{"report_id":"3b44237c-1ae5-4aca-8464-216fb72d7d51","version":6,"status":"done","tags":[],"date":"2026-05-05T11:04:38Z","url":{"schema":"http","addr":"195.178.110.64:9090","fqdn":"195.178.110.64","domain":"195.178.110.64","tld":""},"ip":{"addr":"195.178.110.64","port":0,"asn":48090,"as":"Pptechnology Limited","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"http","addr":"195.178.110.64:9090/","fqdn":"195.178.110.64","domain":"195.178.110.64","tld":""},"title":"NIGHTSHADE — C2","dom":{"size":71161,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (386)","md5":"2381cb09eb7f2bf2edda368fcecd5d53","sha1":"c0b2302f2df40e3a5852b894f32d92f6da7ebc25","sha256":"d452476a5d27eb25f269ca02cdccd0e82a1f0fb2a8405e46286c8905ebe68833","sha512":"a7a8503dd3108d5155f61ff4b65a46e13ca58077b506133f5ce25db5f9c4723ac33ce11a1af81e50d391b491d2eeb5d83ffa0e90f383f34531dd0a97fc0628bd","ssdeep":"768:T5wmm57u6+40leIPK81ku3YhubX5nXFS9YW50NhpzxsW9BraAGXF48mP0GBk9c9D:TVv4M0ulXA50NhpzxsWzP0GBk9c0s","tlshash":"9863a47271b261387223f01d962fa44f60597417be17aa84bdac34144fcf9be9bb0a74","dom_hash":"domhash8a1c8f2d7e6842e25917c40945bacb1c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"195.178.110.64:9090","fqdn":"195.178.110.64","domain":"195.178.110.64","tld":""},"ip":{"addr":"195.178.110.64","port":0,"asn":48090,"as":"Pptechnology Limited","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-09T11:04:38Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-05T11:04:17Z","timestamp":1777979057,"ip_dst":{"addr":"Client IP","port":38118,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"195.178.110.64","port":9090,"asn":48090,"as":"Pptechnology Limited","country":"Bulgaria","country_code":"BG"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 44","source":"{\"timestamp\":\"2026-05-05T11:04:17.105963+0000\",\"flow_id\":985088576804211,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"195.178.110.64\",\"src_port\":9090,\"dest_ip\":\"172.18.0.11\",\"dest_port\":38118,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400043,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 44\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2026-05-05T11:04:17.087411+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"195.178.110.64","ip":{"addr":"195.178.110.64","port":9090,"asn":48090,"as":"Pptechnology Limited","country":"Bulgaria","country_code":"BG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":71004,"sent_data":767,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-03T22:20:33.622142Z","alert_count":0,"request_count":1,"received_data":15782,"sent_data":528,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-03T22:17:40.953609Z","alert_count":0,"request_count":4,"received_data":119924,"sent_data":2315,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"195.178.110.64:9090/","fqdn":"195.178.110.64","domain":"195.178.110.64","tld":""},"ip":{"addr":"195.178.110.64","port":9090,"asn":48090,"as":"Pptechnology Limited","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"6bbd39e42066205bb8d76fb486265d49","sha1":"53d38707ab987fc941807aa5827ab84703d6bd90","sha256":"0c372d449b92f632245639abcc2334a96b0f69ba270e31ac4ef28cf9fc4f7713","sha512":"f220733c522316618e7c94a6b22aa5b262a73d4dc5285856cffdb31097c94e13effd4bebd862187d5e572c7be2ed52bd6520fe7470e43069fb0cea2b08ab914e","ssdeep":"768:WPK81ku3YhubX5nXFS9YW50NhpzxsW9BraAGXF48mP0GBk9c9qFH:7ulXA50NhpzxsWzP0GBk9c09","tlshash":"5c33607271f321387263f01d862fa40b656a3407ba06a984bebc39141fcd56cafb5db4","size":51178,"data":"","first_seen":"2026-05-05T11:04:42.91597Z","last_seen":"2026-05-05T11:04:42.91597Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"195.178.110.64:9090/","fqdn":"195.178.110.64","domain":"195.178.110.64","tld":""},"ip":{"addr":"195.178.110.64","port":9090,"asn":48090,"as":"Pptechnology Limited","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-05T11:04:17.089Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 195.178.110.64:9090\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 70803\r\ndate: Tue, 05 May 2026 11:04:17 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":70803,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (314)","md5":"ef6fff986a01064374ff6cf9eceded27","sha1":"fb37740481f75bb6f4508b469f048fd1920c36e4","sha256":"f056e17a41d6ab8110f056da405a346324808eaba6fb997e7fba989c4750cf1d","sha512":"66da908db1b450af0e0deae2af424a3d6d92a3f86700f712f6257b55ab76a905a9e97da4219fb88d6279182fd0f74afbd2c4202946039510c6b6c903cdc5cdb0","ssdeep":"768:u5wmm57u6+40leDPK81ku3YhubX5nXFS9YW50NhpzxsW9BraAGXF48mP0GBk9c9n:uVv4MzulXA50NhpzxsWzP0GBk9c0s","tlshash":"a663a47271b261387223f01d962fa44f60597417be17aa84bdac34144fcfabe5bb0a74","first_seen":"2026-05-05T11:04:42.912566Z","last_seen":"2026-05-05T11:04:42.912566Z","times_seen":1,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":17,"dns":3,"connect":19,"send":0,"wait":19,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=JetBrains+Mono:wght@400;500;600;700\u0026family=Space+Grotesk:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://195.178.110.64:9090/","date":"2026-05-05T11:04:17.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"E9:E5:B7:DA:0A:AE:59:02:EA:10:61:71:9B:52:3A:08:42:A0:67:A5","sha256":"F6:1D:CE:31:AA:9C:7B:58:1D:1D:14:96:99:B6:58:CC:FB:AE:D5:3C:F8:FB:40:E3:45:2D:4A:54:11:B4:E2:F3"}}},"request":{"raw":"GET /css2?family=JetBrains+Mono:wght@400;500;600;700\u0026family=Space+Grotesk:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://195.178.110.64:9090/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 05 May 2026 11:04:17 GMT\r\ndate: Tue, 05 May 2026 11:04:17 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15096,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"c7a656dda69c6da165fa76048ed6b895","sha1":"1aa4b33b34301a86fcea9fe54711a756c200dc76","sha256":"597f7b2aa2284b1a4f7541d4803814d627565d0b441e8f3dfcbd7c908ca59383","sha512":"a0ebfa256ad8b548118f5e848d97788c7db876f60b572bfa5b9fcdcbe010af78483eff20112c6dee827a1b7c0a34e77bce007a9095652c136292cd199aafc23e","ssdeep":"192:uG+7p3ZAXYjG9Up3qnXfmG0dp3HKXCFGbep3g5XxWx/GiZC4GRZfRG4ZYiG/W:fOGC6CmOZDgRt","tlshash":"a362eee1001a9404eb472cc633cebe36bd8ea1066081d9b9dfff18989daac72133475d","first_seen":"2025-11-20T06:47:45.480796Z","last_seen":"2026-05-05T11:04:42.913533Z","times_seen":25,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":105,"dns":0,"connect":8,"send":0,"wait":22,"receive":0,"ssl":99},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/spacegrotesk/v22/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://195.178.110.64:9090/","date":"2026-05-05T11:04:17.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/spacegrotesk/v22/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://195.178.110.64:9090\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 22288\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Apr 2026 08:35:41 GMT\r\nexpires: Fri, 30 Apr 2027 08:35:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 440916\r\nlast-modified: Thu, 04 Sep 2025 17:26:34 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22288,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22288, version 1.0","md5":"87c506d88b9f587f0e2292bc271f5083","sha1":"c0781ea2f29013826dc1eb8db40f4d400d9df710","sha256":"0640890476fc1198ab4de571fb658de443c4d85b66466ec09534a8737ab1ce9d","sha512":"25171eb14ce4c75ccfdb6f1c2a7de82182fd8d3d79cfa108df2d0e015e4ac84678ad97fdf90cff2ac2f24934531fcca3289343129687f176f21964ce5cd01b02","ssdeep":"384:TB/NWnO5qgQvU7gd7EeEX5qPOJO4FqaCEuAsCyzvDfxPdjuHsrC:TBlo1vUsvZqO4MAsCKrxxuMrC","tlshash":"8aa2e15b3f6bde211a27aebf4fc957b0a3ac6c1db2dd2712c198b104408962cc5d5ce6","first_seen":"2025-09-05T05:08:09.568652Z","last_seen":"2026-05-06T07:34:44.164184Z","times_seen":11229,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":75,"dns":0,"connect":8,"send":0,"wait":14,"receive":3,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://195.178.110.64:9090/","date":"2026-05-05T11:04:17.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://195.178.110.64:9090\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31432\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 02 May 2026 11:59:43 GMT\r\nexpires: Sun, 02 May 2027 11:59:43 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:52:37 GMT\r\ncontent-type: font/woff2\r\nage: 255874\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31432, version 1.0","md5":"b636a65da4f00129f08c7df6e5dd75ac","sha1":"4f27206c4b1caf8b7805597fcbc6922ff5805daa","sha256":"83c005d49d8a6a50474c73a5a36ac0468076e9c4a29da7bdb14995d80560a5be","sha512":"77ad92edddd5fc9ce47b8b329cf41b2fec895ea01a97b9122df3766163998fadcbe47c868631208636c4e587136ddd390d38e3e9da2743758c9da2c77a66f859","ssdeep":"768:a8+AGQwBrw24YHLKRG5lBF260n1e5vhjJKWWAD95I9Puggtx:B+AiBrw2fHL+GyvYtYADM9Pug0x","tlshash":"52e2f274ea41ca57676335ed4203e99d015fa318ebf6fd40869ccad2a506bcb7c4033a","first_seen":"2024-10-21T03:03:54.505463Z","last_seen":"2026-05-06T07:19:57.177571Z","times_seen":4198,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":136,"dns":0,"connect":21,"send":0,"wait":17,"receive":4,"ssl":115},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://195.178.110.64:9090/","date":"2026-05-05T11:04:17.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://195.178.110.64:9090\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31432\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 02 May 2026 11:59:43 GMT\r\nexpires: Sun, 02 May 2027 11:59:43 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:52:37 GMT\r\ncontent-type: font/woff2\r\nage: 255874\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31432, version 1.0","md5":"b636a65da4f00129f08c7df6e5dd75ac","sha1":"4f27206c4b1caf8b7805597fcbc6922ff5805daa","sha256":"83c005d49d8a6a50474c73a5a36ac0468076e9c4a29da7bdb14995d80560a5be","sha512":"77ad92edddd5fc9ce47b8b329cf41b2fec895ea01a97b9122df3766163998fadcbe47c868631208636c4e587136ddd390d38e3e9da2743758c9da2c77a66f859","ssdeep":"768:a8+AGQwBrw24YHLKRG5lBF260n1e5vhjJKWWAD95I9Puggtx:B+AiBrw2fHL+GyvYtYADM9Pug0x","tlshash":"52e2f274ea41ca57676335ed4203e99d015fa318ebf6fd40869ccad2a506bcb7c4033a","first_seen":"2024-10-21T03:03:54.505463Z","last_seen":"2026-05-06T07:19:57.177571Z","times_seen":4198,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":114,"dns":7,"connect":7,"send":0,"wait":16,"receive":4,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://195.178.110.64:9090/","date":"2026-05-05T11:04:17.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://195.178.110.64:9090\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31432\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 02 May 2026 11:59:43 GMT\r\nexpires: Sun, 02 May 2027 11:59:43 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:52:37 GMT\r\ncontent-type: font/woff2\r\nage: 255874\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31432, version 1.0","md5":"b636a65da4f00129f08c7df6e5dd75ac","sha1":"4f27206c4b1caf8b7805597fcbc6922ff5805daa","sha256":"83c005d49d8a6a50474c73a5a36ac0468076e9c4a29da7bdb14995d80560a5be","sha512":"77ad92edddd5fc9ce47b8b329cf41b2fec895ea01a97b9122df3766163998fadcbe47c868631208636c4e587136ddd390d38e3e9da2743758c9da2c77a66f859","ssdeep":"768:a8+AGQwBrw24YHLKRG5lBF260n1e5vhjJKWWAD95I9Puggtx:B+AiBrw2fHL+GyvYtYADM9Pug0x","tlshash":"52e2f274ea41ca57676335ed4203e99d015fa318ebf6fd40869ccad2a506bcb7c4033a","first_seen":"2024-10-21T03:03:54.505463Z","last_seen":"2026-05-06T07:19:57.177571Z","times_seen":4198,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":143,"dns":0,"connect":22,"send":0,"wait":9,"receive":4,"ssl":126},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"195.178.110.64:9090/favicon.ico","fqdn":"195.178.110.64","domain":"195.178.110.64","tld":""},"ip":{"addr":"195.178.110.64","port":9090,"asn":48090,"as":"Pptechnology Limited","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://195.178.110.64:9090/","date":"2026-05-05T11:04:17.644Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 195.178.110.64:9090\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://195.178.110.64:9090/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\ncontent-length: 0\r\ndate: Tue, 05 May 2026 11:04:17 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T07:45:48.950283Z","times_seen":14725783,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}