{"report_id":"172b5b82-1150-4f39-bde0-5a3cceb244a2","version":6,"status":"done","tags":[],"date":"2025-10-06T09:24:17Z","url":{"schema":"https","addr":"newhair.fi/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6841758\u0026pdata=https%253A%252F%252Fnewhair.fi\u0026id=7fa3b767c460b54a2be4d49030b349c7\u0026ts=1759741840","fqdn":"newhair.fi","domain":"newhair.fi","tld":"fi"},"ip":{"addr":"31.217.196.214","port":0,"asn":58003,"as":"Planeetta Internet Oy","country":"Finland","country_code":"FI"},"final":{"url":{"schema":"https","addr":"newhair.fi/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6841758\u0026pdata=https%253A%252F%252Fnewhair.fi\u0026id=7fa3b767c460b54a2be4d49030b349c7\u0026ts=1759741840","fqdn":"newhair.fi","domain":"newhair.fi","tld":"fi"},"title":"404 Not Found"},"submit":{"url":{"schema":"https","addr":"newhair.fi/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6841758\u0026pdata=https%253A%252F%252Fnewhair.fi\u0026id=7fa3b767c460b54a2be4d49030b349c7\u0026ts=1759741840","fqdn":"newhair.fi","domain":"newhair.fi","tld":"fi"},"ip":{"addr":"31.217.196.214","port":0,"asn":58003,"as":"Planeetta Internet Oy","country":"Finland","country_code":"FI"},"tags":["soteria"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-10T09:24:17Z","useragent":"Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36","referer":"soteria","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"newhair.fi","ip":{"addr":"31.217.196.214","port":443,"asn":58003,"as":"Planeetta Internet Oy","country":"Finland","country_code":"FI"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-10-06T08:54:23.280908Z","last_seen":"2025-10-06T08:54:23.280909Z","alert_count":0,"request_count":4,"received_data":30718,"sent_data":2691,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"newhair.fi/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6841758\u0026pdata=https%253A%252F%252Fnewhair.fi\u0026id=7fa3b767c460b54a2be4d49030b349c7\u0026ts=1759741840","fqdn":"newhair.fi","domain":"newhair.fi","tld":"fi"},"ip":{"addr":"31.217.196.214","port":443,"asn":58003,"as":"Planeetta Internet Oy","country":"Finland","country_code":"FI"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T09:23:56.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"newhair.fi","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Aug 2025 15:44:22 GMT","end":"Sat, 08 Nov 2025 15:44:21 GMT"},"fingerprint":{"sha1":"CF:A4:BF:26:BF:EC:E6:C2:99:74:D5:1C:B7:F3:39:44:DE:A6:9A:2F","sha256":"9F:38:3C:FE:2E:64:62:0B:19:1F:B2:76:40:17:7F:3B:DD:F8:C8:F0:E8:7F:9B:C5:82:1F:67:6F:EB:AB:EB:A6"}}},"request":{"raw":"GET /z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6841758\u0026pdata=https%253A%252F%252Fnewhair.fi\u0026id=7fa3b767c460b54a2be4d49030b349c7\u0026ts=1759741840 HTTP/1.1\r\nHost: newhair.fi\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 09:23:55 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10337,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4070)","md5":"c7e1c8143523762dedf7dc64e26df31e","sha1":"2744800953ec5cba068414a348a90f34d5b5e11a","sha256":"2edfa01ae5de8c0d852308a1f57a181f0a86348821f9ee8587506f7f2b2813ef","sha512":"08b05a36bee90fb97177d71467d9fd2aec463d390e95f9ed359a1f31676a79691c634e76997afb8baf71bdd2e92c80b573c65eb7201afa2b4ede60845b0c647a","ssdeep":"192:rlYHC0HNXGZkHQU7ydPJq5S2KqQVX/uTK3w3DK+tMy47R/Ga0kVhFuPwf8Pn93JN:FVGaRF8I8LNP3","tlshash":"1322b69b1ae3005b7447a0b96bba3201ab68e543d11fdd607f0db3d8cf865818c93b4e","first_seen":"2025-10-06T09:24:17.691928Z","last_seen":"2025-10-06T09:24:17.691928Z","times_seen":1,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":33,"dns":1,"connect":15,"send":0,"wait":16,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"newhair.fi/img-sys/server_misconfigured.png","fqdn":"newhair.fi","domain":"newhair.fi","tld":"fi"},"ip":{"addr":"31.217.196.214","port":443,"asn":58003,"as":"Planeetta Internet Oy","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://newhair.fi/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6841758\u0026pdata=https%253A%252F%252Fnewhair.fi\u0026id=7fa3b767c460b54a2be4d49030b349c7\u0026ts=1759741840","date":"2025-10-06T09:23:56.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"newhair.fi","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Aug 2025 15:44:22 GMT","end":"Sat, 08 Nov 2025 15:44:21 GMT"},"fingerprint":{"sha1":"CF:A4:BF:26:BF:EC:E6:C2:99:74:D5:1C:B7:F3:39:44:DE:A6:9A:2F","sha256":"9F:38:3C:FE:2E:64:62:0B:19:1F:B2:76:40:17:7F:3B:DD:F8:C8:F0:E8:7F:9B:C5:82:1F:67:6F:EB:AB:EB:A6"}}},"request":{"raw":"GET /img-sys/server_misconfigured.png HTTP/1.1\r\nHost: newhair.fi\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newhair.fi/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6841758\u0026pdata=https%253A%252F%252Fnewhair.fi\u0026id=7fa3b767c460b54a2be4d49030b349c7\u0026ts=1759741840\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 13 Oct 2025 09:23:55 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 May 2019 20:14:02 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3164\r\ndate: Mon, 06 Oct 2025 09:23:55 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3164,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"f79adaf00f83dc9757086cdbe8645ff0","sha1":"82f37b8be7668eab8e1a06de828cb336799c8134","sha256":"944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f","sha512":"eb7db97a73d4fd8ff7acc027582a2564636ee9d92f19365da11ec4c80be62418450fd0b37ed1462d56489c52fa1ab69008b040fad7795151dc1d26ac59293f6a","ssdeep":"","tlshash":"54513b80a9156c08aed83aacb51d109b84003ce5a8372cc480728fffb61e8b36aa55dd","first_seen":"2023-04-05T04:59:52Z","last_seen":"2026-04-04T05:48:23.066182Z","times_seen":40542,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"newhair.fi/img-sys/powered_by_cpanel.svg","fqdn":"newhair.fi","domain":"newhair.fi","tld":"fi"},"ip":{"addr":"31.217.196.214","port":443,"asn":58003,"as":"Planeetta Internet Oy","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://newhair.fi/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6841758\u0026pdata=https%253A%252F%252Fnewhair.fi\u0026id=7fa3b767c460b54a2be4d49030b349c7\u0026ts=1759741840","date":"2025-10-06T09:23:56.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"newhair.fi","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Aug 2025 15:44:22 GMT","end":"Sat, 08 Nov 2025 15:44:21 GMT"},"fingerprint":{"sha1":"CF:A4:BF:26:BF:EC:E6:C2:99:74:D5:1C:B7:F3:39:44:DE:A6:9A:2F","sha256":"9F:38:3C:FE:2E:64:62:0B:19:1F:B2:76:40:17:7F:3B:DD:F8:C8:F0:E8:7F:9B:C5:82:1F:67:6F:EB:AB:EB:A6"}}},"request":{"raw":"GET /img-sys/powered_by_cpanel.svg HTTP/1.1\r\nHost: newhair.fi\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newhair.fi/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6841758\u0026pdata=https%253A%252F%252Fnewhair.fi\u0026id=7fa3b767c460b54a2be4d49030b349c7\u0026ts=1759741840\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 13 Oct 2025 09:23:55 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 29 May 2019 20:14:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2506\r\ndate: Mon, 06 Oct 2025 09:23:55 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5617,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c47b4b5200566a2a496a11ba472ec5da","sha1":"3bd0da9a6ffd62217d3e781fa1356f40d9f91d4c","sha256":"179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9","sha512":"b67659bfb2f94cc1124eb88f7582ae2ee1c983210577edc9aaf6fdb65f6b0e2b9fd786169a91fc72a1ac0e8556bc09c7cf35395c7a038a6f6419660b7b64545f","ssdeep":"96:BDol4IVL19t2mY5Ib0Va4FALs/k2eerILEKQhnEIsFGFB/aStUY0NuhHkzTUgCgM:BGjR19tU5Ib0tCY8jeSEptRPFESt70NW","tlshash":"77c174f9c7a053f47ac38f5deb2966d0b0ebf8bd1ea082c451759368c4c0ad9e948874","first_seen":"2023-04-05T04:59:52Z","last_seen":"2026-04-04T05:48:23.066766Z","times_seen":40514,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"newhair.fi/favicon.ico","fqdn":"newhair.fi","domain":"newhair.fi","tld":"fi"},"ip":{"addr":"31.217.196.214","port":443,"asn":58003,"as":"Planeetta Internet Oy","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://newhair.fi/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6841758\u0026pdata=https%253A%252F%252Fnewhair.fi\u0026id=7fa3b767c460b54a2be4d49030b349c7\u0026ts=1759741840","date":"2025-10-06T09:23:56.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"newhair.fi","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Aug 2025 15:44:22 GMT","end":"Sat, 08 Nov 2025 15:44:21 GMT"},"fingerprint":{"sha1":"CF:A4:BF:26:BF:EC:E6:C2:99:74:D5:1C:B7:F3:39:44:DE:A6:9A:2F","sha256":"9F:38:3C:FE:2E:64:62:0B:19:1F:B2:76:40:17:7F:3B:DD:F8:C8:F0:E8:7F:9B:C5:82:1F:67:6F:EB:AB:EB:A6"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: newhair.fi\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newhair.fi/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6841758\u0026pdata=https%253A%252F%252Fnewhair.fi\u0026id=7fa3b767c460b54a2be4d49030b349c7\u0026ts=1759741840\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 09:23:55 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10337,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4070)","md5":"c7e1c8143523762dedf7dc64e26df31e","sha1":"2744800953ec5cba068414a348a90f34d5b5e11a","sha256":"2edfa01ae5de8c0d852308a1f57a181f0a86348821f9ee8587506f7f2b2813ef","sha512":"08b05a36bee90fb97177d71467d9fd2aec463d390e95f9ed359a1f31676a79691c634e76997afb8baf71bdd2e92c80b573c65eb7201afa2b4ede60845b0c647a","ssdeep":"192:rlYHC0HNXGZkHQU7ydPJq5S2KqQVX/uTK3w3DK+tMy47R/Ga0kVhFuPwf8Pn93JN:FVGaRF8I8LNP3","tlshash":"1322b69b1ae3005b7447a0b96bba3201ab68e543d11fdd607f0db3d8cf865818c93b4e","first_seen":"2025-10-06T09:24:17.691928Z","last_seen":"2025-10-06T09:24:17.691928Z","times_seen":1,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}