{"report_id":"df28d24a-da9e-4ff2-b7b5-3ac9b1d941ec","version":0,"status":"done","tags":[],"date":"2026-06-16T08:56:54Z","url":{"schema":"http","addr":"mods.nemesis-mods.in/snowbreak/Crasheye64.dll","fqdn":"mods.nemesis-mods.in","domain":"nemesis-mods.in","tld":"in"},"ip":{"addr":"104.21.42.79","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"New Private Tab","dom":{"size":4247,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"169643c2d0dd39a391f32eb12c1643dc","sha1":"ee743baba706d27181602a6b38f1e8a80dde52b9","sha256":"01575bdee7658426bfc1016461fb0760ba9da5f6afb6a1f6039a89eb3979cece","sha512":"3ce172cee23326c1a725e5de668e71ed8918eb4627aba75b88619f5c3c097abf5c80519f171238ed31d3c151fba97ff3c81c3a920a8c07aebd65819393ad37b7","ssdeep":"96:DJFs1Bx13gb61j1l047gx10UFZV4jl22D+i8kDNLeOl:H61rpEmULV4jM2D+z0sI","tlshash":"be9150a544f5663b18a386a9e9d07f47af817607ce8d29407baf00e31f87d54886f20c","dom_hash":"domhashe55c5b0a9b0c37e90d2a11b31f2bc448","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"mods.nemesis-mods.in/snowbreak/Crasheye64.dll","fqdn":"mods.nemesis-mods.in","domain":"nemesis-mods.in","tld":"in"},"ip":{"addr":"104.21.42.79","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-21T08:56:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-16","alert":"Sinkholed","trigger":"mods.nemesis-mods.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"mods.nemesis-mods.in","ip":{"addr":"104.21.42.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-16T08:56:54.854438Z","last_seen":"2026-06-16T08:56:54.854438Z","alert_count":1,"request_count":1,"received_data":13083902,"sent_data":513,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"c27ac1ae0c068488b3a757037b7acccb","sha1":"23c88324bd5a36f849442c26edb51c00c0aa2707","sha256":"457470809f7ed8980a66cb71cdf3fa0923182e77ac86ae591bdc64893ea36d6b","sha512":"27cb4cbb258c665e860d52cfdf3ce151ab22fd8562051fd41adc83eeabc5adc8537cce92cb82061890c7873a9aa4b8dd76328ad5caf3adb07d7fba20f2f1436e","magic":"PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 9 sections","size":13083136,"url":{"schema":"https","addr":"mods.nemesis-mods.in/snowbreak/Crasheye64.dll","fqdn":"mods.nemesis-mods.in","domain":"nemesis-mods.in","tld":"in"},"ip":{"addr":"104.21.42.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"archive":null,"alerts":{"urlquery":null,"analyzer":null}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"mods.nemesis-mods.in/snowbreak/Crasheye64.dll","fqdn":"mods.nemesis-mods.in","domain":"nemesis-mods.in","tld":"in"},"ip":{"addr":"104.21.42.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-16T08:56:28.619Z","timestamp":1781600188619,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"929d3839.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Apr 2026 16:55:49 GMT","end":"Sat, 25 Jul 2026 17:55:37 GMT"},"fingerprint":{"sha1":"B8:1C:C9:8B:DA:73:94:38:E4:A3:DC:26:92:5A:34:33:3D:AF:E0:B5","sha256":"51:15:68:58:0C:7C:A7:C5:38:EB:C8:F0:1C:5F:06:57:E7:00:BF:19:9A:0E:F4:0E:35:44:76:57:C5:F3:1A:84"}}},"request":{"raw":"GET /snowbreak/Crasheye64.dll HTTP/1.1\r\nHost: mods.nemesis-mods.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Tue, 16 Jun 2026 08:56:29 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 13083136\r\naccept-ranges: bytes\r\netag: \"ebd5aa2d842c97a680267116115e3c42\"\r\nlast-modified: Sun, 01 Mar 2026 14:30:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=7,cfOrigin;dur=1114\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pNHXE7sM2tp8GL4EvIKLQHklr2bT%2B4bweEHo5tntpiYz0FfKw4Lhz54N4sRRcXvwUh2QFg%2F4x7NzV4hj7tK8qZJcdSagyvppxP06EUuRWV2I34Wnn%2F193AwN3oeyv%2F1SXKo1dBLKwQ%3D%3D\"}]}\r\ncf-ray: a0c899fb48bb5a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13083136,"size_decoded":766,"mime_type":"application/octet-stream","magic":"PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 9 sections","md5":"c27ac1ae0c068488b3a757037b7acccb","sha1":"23c88324bd5a36f849442c26edb51c00c0aa2707","sha256":"457470809f7ed8980a66cb71cdf3fa0923182e77ac86ae591bdc64893ea36d6b","sha512":"27cb4cbb258c665e860d52cfdf3ce151ab22fd8562051fd41adc83eeabc5adc8537cce92cb82061890c7873a9aa4b8dd76328ad5caf3adb07d7fba20f2f1436e","ssdeep":"24576:cjQUS/aCA5LCuR0+/geqdwVGS6IqBu55p4RSgWtOmyXCqQt:c0US/aCA5LCuRTE1Ct","tlshash":"6025096b45911dbcf1a793bb59875f43faa1709e03b208ef029144e56bf72e00d7b922","first_seen":"2026-06-16T08:56:59.256455Z","last_seen":"2026-06-16T08:56:59.256455Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1668,"timings":{"blocked":-1,"dns":48,"connect":12,"send":0,"wait":1125,"receive":468,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-16","alert":"Sinkholed","trigger":"mods.nemesis-mods.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}