojsBwJG8YqVcqHL/GSrrLc1VhrJuzeK:tyoasBwJG8nVjaSeVhrJgeK","tlshash":"0891f88f25f381452603c99037f9b61499554007f685eca8bdee9228cfc4b8a41e3bdc","first_seen":"2025-04-22T08:45:29.599713Z","last_seen":"2026-06-11T03:04:12.122414Z","times_seen":34016,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-22","alert":"Sinkholed","trigger":"cooptraexxon.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}