{"report_id":"31c29b0c-ddf6-4224-b68a-5466fa044a27","version":0,"status":"done","tags":["government","tax","france","phishing"],"date":"2026-06-11T00:41:20Z","url":{"schema":"http","addr":"antai-amende-clients.justns.ru/amende-278764/Demos","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"title":"Site officiel unique de télépaiement | Amendes.gouv.fr","dom":{"size":119858,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (47033)","md5":"e9ff0d67c8d10b8be0c8bc33ea5df23b","sha1":"70c6fdcf6432ddc10ad9ec5b55361e205140b148","sha256":"bf55f2d2d9ddd46a56442bc3b245bea63e97ac290eacf467a3fc4240843951be","sha512":"41812393e142e0f640c1ed4618b2afc2cb92e8006132fc921ccc13c44a7a04a88d377a8be9b916ad56e064bc7d399bcccf9917043534b7cbe2424f11c5a36645","ssdeep":"3072:LI6Qyk0J4U3trFpGtoN/9+MxAQr8RkaXV3QdENV6CW90Jvk4eRS4ybWRE:1HkORgtcwQACaXV3QdENV6CW90Jvk4e8","tlshash":"1ec34c76050571770c273c6787cea90c5e38e7d34aa21a8df2962d48c9dbbb9274733a","dom_hash":"domhash9f9558c7cc0872533536d01d5363ddbf","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"antai-amende-clients.justns.ru/amende-278764/Demos","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-16T00:41:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"antai-amende-clients.justns.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"antai-amende-clients.justns.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - French Tax Agency","verdict":"phishing","severity":"medium","comment":"Resource observed with French Tax Agency phishing","tags":["government","tax","france","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - French Tax Agency","verdict":"phishing","severity":"medium","comment":"Resource observed with French Tax Agency phishing","tags":["government","tax","france","phishing"],"meta":null}]},"summary":[{"fqdn":"antai-amende-clients.justns.ru","ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2014-07-12","domain_rank":0,"first_seen":"2026-05-18T03:31:42.169058Z","last_seen":"2026-05-18T03:31:42.169058Z","alert_count":21,"request_count":7,"received_data":1889663,"sent_data":3243,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - French Tax Agency","verdict":"phishing","severity":"medium","comment":"Resource observed with French Tax Agency phishing","tags":["government","tax","france","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ada9e2303429c9b6b856d3f5bd9ac7c","sha1":"eb52e4638230ffef58bab2a408d2ad8da7144cce","sha256":"9b158f5150db7b1dfabeac6087ffd5f4ab0502ad5719330a30a3444f8d6db82c","sha512":"dfadaf20ae796bff63f51535f128d85d8abeac99b9e8de3e6ac53b0d1050648cd2c924857b13cc336d5df888c7b3823477d2fb8f86872f47308b5ce0f330e032","ssdeep":"","tlshash":"13d01285dae810e055e3719844b713152f35663227550994e5f43db07f78ea52611b8c","size":273,"data":"","first_seen":"2026-06-11T00:41:27.734093Z","last_seen":"2026-06-13T20:16:25.788908Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"013cb1c3f9c10670ad3c0a4537bce8a6","sha1":"97610858dd1223d3882cd0acdf47350857be2f14","sha256":"0e320bdfa563fdae3004bd4d8745b304534f1a47ea541370aa9961af89e42773","sha512":"dd5a72f285439632ca95f3da8b7984ba215523dc895f2a416955db23c6f088c91e47df2e4721747cb5eddd472c46fda1096c2e54d7788d1c7648e6e81af5c5d4","ssdeep":"","tlshash":"64a002a43b050869c0b7cc8dc12a7041e9d4360b33f589cdb4fd0f80df30b487815a04","size":79,"data":"","first_seen":"2026-06-11T00:41:27.735318Z","last_seen":"2026-06-13T20:16:25.790513Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b7a990685d62aad1bc4bd4db526f40ed","sha1":"85ae5d9a24e0848c1ded536104152dbfaee05263","sha256":"2bc8c3bc49fd5275b3ec0ea234029143b5f2388e5e3184b60569e78e232626ef","sha512":"dda6ec599d8d096c7ae9d5c160265954a9ce75a79b63d49d72dae47675c78c468ff82ddc5f1ab44eef508b2af6dbf330db4650447a99b42f883e5119426e5a65","ssdeep":"","tlshash":"6db0024037124419e4b39c9e41767208af5d322727f44c8c7d7d4e50cf2431db400205","size":113,"data":"","first_seen":"2026-06-11T00:41:27.736349Z","last_seen":"2026-06-13T20:16:25.791077Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ada9e2303429c9b6b856d3f5bd9ac7c","sha1":"eb52e4638230ffef58bab2a408d2ad8da7144cce","sha256":"9b158f5150db7b1dfabeac6087ffd5f4ab0502ad5719330a30a3444f8d6db82c","sha512":"dfadaf20ae796bff63f51535f128d85d8abeac99b9e8de3e6ac53b0d1050648cd2c924857b13cc336d5df888c7b3823477d2fb8f86872f47308b5ce0f330e032","ssdeep":"","tlshash":"13d01285dae810e055e3719844b713152f35663227550994e5f43db07f78ea52611b8c","size":273,"data":"","first_seen":"2026-06-11T00:41:27.734093Z","last_seen":"2026-06-13T20:16:25.788908Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"013cb1c3f9c10670ad3c0a4537bce8a6","sha1":"97610858dd1223d3882cd0acdf47350857be2f14","sha256":"0e320bdfa563fdae3004bd4d8745b304534f1a47ea541370aa9961af89e42773","sha512":"dd5a72f285439632ca95f3da8b7984ba215523dc895f2a416955db23c6f088c91e47df2e4721747cb5eddd472c46fda1096c2e54d7788d1c7648e6e81af5c5d4","ssdeep":"","tlshash":"64a002a43b050869c0b7cc8dc12a7041e9d4360b33f589cdb4fd0f80df30b487815a04","size":79,"data":"","first_seen":"2026-06-11T00:41:27.735318Z","last_seen":"2026-06-13T20:16:25.790513Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b7a990685d62aad1bc4bd4db526f40ed","sha1":"85ae5d9a24e0848c1ded536104152dbfaee05263","sha256":"2bc8c3bc49fd5275b3ec0ea234029143b5f2388e5e3184b60569e78e232626ef","sha512":"dda6ec599d8d096c7ae9d5c160265954a9ce75a79b63d49d72dae47675c78c468ff82ddc5f1ab44eef508b2af6dbf330db4650447a99b42f883e5119426e5a65","ssdeep":"","tlshash":"6db0024037124419e4b39c9e41767208af5d322727f44c8c7d7d4e50cf2431db400205","size":113,"data":"","first_seen":"2026-06-11T00:41:27.736349Z","last_seen":"2026-06-13T20:16:25.791077Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ada9e2303429c9b6b856d3f5bd9ac7c","sha1":"eb52e4638230ffef58bab2a408d2ad8da7144cce","sha256":"9b158f5150db7b1dfabeac6087ffd5f4ab0502ad5719330a30a3444f8d6db82c","sha512":"dfadaf20ae796bff63f51535f128d85d8abeac99b9e8de3e6ac53b0d1050648cd2c924857b13cc336d5df888c7b3823477d2fb8f86872f47308b5ce0f330e032","ssdeep":"","tlshash":"13d01285dae810e055e3719844b713152f35663227550994e5f43db07f78ea52611b8c","size":273,"data":"","first_seen":"2026-06-11T00:41:27.734093Z","last_seen":"2026-06-13T20:16:25.788908Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"013cb1c3f9c10670ad3c0a4537bce8a6","sha1":"97610858dd1223d3882cd0acdf47350857be2f14","sha256":"0e320bdfa563fdae3004bd4d8745b304534f1a47ea541370aa9961af89e42773","sha512":"dd5a72f285439632ca95f3da8b7984ba215523dc895f2a416955db23c6f088c91e47df2e4721747cb5eddd472c46fda1096c2e54d7788d1c7648e6e81af5c5d4","ssdeep":"","tlshash":"64a002a43b050869c0b7cc8dc12a7041e9d4360b33f589cdb4fd0f80df30b487815a04","size":79,"data":"","first_seen":"2026-06-11T00:41:27.735318Z","last_seen":"2026-06-13T20:16:25.790513Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b7a990685d62aad1bc4bd4db526f40ed","sha1":"85ae5d9a24e0848c1ded536104152dbfaee05263","sha256":"2bc8c3bc49fd5275b3ec0ea234029143b5f2388e5e3184b60569e78e232626ef","sha512":"dda6ec599d8d096c7ae9d5c160265954a9ce75a79b63d49d72dae47675c78c468ff82ddc5f1ab44eef508b2af6dbf330db4650447a99b42f883e5119426e5a65","ssdeep":"","tlshash":"6db0024037124419e4b39c9e41767208af5d322727f44c8c7d7d4e50cf2431db400205","size":113,"data":"","first_seen":"2026-06-11T00:41:27.736349Z","last_seen":"2026-06-13T20:16:25.791077Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/3d_files/jquery-3.6.0.min.js","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-06-19T17:01:58.511473Z","times_seen":482568,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/3d_files/bootstrap.min.js","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2f2ef0051cf284637b29bb4678c1b81","sha1":"1a18643241dea9ac7c190029ea6d8efbd73e5f84","sha256":"66af34efad8ad6be518c955fb42163a9f1178a2f51b6b16e7864a46973b04349","sha512":"bb64a1f3989866a47001e1b4601dbfb448c4454bbc817ba98c59cd94cc97f0c139baf6af0a16bb9f23e9872a3b6149ee555dce23ee3254264151c8a551122306","ssdeep":"1536:Qmw0iELO+TBR2t472RirWyKsVfK5GEfy3YJtCRv/45wZbqbXZTbYWU17X:VwXza3YCl45wZODZTbYRX","tlshash":"0d73c5593244b4730ade85b68037430bf2265998b24b812cb57cadde2a7dcc67277f78","size":80615,"data":"","first_seen":"2023-10-25T02:34:36Z","last_seen":"2026-06-19T13:04:00.986823Z","times_seen":508,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/3d_files/bootstrap.bundle.min.js","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0aa8d64e726c4a57adb5c88f9115996b","sha1":"901169527507ff9e662cf64d8e361f359308970d","sha256":"7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe","sha512":"ef6583f7684bb3b4f91405e7def90d65f9561baa609540c3a66f3b4de4267d283c2a7af298bd86df447b6ace05993c2182ef47ede4b30c25f79a38ad49e70a9f","ssdeep":"1536:tp+1ZTPR2t4tXbih05ve8/pwgrEpc9t0vSAIAxCs:MFRIpk0vSAV","tlshash":"a573d6493254b87309ee55a68037460bf3255994b14b802cb9bdadde2b3dc8272b7f78","size":78743,"data":"","first_seen":"2023-03-07T01:03:37Z","last_seen":"2026-06-19T16:31:47.327893Z","times_seen":23016,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/3d_files/all.min.js","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5beb8fa265f90be5ccadd6b32b8672f","sha1":"7bdc23c06b51e7e42c05de486680a3c18aa5ce5a","sha256":"6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e","sha512":"9daba447b23e364ea0a7ba794cc038c9c81fc5a64127b30ee620b7169eb2490c8a1473867e9912664615595e51eeeedc7c089cc5a9f0610e43d5ed7b11f25c30","ssdeep":"6144:JTrRrD1LXomaR3Ls8FBHHcKqgyjjGpGxcrK69aRYRMtsDo6ug+1MdZvdj/drgVFT:JCsqHSgyfB69ARYXDooYMdjdW/7jr","tlshash":"8065842cd365a3bc9da6c7f5ca2130b46d8f51ee71e09328a278c5b072621dcd5d9cca","size":1528342,"data":"","first_seen":"2023-03-09T05:04:22Z","last_seen":"2026-06-19T11:39:43.482418Z","times_seen":5678,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/3d_files/jquery.mask.min.js","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cc290e6c3aeecf5021dd82ad8df2512a","sha1":"fb983aecd3940e8ebbfe5e74c8099cee9223c957","sha256":"2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995","sha512":"a47546a57ec5ff6ef267421263e5558f250b0296c3943d3f5f4ae019b4ea084ed6156e4c7b3353586fdd9e1b5b06e202cec7745903e0a44e111012eff94a8287","ssdeep":"192:cd227YJcI/iarixR4aCSfZrkiqVNReFevZA8A/A:cdaJ39e74boZrkVVjeFexA8AY","tlshash":"b502e8d5329670b253b371e901bf020bebb7afa156de4814d61a94e0ae74f890053f7e","size":8327,"data":"","first_seen":"2023-03-07T01:06:41Z","last_seen":"2026-06-19T14:02:14.154795Z","times_seen":11777,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/3d_files/all.min.js","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://antai-amende-clients.justns.ru/amende-278764/Demos/","date":"2026-06-11T00:40:57.469Z","timestamp":1781138457469,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.antai-amende-clients.justns.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 04:39:49 GMT","end":"Fri, 17 Jul 2026 04:39:48 GMT"},"fingerprint":{"sha1":"9A:22:7D:43:7C:32:F0:89:28:A1:8B:5F:04:01:95:D6:4D:50:78:8E","sha256":"C2:B6:0D:90:AA:4E:2C:B8:26:8A:27:A7:29:32:54:3D:C7:22:EE:B4:41:51:25:2B:D2:D9:0C:38:E7:89:4F:87"}}},"request":{"raw":"GET /amende-278764/Demos/3d_files/all.min.js HTTP/1.1\r\nHost: antai-amende-clients.justns.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 00:40:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 28 Sep 2024 08:06:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66f7b902-175216\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1528342,"size_decoded":647251,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65317)","md5":"e930893a97a9ae1545bc1d4b7691ba57","sha1":"99c343b1d1c9331cd1a0778abfac9b7aeaffb108","sha256":"f648f1b49b22316288499e6f323156c4ccd9b0fd310bd58fddf482ec179d1016","sha512":"ef1e1641e478b378d6265daacddbdea5362221a45adbd6a993a1a416cba81740fc9de399f9bf1f45393657120f2a91a3f1710d13e7eb6589a0f178de3b187339","ssdeep":"6144:JTrRrD1LXomaR3Ls8FBHHcKqgyjjGpGxcrK69aRYRMtsDo6ug+H:JCsqHSgyfB69ARYXDooI","tlshash":"6425832cd36593bc9d9687f5ca2120b47d8f51ee75e0a328e278c5b0b2620dcd5d9cca","first_seen":"2025-07-26T17:28:19.15574Z","last_seen":"2026-06-19T11:39:43.474661Z","times_seen":839,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"antai-amende-clients.justns.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"antai-amende-clients.justns.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - French Tax Agency","verdict":"phishing","severity":"medium","comment":"Resource observed with French Tax Agency phishing","tags":["government","tax","france","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/3d_files/jquery.mask.min.js","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://antai-amende-clients.justns.ru/amende-278764/Demos/","date":"2026-06-11T00:40:57.472Z","timestamp":1781138457472,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.antai-amende-clients.justns.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 04:39:49 GMT","end":"Fri, 17 Jul 2026 04:39:48 GMT"},"fingerprint":{"sha1":"9A:22:7D:43:7C:32:F0:89:28:A1:8B:5F:04:01:95:D6:4D:50:78:8E","sha256":"C2:B6:0D:90:AA:4E:2C:B8:26:8A:27:A7:29:32:54:3D:C7:22:EE:B4:41:51:25:2B:D2:D9:0C:38:E7:89:4F:87"}}},"request":{"raw":"GET /amende-278764/Demos/3d_files/jquery.mask.min.js HTTP/1.1\r\nHost: antai-amende-clients.justns.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 00:40:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 28 Sep 2024 08:06:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66f7b902-2087\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8327,"size_decoded":3935,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (542)","md5":"cc290e6c3aeecf5021dd82ad8df2512a","sha1":"fb983aecd3940e8ebbfe5e74c8099cee9223c957","sha256":"2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995","sha512":"a47546a57ec5ff6ef267421263e5558f250b0296c3943d3f5f4ae019b4ea084ed6156e4c7b3353586fdd9e1b5b06e202cec7745903e0a44e111012eff94a8287","ssdeep":"192:cd227YJcI/iarixR4aCSfZrkiqVNReFevZA8A/A:cdaJ39e74boZrkVVjeFexA8AY","tlshash":"b502e8d5329670b253b371e901bf020bebb7afa156de4814d61a94e0ae74f890053f7e","first_seen":"2023-03-07T01:06:41Z","last_seen":"2026-06-19T14:02:14.154795Z","times_seen":11777,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"antai-amende-clients.justns.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"antai-amende-clients.justns.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - French Tax Agency","verdict":"phishing","severity":"medium","comment":"Resource observed with French Tax Agency phishing","tags":["government","tax","france","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-11T00:40:56.541Z","timestamp":1781138456541,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.antai-amende-clients.justns.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 04:39:49 GMT","end":"Fri, 17 Jul 2026 04:39:48 GMT"},"fingerprint":{"sha1":"9A:22:7D:43:7C:32:F0:89:28:A1:8B:5F:04:01:95:D6:4D:50:78:8E","sha256":"C2:B6:0D:90:AA:4E:2C:B8:26:8A:27:A7:29:32:54:3D:C7:22:EE:B4:41:51:25:2B:D2:D9:0C:38:E7:89:4F:87"}}},"request":{"raw":"GET /amende-278764/Demos HTTP/1.1\r\nHost: antai-amende-clients.justns.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 00:40:56 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\ncontent-length: 307\r\nlocation: https://antai-amende-clients.justns.ru/amende-278764/Demos/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T17:09:05.643349Z","times_seen":16553245,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":78,"connect":9,"send":0,"wait":14,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"antai-amende-clients.justns.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"antai-amende-clients.justns.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - French Tax Agency","verdict":"phishing","severity":"medium","comment":"Resource observed with French Tax Agency phishing","tags":["government","tax","france","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-11T00:40:56.668Z","timestamp":1781138456668,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.antai-amende-clients.justns.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 04:39:49 GMT","end":"Fri, 17 Jul 2026 04:39:48 GMT"},"fingerprint":{"sha1":"9A:22:7D:43:7C:32:F0:89:28:A1:8B:5F:04:01:95:D6:4D:50:78:8E","sha256":"C2:B6:0D:90:AA:4E:2C:B8:26:8A:27:A7:29:32:54:3D:C7:22:EE:B4:41:51:25:2B:D2:D9:0C:38:E7:89:4F:87"}}},"request":{"raw":"GET /amende-278764/Demos/ HTTP/1.1\r\nHost: antai-amende-clients.justns.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 00:40:57 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":102506,"size_decoded":58649,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (63159)","md5":"0ce6a8c720ac3076bde499e3c441972f","sha1":"59576e9a5fd6aa7041c2776a330a0fd3535a5d9e","sha256":"041dbb48d8df38f2bc1d9e520c5b2cdb02570f42908bb978948cddbb7a35ef24","sha512":"8908df37879b63304650927c67e9904f0c26f0e2c9f49a02b38935cfea4e4ac423a4abbd407579e02b08a603bffefd6fb09a3eb7fa15309f509e0ef9bc6f4a00","ssdeep":"3072:kI6Qyk0J4U3trFpGtoN/9+MxAQr8RkaXV3QdENV6CW90Jvk4eRS4ybWTi:WHkORgtcwQACaXV3QdENV6CW90Jvk4ec","tlshash":"f0a37e3209197477182a3cabcbc7fd4c2e14f3d34aa2578ce2d56d94c96fa3a560b16c","first_seen":"2026-05-18T03:31:45.267487Z","last_seen":"2026-06-11T01:37:09.417059Z","times_seen":3,"resource_available":true,"data":null}},"time_used":544,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":544,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"antai-amende-clients.justns.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"antai-amende-clients.justns.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - French Tax Agency","verdict":"phishing","severity":"medium","comment":"Resource observed with French Tax Agency phishing","tags":["government","tax","france","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/3d_files/jquery-3.6.0.min.js","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://antai-amende-clients.justns.ru/amende-278764/Demos/","date":"2026-06-11T00:40:57.464Z","timestamp":1781138457464,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.antai-amende-clients.justns.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 04:39:49 GMT","end":"Fri, 17 Jul 2026 04:39:48 GMT"},"fingerprint":{"sha1":"9A:22:7D:43:7C:32:F0:89:28:A1:8B:5F:04:01:95:D6:4D:50:78:8E","sha256":"C2:B6:0D:90:AA:4E:2C:B8:26:8A:27:A7:29:32:54:3D:C7:22:EE:B4:41:51:25:2B:D2:D9:0C:38:E7:89:4F:87"}}},"request":{"raw":"GET /amende-278764/Demos/3d_files/jquery-3.6.0.min.js HTTP/1.1\r\nHost: antai-amende-clients.justns.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 00:40:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 28 Sep 2024 08:06:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66f7b902-15d9d\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89501,"size_decoded":36290,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-06-19T17:01:58.511473Z","times_seen":482568,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"antai-amende-clients.justns.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"antai-amende-clients.justns.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - French Tax Agency","verdict":"phishing","severity":"medium","comment":"Resource observed with French Tax Agency phishing","tags":["government","tax","france","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/3d_files/bootstrap.min.js","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://antai-amende-clients.justns.ru/amende-278764/Demos/","date":"2026-06-11T00:40:57.466Z","timestamp":1781138457466,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.antai-amende-clients.justns.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 04:39:49 GMT","end":"Fri, 17 Jul 2026 04:39:48 GMT"},"fingerprint":{"sha1":"9A:22:7D:43:7C:32:F0:89:28:A1:8B:5F:04:01:95:D6:4D:50:78:8E","sha256":"C2:B6:0D:90:AA:4E:2C:B8:26:8A:27:A7:29:32:54:3D:C7:22:EE:B4:41:51:25:2B:D2:D9:0C:38:E7:89:4F:87"}}},"request":{"raw":"GET /amende-278764/Demos/3d_files/bootstrap.min.js HTTP/1.1\r\nHost: antai-amende-clients.justns.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 00:40:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 28 Sep 2024 08:06:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66f7b902-13ae7\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80615,"size_decoded":28529,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"d2f2ef0051cf284637b29bb4678c1b81","sha1":"1a18643241dea9ac7c190029ea6d8efbd73e5f84","sha256":"66af34efad8ad6be518c955fb42163a9f1178a2f51b6b16e7864a46973b04349","sha512":"bb64a1f3989866a47001e1b4601dbfb448c4454bbc817ba98c59cd94cc97f0c139baf6af0a16bb9f23e9872a3b6149ee555dce23ee3254264151c8a551122306","ssdeep":"1536:Qmw0iELO+TBR2t472RirWyKsVfK5GEfy3YJtCRv/45wZbqbXZTbYWU17X:VwXza3YCl45wZODZTbYRX","tlshash":"0d73c5593244b4730ade85b68037430bf2265998b24b812cb57cadde2a7dcc67277f78","first_seen":"2023-10-25T02:34:36Z","last_seen":"2026-06-19T13:04:00.986823Z","times_seen":508,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"antai-amende-clients.justns.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"antai-amende-clients.justns.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - French Tax Agency","verdict":"phishing","severity":"medium","comment":"Resource observed with French Tax Agency phishing","tags":["government","tax","france","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"antai-amende-clients.justns.ru/amende-278764/Demos/3d_files/bootstrap.bundle.min.js","fqdn":"antai-amende-clients.justns.ru","domain":"justns.ru","tld":"ru"},"ip":{"addr":"103.110.66.40","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://antai-amende-clients.justns.ru/amende-278764/Demos/","date":"2026-06-11T00:40:57.467Z","timestamp":1781138457467,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.antai-amende-clients.justns.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 04:39:49 GMT","end":"Fri, 17 Jul 2026 04:39:48 GMT"},"fingerprint":{"sha1":"9A:22:7D:43:7C:32:F0:89:28:A1:8B:5F:04:01:95:D6:4D:50:78:8E","sha256":"C2:B6:0D:90:AA:4E:2C:B8:26:8A:27:A7:29:32:54:3D:C7:22:EE:B4:41:51:25:2B:D2:D9:0C:38:E7:89:4F:87"}}},"request":{"raw":"GET /amende-278764/Demos/3d_files/bootstrap.bundle.min.js HTTP/1.1\r\nHost: antai-amende-clients.justns.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 00:40:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 28 Sep 2024 08:06:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66f7b902-13397\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78743,"size_decoded":27389,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"0aa8d64e726c4a57adb5c88f9115996b","sha1":"901169527507ff9e662cf64d8e361f359308970d","sha256":"7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe","sha512":"ef6583f7684bb3b4f91405e7def90d65f9561baa609540c3a66f3b4de4267d283c2a7af298bd86df447b6ace05993c2182ef47ede4b30c25f79a38ad49e70a9f","ssdeep":"1536:tp+1ZTPR2t4tXbih05ve8/pwgrEpc9t0vSAIAxCs:MFRIpk0vSAV","tlshash":"a573d6493254b87309ee55a68037460bf3255994b14b802cb9bdadde2b3dc8272b7f78","first_seen":"2023-03-07T01:03:37Z","last_seen":"2026-06-19T16:31:47.327893Z","times_seen":23016,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"antai-amende-clients.justns.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"antai-amende-clients.justns.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - French Tax Agency","verdict":"phishing","severity":"medium","comment":"Resource observed with French Tax Agency phishing","tags":["government","tax","france","phishing"],"meta":null}]}}]}