{"report_id":"3d8431d6-2fe7-4a2c-b9e5-520583541b15","version":6,"status":"done","tags":[],"date":"2025-12-31T13:46:53Z","url":{"schema":"http","addr":"krab2-a-t.ru","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"krab2-a-t.ru/","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"title":"KRAB2 - Автомобильные аксессуары и тюнинг .CC .AT | Только сегодня скидка 50%","dom":{"size":39323,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6711)","md5":"64ff7fdbe8f0a268f0bda5ed26fc3e40","sha1":"e57a910cdf1f2452dd566cc8c78a7befd49ba031","sha256":"6a1c9aea02f4bd1819c9e6ac1d8faa2347d3cc923e4b9ad722ed84d0ae0572f8","sha512":"8e4ad2c4c64af789e542ed9dc23018c6de7b781c4bc43b33808cdd391b8fef1a50ea65dfc5cf45d0594310487fb4bfc08dde6d6556c34a9409306ca4970922a1","ssdeep":"384:ce1rZBWcQ0PBWdhZz6fuZ6HW8YmIoZfYacWJiFuF246ukUEF9cWAVhArUutDwxrk:eFuF23ukUEF9crPm0k","tlshash":"cb03642540fb20429453dcb6bfa56b1b3c589423d64aca22b7ac16cccfe7c65ca9671c","dom_hash":"domhash3cc26b3a4bd05f45e048af60549e61ab","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"krab2-a-t.ru","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-04T13:46:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"krab2-a-t.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"krab2-a-t.ru","ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-22","domain_rank":0,"first_seen":"2025-12-31T13:46:53.566652Z","last_seen":"2025-12-31T13:46:53.566652Z","alert_count":11,"request_count":11,"received_data":275512,"sent_data":5312,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"krab2-a-t.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T04:43:01.931738Z","times_seen":94357,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krab2-a-t.ru/static/js/countdown.js","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"50d9f0bcdc1c8a849b20d4cf3e064250","sha1":"1c805fa979ed51a6fd5c443dfe86242477697052","sha256":"457863fe4a307e0e770b3d6d86b9e7e705067b4c67c693568b2bd6c37efdd72c","sha512":"fdfa4d15a9b581e84b6c0935be4398a90eaeba625f7f841dfd5b43dffe060d326d0c1fe09202f050241fc7f1b8ba0d31b53dfa37379a446167ba92c2bbc2c73c","ssdeep":"","tlshash":"7831e03a323401615bbb637353926314f83d62237443e695be9c86981ff5a44ad3aed8","size":1839,"data":"","first_seen":"2025-12-31T13:46:56.580557Z","last_seen":"2025-12-31T13:46:56.580557Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"krab2-a-t.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krab2-a-t.ru/","date":"2025-12-31T13:46:32.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krab2-a-t.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 04:28:13 GMT","end":"Sun, 22 Mar 2026 05:24:36 GMT"},"fingerprint":{"sha1":"71:C4:E9:53:9E:A0:42:68:BC:BA:8D:5C:0E:FD:E5:F1:27:B8:F7:31","sha256":"8C:27:CF:DB:50:D6:E4:4D:5E:FA:AB:0F:79:FA:8B:FA:3D:83:DD:72:4D:91:14:28:8B:F0:F1:DC:02:90:A4:C3"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: krab2-a-t.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krab2-a-t.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 31 Dec 2025 14:34:32 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FoWvQ7kh4RkLnU6Ex9eu8vAwBoUsCK3tcaMQ1FjimFbp3gpHyjtnpZFiTJ5tYqjGTDgdl0iVVYqgVUGW5XS6Yd0CDg5PGERHQBo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 31 Dec 2025 13:46:32 GMT\r\ncf-ray: 9b6a3941280bb4eb-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T04:43:01.931738Z","times_seen":94357,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"krab2-a-t.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krab2-a-t.ru/cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://krab2-a-t.ru/","date":"2025-12-31T13:46:32.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krab2-a-t.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 04:28:13 GMT","end":"Sun, 22 Mar 2026 05:24:36 GMT"},"fingerprint":{"sha1":"71:C4:E9:53:9E:A0:42:68:BC:BA:8D:5C:0E:FD:E5:F1:27:B8:F7:31","sha256":"8C:27:CF:DB:50:D6:E4:4D:5E:FA:AB:0F:79:FA:8B:FA:3D:83:DD:72:4D:91:14:28:8B:F0:F1:DC:02:90:A4:C3"}}},"request":{"raw":"GET /cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2 HTTP/1.1\r\nHost: krab2-a-t.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krab2-a-t.ru/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 31 Dec 2025 13:46:32 GMT\r\ncontent-length: 48444\r\ncontent-type: font/woff2\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=31536000, immutable\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=liC1OhrOKVmT7sGr0R2Ghb0%2B6ebdzUXgHTH5KMjbqqOOzmtEOyE8tMlVbtG8lMIv0zLYuGpuWza6spA%2FY%2FuPacbgwz0fGSzwPHc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b6a3941480eb4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48444,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48444, version 1.0","md5":"8e433c0592f77beb6dc527d7b90be120","sha1":"d7402416753ae1bb4cbd4b10d33a0c10517838bd","sha256":"f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af","sha512":"5e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3","ssdeep":"768:dn0V9qZpy/4pR+9MzTCGXckDohHxCc/TfZQEh9UONYyPYcABoN/8rZujvB:dn0+rAmWUMooVrbZQE7NYyzABK8rQ1","tlshash":"0523f25daa398ea9ed25403bd63f2ff004c61409dd645cdfa62871bf2db290d06633d6","first_seen":"2024-07-30T23:13:06Z","last_seen":"2026-04-04T04:11:22.631247Z","times_seen":19690,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"krab2-a-t.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krab2-a-t.ru/cf-fonts/v/inter/5.0.16/cyrillic/wght/normal.woff2","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://krab2-a-t.ru/","date":"2025-12-31T13:46:32.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krab2-a-t.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 04:28:13 GMT","end":"Sun, 22 Mar 2026 05:24:36 GMT"},"fingerprint":{"sha1":"71:C4:E9:53:9E:A0:42:68:BC:BA:8D:5C:0E:FD:E5:F1:27:B8:F7:31","sha256":"8C:27:CF:DB:50:D6:E4:4D:5E:FA:AB:0F:79:FA:8B:FA:3D:83:DD:72:4D:91:14:28:8B:F0:F1:DC:02:90:A4:C3"}}},"request":{"raw":"GET /cf-fonts/v/inter/5.0.16/cyrillic/wght/normal.woff2 HTTP/1.1\r\nHost: krab2-a-t.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krab2-a-t.ru/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 31 Dec 2025 13:46:32 GMT\r\ncontent-length: 18740\r\ncontent-type: font/woff2\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=31536000, immutable\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A4iRrmjGUyYbfb2q3lfNk4Om0eCwma%2BpVMGrg8%2FmLmOjjyOAg9wWK3SQKPzxkzvPXu5xkUMCrC1SOwUMjD8qHiWkOylQ%2FAkp2DE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b6a3941480fb4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18740,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18740, version 1.0","md5":"06ab411342acdbfe3e746ee904e12cc5","sha1":"d83a47942575eeb80d30ebc7bf9a5b6f83c930fb","sha256":"62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942","sha512":"6dc7ae210dc6578115ac9a4b78431be0f3f767684d3088ff5cd8094d1ce37756ce606571f325e6c97757dffe012d491792efac56efce2fb7a4fce9a7137cfc19","ssdeep":"384:AtbXebWepTmCSQiXLGg63eWz5WkPvRhc4Xci8yxpMNG:Adfeg9LGgHa3vRhj58yQNG","tlshash":"b082d05018f7583df26d8ab0279bb89e1b19bb7ff601d48e41319d4318f193846578af","first_seen":"2024-08-01T04:50:43Z","last_seen":"2026-04-03T16:02:01.661032Z","times_seen":857,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"krab2-a-t.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krab2-a-t.ru/cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://krab2-a-t.ru/","date":"2025-12-31T13:46:32.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krab2-a-t.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 04:28:13 GMT","end":"Sun, 22 Mar 2026 05:24:36 GMT"},"fingerprint":{"sha1":"71:C4:E9:53:9E:A0:42:68:BC:BA:8D:5C:0E:FD:E5:F1:27:B8:F7:31","sha256":"8C:27:CF:DB:50:D6:E4:4D:5E:FA:AB:0F:79:FA:8B:FA:3D:83:DD:72:4D:91:14:28:8B:F0:F1:DC:02:90:A4:C3"}}},"request":{"raw":"GET /cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2 HTTP/1.1\r\nHost: krab2-a-t.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krab2-a-t.ru/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 31 Dec 2025 13:46:32 GMT\r\ncontent-length: 48444\r\ncontent-type: font/woff2\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=31536000, immutable\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CYgIEPpQLyehDvr3qrzeNemFTZ1qdKNvMN%2BjlLp2ERKbkqxZtpPvtPQMErK3D%2BaPhJCiw0OPgL5aIYu%2BYyFwgancz9REruW7BJ4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b6a39414810b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48444,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48444, version 1.0","md5":"8e433c0592f77beb6dc527d7b90be120","sha1":"d7402416753ae1bb4cbd4b10d33a0c10517838bd","sha256":"f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af","sha512":"5e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3","ssdeep":"768:dn0V9qZpy/4pR+9MzTCGXckDohHxCc/TfZQEh9UONYyPYcABoN/8rZujvB:dn0+rAmWUMooVrbZQE7NYyzABK8rQ1","tlshash":"0523f25daa398ea9ed25403bd63f2ff004c61409dd645cdfa62871bf2db290d06633d6","first_seen":"2024-07-30T23:13:06Z","last_seen":"2026-04-04T04:11:22.631247Z","times_seen":19690,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"krab2-a-t.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krab2-a-t.ru/static/img/favicon/apple-touch-icon.png","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krab2-a-t.ru/","date":"2025-12-31T13:46:32.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krab2-a-t.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 04:28:13 GMT","end":"Sun, 22 Mar 2026 05:24:36 GMT"},"fingerprint":{"sha1":"71:C4:E9:53:9E:A0:42:68:BC:BA:8D:5C:0E:FD:E5:F1:27:B8:F7:31","sha256":"8C:27:CF:DB:50:D6:E4:4D:5E:FA:AB:0F:79:FA:8B:FA:3D:83:DD:72:4D:91:14:28:8B:F0:F1:DC:02:90:A4:C3"}}},"request":{"raw":"GET /static/img/favicon/apple-touch-icon.png HTTP/1.1\r\nHost: krab2-a-t.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krab2-a-t.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 31 Dec 2025 13:46:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 11961\r\npriority: u=6,i=?0\r\nlast-modified: Fri, 21 Nov 2025 18:45:31 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AjYTPMevy8kiG64zBX2r7VWYMtDUu5LRuj9YtoEFGD8uB%2Bgt9ArIbu4JWUPW89%2Bp21AMUIwWWrDDqzOEfKbCmiFTX5sVb3xITfc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b6a3942681fb4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11961,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"c6f63fbb132bec4d3afb16658adb5c44","sha1":"d217c1794efdf6ddcb956fd21f225aad5caae96f","sha256":"c5996efe0454edb9b5ff94b0a18da76705c797d1dd082fab05bc81cbedd3ac9f","sha512":"ce62c7988eb5460a7ee6f33e64543b8f5a0255d04a1a624c0a479f61fe5f3694988c2bcc93d33b41f5fd9bd01f1c0b98ebbb7167690c02eb5b236a4cd2bab23c","ssdeep":"192:J+4e0jOng6MzwL9+BHGNY/yfrVK6fKD+uJP/HlIwPqo3d:DeoZzw5+JkY/GoXhP/Hl9C8d","tlshash":"e932c0d515fdcb74f63e30454ce9bcbb268957e6203823844c94d465abb1cba49e90fc","first_seen":"2025-12-31T13:46:56.57203Z","last_seen":"2025-12-31T13:46:56.57203Z","times_seen":1,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":349,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"krab2-a-t.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krab2-a-t.ru/","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T13:46:31.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krab2-a-t.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 04:28:13 GMT","end":"Sun, 22 Mar 2026 05:24:36 GMT"},"fingerprint":{"sha1":"71:C4:E9:53:9E:A0:42:68:BC:BA:8D:5C:0E:FD:E5:F1:27:B8:F7:31","sha256":"8C:27:CF:DB:50:D6:E4:4D:5E:FA:AB:0F:79:FA:8B:FA:3D:83:DD:72:4D:91:14:28:8B:F0:F1:DC:02:90:A4:C3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: krab2-a-t.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 31 Dec 2025 13:46:32 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\n_hw: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p1eTQbR60yBR4F79c3n0kvEKi3ddVPw9pm4jvrhEbyjdI0PYHWRRI42uroIDFlFneps9jH8Oewu1EyTRJxMeW0YjvP0PxcWczvc%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\ncf-ray: 9b6a393e1cd5712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40044,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6711)","md5":"1f5f4f830cd9350972cabdc44f950da6","sha1":"dbac0eb403624b82bf6726b7ed76ee7f2b2eb04a","sha256":"2d3a0bfaf63bc6f108d029be05c5efd67f67033c8ee1ac9895913391c358813c","sha512":"13e048625a0e42f229a74dbb5f9a45f2aa3d8ae778b8fb4d941084b0115407ca5b5c9b724176abaa5ba0aaa96918e634150d02cf83ef643b7dd60a76c77344d1","ssdeep":"384:he1rZBWcQ0PBWdhZz6fuZ6HW8YmIoZfYacWJiFuF246ukUEF9cWPVhArUutDwxrr:nFuF23ukUEF9cePm0dV","tlshash":"6603642540bb30429453dcb6bf956b1b3c589463d64bca22b7ac16cccfe7c64ca9671c","first_seen":"2025-12-31T13:46:56.578084Z","last_seen":"2025-12-31T13:46:56.578084Z","times_seen":1,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":29,"dns":9,"connect":1,"send":0,"wait":357,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"krab2-a-t.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krab2-a-t.ru/cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://krab2-a-t.ru/","date":"2025-12-31T13:46:32.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krab2-a-t.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 04:28:13 GMT","end":"Sun, 22 Mar 2026 05:24:36 GMT"},"fingerprint":{"sha1":"71:C4:E9:53:9E:A0:42:68:BC:BA:8D:5C:0E:FD:E5:F1:27:B8:F7:31","sha256":"8C:27:CF:DB:50:D6:E4:4D:5E:FA:AB:0F:79:FA:8B:FA:3D:83:DD:72:4D:91:14:28:8B:F0:F1:DC:02:90:A4:C3"}}},"request":{"raw":"GET /cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2 HTTP/1.1\r\nHost: krab2-a-t.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krab2-a-t.ru/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 31 Dec 2025 13:46:32 GMT\r\ncontent-length: 48444\r\ncontent-type: font/woff2\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=31536000, immutable\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2x6iJbTv9hBrC0e8ez64xV0O541jqa9TnEgK2yjcrU4P4TQzeB5KezAxlmFAfpH54%2BflYKz0%2BDEUChmE0L5h6ESS%2BXw2%2FumbzKc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b6a3941380cb4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48444,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48444, version 1.0","md5":"8e433c0592f77beb6dc527d7b90be120","sha1":"d7402416753ae1bb4cbd4b10d33a0c10517838bd","sha256":"f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af","sha512":"5e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3","ssdeep":"768:dn0V9qZpy/4pR+9MzTCGXckDohHxCc/TfZQEh9UONYyPYcABoN/8rZujvB:dn0+rAmWUMooVrbZQE7NYyzABK8rQ1","tlshash":"0523f25daa398ea9ed25403bd63f2ff004c61409dd645cdfa62871bf2db290d06633d6","first_seen":"2024-07-30T23:13:06Z","last_seen":"2026-04-04T04:11:22.631247Z","times_seen":19690,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"krab2-a-t.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krab2-a-t.ru/cf-fonts/v/inter/5.0.16/cyrillic/wght/normal.woff2","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://krab2-a-t.ru/","date":"2025-12-31T13:46:32.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krab2-a-t.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 04:28:13 GMT","end":"Sun, 22 Mar 2026 05:24:36 GMT"},"fingerprint":{"sha1":"71:C4:E9:53:9E:A0:42:68:BC:BA:8D:5C:0E:FD:E5:F1:27:B8:F7:31","sha256":"8C:27:CF:DB:50:D6:E4:4D:5E:FA:AB:0F:79:FA:8B:FA:3D:83:DD:72:4D:91:14:28:8B:F0:F1:DC:02:90:A4:C3"}}},"request":{"raw":"GET /cf-fonts/v/inter/5.0.16/cyrillic/wght/normal.woff2 HTTP/1.1\r\nHost: krab2-a-t.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krab2-a-t.ru/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 31 Dec 2025 13:46:32 GMT\r\ncontent-length: 18740\r\ncontent-type: font/woff2\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=31536000, immutable\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LHEEwSIRTBSLAlyFaLvAeUudvDeEp5vfGHVtgH8wGXz7nBbK7wTL4%2BsMmcK9DUYtnbxdEyc7KhlbjNqn5Xxxuq%2FjM5fad6JzUkE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b6a3941480db4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18740,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18740, version 1.0","md5":"06ab411342acdbfe3e746ee904e12cc5","sha1":"d83a47942575eeb80d30ebc7bf9a5b6f83c930fb","sha256":"62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942","sha512":"6dc7ae210dc6578115ac9a4b78431be0f3f767684d3088ff5cd8094d1ce37756ce606571f325e6c97757dffe012d491792efac56efce2fb7a4fce9a7137cfc19","ssdeep":"384:AtbXebWepTmCSQiXLGg63eWz5WkPvRhc4Xci8yxpMNG:Adfeg9LGgHa3vRhj58yQNG","tlshash":"b082d05018f7583df26d8ab0279bb89e1b19bb7ff601d48e41319d4318f193846578af","first_seen":"2024-08-01T04:50:43Z","last_seen":"2026-04-03T16:02:01.661032Z","times_seen":857,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"krab2-a-t.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krab2-a-t.ru/cf-fonts/v/inter/5.0.16/cyrillic/wght/normal.woff2","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://krab2-a-t.ru/","date":"2025-12-31T13:46:32.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krab2-a-t.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 04:28:13 GMT","end":"Sun, 22 Mar 2026 05:24:36 GMT"},"fingerprint":{"sha1":"71:C4:E9:53:9E:A0:42:68:BC:BA:8D:5C:0E:FD:E5:F1:27:B8:F7:31","sha256":"8C:27:CF:DB:50:D6:E4:4D:5E:FA:AB:0F:79:FA:8B:FA:3D:83:DD:72:4D:91:14:28:8B:F0:F1:DC:02:90:A4:C3"}}},"request":{"raw":"GET /cf-fonts/v/inter/5.0.16/cyrillic/wght/normal.woff2 HTTP/1.1\r\nHost: krab2-a-t.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krab2-a-t.ru/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 31 Dec 2025 13:46:32 GMT\r\ncontent-length: 18740\r\ncontent-type: font/woff2\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=31536000, immutable\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XpTm%2BpHwTQlEGGMjzEjgQ9pH3%2F%2Bzb4Ac4dhXFjb4N25bIRxV8VwUrYDi2vmfi4rWfoVt9mrIf%2Fl2sl4pUosvBwhSeRqwXVn7vNc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b6a39415811b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18740,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18740, version 1.0","md5":"06ab411342acdbfe3e746ee904e12cc5","sha1":"d83a47942575eeb80d30ebc7bf9a5b6f83c930fb","sha256":"62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942","sha512":"6dc7ae210dc6578115ac9a4b78431be0f3f767684d3088ff5cd8094d1ce37756ce606571f325e6c97757dffe012d491792efac56efce2fb7a4fce9a7137cfc19","ssdeep":"384:AtbXebWepTmCSQiXLGg63eWz5WkPvRhc4Xci8yxpMNG:Adfeg9LGgHa3vRhj58yQNG","tlshash":"b082d05018f7583df26d8ab0279bb89e1b19bb7ff601d48e41319d4318f193846578af","first_seen":"2024-08-01T04:50:43Z","last_seen":"2026-04-03T16:02:01.661032Z","times_seen":857,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"krab2-a-t.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krab2-a-t.ru/static/js/countdown.js","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krab2-a-t.ru/","date":"2025-12-31T13:46:32.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krab2-a-t.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 04:28:13 GMT","end":"Sun, 22 Mar 2026 05:24:36 GMT"},"fingerprint":{"sha1":"71:C4:E9:53:9E:A0:42:68:BC:BA:8D:5C:0E:FD:E5:F1:27:B8:F7:31","sha256":"8C:27:CF:DB:50:D6:E4:4D:5E:FA:AB:0F:79:FA:8B:FA:3D:83:DD:72:4D:91:14:28:8B:F0:F1:DC:02:90:A4:C3"}}},"request":{"raw":"GET /static/js/countdown.js HTTP/1.1\r\nHost: krab2-a-t.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krab2-a-t.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 31 Dec 2025 13:46:32 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 21 Nov 2025 19:07:51 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SR1VKBc7rqjwiwu99Dj4V9yVz0dQmKGQ20cksbaYPFaEBtW2rS8ZRC1a9tLyO6X3Rv41xA7k7OTFV2M%2FXTzM2dgrVSCVxUe8bjw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b6a39418814b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1839,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"50d9f0bcdc1c8a849b20d4cf3e064250","sha1":"1c805fa979ed51a6fd5c443dfe86242477697052","sha256":"457863fe4a307e0e770b3d6d86b9e7e705067b4c67c693568b2bd6c37efdd72c","sha512":"fdfa4d15a9b581e84b6c0935be4398a90eaeba625f7f841dfd5b43dffe060d326d0c1fe09202f050241fc7f1b8ba0d31b53dfa37379a446167ba92c2bbc2c73c","ssdeep":"","tlshash":"7831e03a323401615bbb637353926314f83d62237443e695be9c86981ff5a44ad3aed8","first_seen":"2025-12-31T13:46:56.580557Z","last_seen":"2025-12-31T13:46:56.580557Z","times_seen":1,"resource_available":true,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":349,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"krab2-a-t.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krab2-a-t.ru/static/img/favicon/favicon-16x16.png","fqdn":"krab2-a-t.ru","domain":"krab2-a-t.ru","tld":"ru"},"ip":{"addr":"172.67.151.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krab2-a-t.ru/","date":"2025-12-31T13:46:32.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krab2-a-t.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 04:28:13 GMT","end":"Sun, 22 Mar 2026 05:24:36 GMT"},"fingerprint":{"sha1":"71:C4:E9:53:9E:A0:42:68:BC:BA:8D:5C:0E:FD:E5:F1:27:B8:F7:31","sha256":"8C:27:CF:DB:50:D6:E4:4D:5E:FA:AB:0F:79:FA:8B:FA:3D:83:DD:72:4D:91:14:28:8B:F0:F1:DC:02:90:A4:C3"}}},"request":{"raw":"GET /static/img/favicon/favicon-16x16.png HTTP/1.1\r\nHost: krab2-a-t.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krab2-a-t.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 31 Dec 2025 13:46:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 488\r\npriority: u=6,i=?0\r\nlast-modified: Fri, 21 Nov 2025 18:45:21 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b8D9Zw360gal7fCXw8RcmzFpzmU%2Fr54oQZk229UzFjaZcHqqNqCiNbwFhnkWeXEyBi9rlHMdKX8eKIlnjKB8qk1F5YmE11TZrq8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b6a39427820b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":488,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"72cf1bc5f35e9cd96600ce2772168c29","sha1":"ce4470e688bb4326b7a4dd26b7d2f8a6b4389abc","sha256":"8a16d09ad74068e3e339de5faa8dc70b2d4afbe03e57e3fe88f839bbfbc89341","sha512":"44b2d7adbc27945beb1a730cd56719da2f0914924a970ec84eff601dd6c5f0d8eff9a851112345e8b9aa3f924e0f6ae925d2cbc297c6f98fe6cfda941760fbc3","ssdeep":"","tlshash":"8ef054856bdd298cfc3007829aa7d98c4886c88ec1cbf0251307fc2b9bd0aaf04f84d0","first_seen":"2025-12-31T13:46:56.581986Z","last_seen":"2025-12-31T13:46:56.581986Z","times_seen":1,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":344,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"krab2-a-t.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}