{"report_id":"45b183fe-da39-4e6a-b1c2-d2ef531db39c","version":0,"status":"done","tags":[],"date":"2026-06-11T12:37:02Z","url":{"schema":"http","addr":"one.sevenfin.ru","fqdn":"one.sevenfin.ru","domain":"sevenfin.ru","tld":"ru"},"ip":{"addr":"188.253.27.90","port":0,"asn":42532,"as":"SIA VEESP","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"one.sevenfin.ru/","fqdn":"one.sevenfin.ru","domain":"sevenfin.ru","tld":"ru"},"title":"Apple","dom":{"size":258877,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (18945)","md5":"bd61a9ba174f6c85f515f22a4cee9e15","sha1":"c1b243f0bfb1ddfcb6aaee33d3700037a2104988","sha256":"0c929b38406a9a21834eea3614352d63512ad91fcecea827b0cd73748927a659","sha512":"369386d543eeb4b4d2e2e0a78f4fe049c28277ab7f5fd15cba466c8308590677f24e3183f5fc3499b2031f99c56ddd0fa15a857eaa69124bedb38e1bf4088d8b","ssdeep":"1536:XQWbcjSjXndVdEodiCZIsGwIb7NgL5f3q8dHO9Ga5lLZ6ChrW+nxEEUpZR+rM7a9:APphrW+nUpZjqnp","tlshash":"33441c7b624c782f130347dde4162968e6afac7ddab580e8b9bb43612353de0353ad11","dom_hash":"domhash04067b66315644b2c2b7250f0c0d20fa","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"one.sevenfin.ru","fqdn":"one.sevenfin.ru","domain":"sevenfin.ru","tld":"ru"},"ip":{"addr":"188.253.27.90","port":0,"asn":42532,"as":"SIA VEESP","country":"The Netherlands","country_code":"NL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-16T12:37:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"one.sevenfin.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"one.sevenfin.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"one.sevenfin.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"one.sevenfin.ru","ip":{"addr":"188.253.27.90","port":443,"asn":42532,"as":"SIA VEESP","country":"The Netherlands","country_code":"NL"},"domain_registered":"2026-06-07","domain_rank":0,"first_seen":"2026-06-09T01:07:20.876325Z","last_seen":"2026-06-09T01:07:20.876325Z","alert_count":3,"request_count":1,"received_data":259879,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"Apple MapKit JS","description":"Apple MapKit JS lets you embed interactive maps directly into your websites across platforms and operating systems, including iOS and Android.","website":"https://developer.apple.com/maps/web/","common_platform_enumeration":"","icon":"Apple.svg","categories":["Maps"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"one.sevenfin.ru/","fqdn":"one.sevenfin.ru","domain":"sevenfin.ru","tld":"ru"},"ip":{"addr":"188.253.27.90","port":443,"asn":42532,"as":"SIA VEESP","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"016f89e501c9991c339fc3b24f7476d0","sha1":"0a77466b6712c6607ade20314df0331fa590dad0","sha256":"832adfd55053225d643c1b8af81b4c4548d06168f630417cf255ac6c2d011b7e","sha512":"bf684c52f955e17fc8e4145d5210e465d0f75e5d572436fea7527fe8636179a513202d93c661924959a8601f7fc666c76139fc5c60be947b441017642bf9c9f6","ssdeep":"","tlshash":"5ff0fc80a67a11e9085d53d44a2e360a642752f425c7729f0ddc6a0430cdcc71961edf","size":560,"data":"","first_seen":"2026-06-09T02:10:36.397189Z","last_seen":"2026-06-12T01:02:49.038392Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"one.sevenfin.ru/","fqdn":"one.sevenfin.ru","domain":"sevenfin.ru","tld":"ru"},"ip":{"addr":"188.253.27.90","port":443,"asn":42532,"as":"SIA VEESP","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"925b3ef8cf4b724238dc29b06e78091d","sha1":"101fd25ff7ffb193ef9862927f687761916f68d2","sha256":"340b9848c96098abb16415261ba46d5c91896acc32b4ccb6f0fbc6b57bae8bde","sha512":"1ea7eece3f5440b11416cbf2864f9f2d60d7b1d547435f136bc3c0a5c415c0b7469a1dae535ff0cefd6ba1710be41a94eec34556d3a5eeed8a13abad60f4b30f","ssdeep":"96:6eIsF1QrUuIQqCIODeYMn42oYDCctiNW5f+pBCcq8AduUbGdI:6fG1YUuZpkl1DZ+9mbGG","tlshash":"ed91a48cbb49b22913e710a4e45f190e73356e144b5d8e6ae35de091bcf034a15f26fb","size":4578,"data":"","first_seen":"2026-06-07T17:29:23.088331Z","last_seen":"2026-06-12T01:02:49.03902Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"one.sevenfin.ru/","fqdn":"one.sevenfin.ru","domain":"sevenfin.ru","tld":"ru"},"ip":{"addr":"188.253.27.90","port":443,"asn":42532,"as":"SIA VEESP","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"016f89e501c9991c339fc3b24f7476d0","sha1":"0a77466b6712c6607ade20314df0331fa590dad0","sha256":"832adfd55053225d643c1b8af81b4c4548d06168f630417cf255ac6c2d011b7e","sha512":"bf684c52f955e17fc8e4145d5210e465d0f75e5d572436fea7527fe8636179a513202d93c661924959a8601f7fc666c76139fc5c60be947b441017642bf9c9f6","ssdeep":"","tlshash":"5ff0fc80a67a11e9085d53d44a2e360a642752f425c7729f0ddc6a0430cdcc71961edf","size":560,"data":"","first_seen":"2026-06-09T02:10:36.397189Z","last_seen":"2026-06-12T01:02:49.038392Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"one.sevenfin.ru/","fqdn":"one.sevenfin.ru","domain":"sevenfin.ru","tld":"ru"},"ip":{"addr":"188.253.27.90","port":443,"asn":42532,"as":"SIA VEESP","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"925b3ef8cf4b724238dc29b06e78091d","sha1":"101fd25ff7ffb193ef9862927f687761916f68d2","sha256":"340b9848c96098abb16415261ba46d5c91896acc32b4ccb6f0fbc6b57bae8bde","sha512":"1ea7eece3f5440b11416cbf2864f9f2d60d7b1d547435f136bc3c0a5c415c0b7469a1dae535ff0cefd6ba1710be41a94eec34556d3a5eeed8a13abad60f4b30f","ssdeep":"96:6eIsF1QrUuIQqCIODeYMn42oYDCctiNW5f+pBCcq8AduUbGdI:6fG1YUuZpkl1DZ+9mbGG","tlshash":"ed91a48cbb49b22913e710a4e45f190e73356e144b5d8e6ae35de091bcf034a15f26fb","size":4578,"data":"","first_seen":"2026-06-07T17:29:23.088331Z","last_seen":"2026-06-12T01:02:49.03902Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"one.sevenfin.ru/","fqdn":"one.sevenfin.ru","domain":"sevenfin.ru","tld":"ru"},"ip":{"addr":"188.253.27.90","port":443,"asn":42532,"as":"SIA VEESP","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-11T12:36:35.696Z","timestamp":1781181395696,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"one.sevenfin.ru","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 06:17:34 GMT","end":"Sun, 06 Sep 2026 06:17:33 GMT"},"fingerprint":{"sha1":"9D:A0:30:BD:AE:DC:F6:B9:7A:21:85:0C:A8:C5:18:90:09:24:AF:49","sha256":"FF:A0:E0:61:41:3B:41:70:37:DD:13:89:D1:10:CC:A3:8E:A0:88:DD:03:2E:A0:01:99:0C:F5:43:FC:1B:38:97"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: one.sevenfin.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nalt-svc: h3=\":443\"; ma=2592000\r\ncache-control: max-age=14\r\ncontent-encoding: gzip\r\ncontent-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: mailto: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com https://smb.apple.com https://nova.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 11 Jun 2026 12:36:35 GMT\r\nexpires: Thu, 11 Jun 2026 12:36:49 GMT\r\nreferrer-policy: no-referrer-when-downgrade\r\nserver: Apple\r\nset-cookie: geo=NO; path=/; domain=.apple.com\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nvary: Accept-Encoding\r\nvia: 2.0 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apple MapKit JS","description":"Apple MapKit JS lets you embed interactive maps directly into your websites across platforms and operating systems, including iOS and Android.","website":"https://developer.apple.com/maps/web/","common_platform_enumeration":"","icon":"Apple.svg","categories":["Maps"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":258685,"size_decoded":46395,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (18644)","md5":"801af20859e9b3fc2bf38c283a6a8134","sha1":"774cae8a3860d5a711326e17a0e1dfae9f9ddd5a","sha256":"b777fa5bd94b1ffb9ead878140167751313f7f810ec284e4966468c352fd3818","sha512":"2ff7d7b56378b9629840545b81099378fcc555b50399487a74ce4d6c63d6c1ada6ee59a83c23757564bdc1be7e485b9163282c288820d1f7b282d3e53fb70124","ssdeep":"1536:E/xDrjBjWnd0mEodBCaIsGnIE7qDLCf3q8dHO9Ga5lLZ6ChkPTTEEUpZR+rM7aT/:WPEhkPTypZj389","tlshash":"3c441d7b724cb82f130347dde4162928e69fac7adab580e8b9bb43611353de0753ad11","first_seen":"2026-06-11T12:35:33.973595Z","last_seen":"2026-06-11T13:47:09.481317Z","times_seen":3,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":3,"connect":27,"send":0,"wait":60,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"one.sevenfin.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"one.sevenfin.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"one.sevenfin.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}