{"report_id":"4d3e54e4-96a0-4ffc-baf2-b66ae5ee3798","version":6,"status":"done","tags":[],"date":"2026-01-19T15:42:27Z","url":{"schema":"https","addr":"crab3at.ru","fqdn":"crab3at.ru","domain":"crab3at.ru","tld":"ru"},"ip":{"addr":"193.105.134.65","port":0,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"final":{"url":{"schema":"https","addr":"crab3at.ru/","fqdn":"crab3at.ru","domain":"crab3at.ru","tld":"ru"},"title":"Krab3at","dom":{"size":7295,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"7e897bc440b31c001005da7b2814e845","sha1":"76c0055b98200fdf39c90c3753f8ccdda1f4156c","sha256":"5336e33356a2cfb6385dbbaf2341478ef5213eacba2d56bb1545becc6fd6da25","sha512":"19976f52d05348a730a938cdeadb0fd4c4e73e0b6806f02c7e506dd28f5e387384fca59702f7bfe898ff319f8e342cdab3a0b163873ca13212b9cf3b1d616eee","ssdeep":"192:yqYHlXqMPT/g8xLdafcLKfc+1x7b0kJkki6X+lHDF:yqYHlXqMr/gILdaELKE+v7b0kGwOlHZ","tlshash":"bae13172a5ea189e5001e00adc00bf4c6dfac07f6b6b8657356c1d7ebfe6594c1b720a","dom_hash":"domhashb7f4d94d28f3f4fdee677f28abdc9bff","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"crab3at.ru","fqdn":"crab3at.ru","domain":"crab3at.ru","tld":"ru"},"ip":{"addr":"193.105.134.65","port":0,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-23T15:42:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"crab3at.ru","ip":{"addr":"193.105.134.65","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2025-12-31","domain_rank":0,"first_seen":"2026-01-19T15:42:27.295217Z","last_seen":"2026-01-19T15:42:27.295217Z","alert_count":0,"request_count":3,"received_data":68936,"sent_data":1330,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"crab3at.ru/","fqdn":"crab3at.ru","domain":"crab3at.ru","tld":"ru"},"ip":{"addr":"193.105.134.65","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-19T15:42:05.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crab3at.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 14:37:53 GMT","end":"Sat, 18 Apr 2026 14:37:52 GMT"},"fingerprint":{"sha1":"7F:16:F8:47:0E:B3:BD:BD:64:CA:CE:FD:98:9C:76:60:0E:B5:C8:85","sha256":"4C:D4:0B:B1:56:DA:FC:3D:6C:22:52:43:13:07:4F:E2:61:94:E2:3D:69:4F:B6:F8:0D:54:48:A8:3B:1E:B1:D5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: crab3at.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.26.3\r\nDate: Mon, 19 Jan 2026 15:42:12 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7311,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"bb5062b30fcfeb8a7bb42bbec7f1fddd","sha1":"b2fc7666e2c42925013c5755261324148812e506","sha256":"f17d3d8e7664f6fe82c1ea8c1a389d6b63ee72a68869448320fcbec8fbdb84fd","sha512":"0dc61d8a858334b19cb1c62d8a1f5859a9c184e71cbf14693198b581a962ace586c82e697462de5b22012a82df8098f6bce01a7db8ff44af01b2ff88bba5eb9a","ssdeep":"192:QqYH2qMPT/g8xLdafcLKfcZ1x7b0kJkki6X+lHDT:QqYH2qMr/gILdaELKEZv7b0kGwOlHX","tlshash":"05e1327295ea189e5001e00adc00bf4c6dfac07f6b5b8643346c1c3ebfe6594c1b7209","first_seen":"2026-01-19T15:42:31.19695Z","last_seen":"2026-01-19T15:42:31.19695Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6578,"timings":{"blocked":40,"dns":16,"connect":10,"send":0,"wait":6492,"receive":1,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crab3at.ru/krab.jpg","fqdn":"crab3at.ru","domain":"crab3at.ru","tld":"ru"},"ip":{"addr":"193.105.134.65","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crab3at.ru/","date":"2026-01-19T15:42:12.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crab3at.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 14:37:53 GMT","end":"Sat, 18 Apr 2026 14:37:52 GMT"},"fingerprint":{"sha1":"7F:16:F8:47:0E:B3:BD:BD:64:CA:CE:FD:98:9C:76:60:0E:B5:C8:85","sha256":"4C:D4:0B:B1:56:DA:FC:3D:6C:22:52:43:13:07:4F:E2:61:94:E2:3D:69:4F:B6:F8:0D:54:48:A8:3B:1E:B1:D5"}}},"request":{"raw":"GET /krab.jpg HTTP/1.1\r\nHost: crab3at.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crab3at.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.26.3\r\nDate: Mon, 19 Jan 2026 15:42:12 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 46744\r\nLast-Modified: Sun, 18 Jan 2026 13:19:38 GMT\r\nConnection: keep-alive\r\nETag: \"696cddea-b698\"\r\nExpires: Tue, 20 Jan 2026 15:42:12 GMT\r\nCache-Control: max-age=86400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46744,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=0, orientation=[*0*], width=0], baseline, precision 8, 1112x382, components 3","md5":"3cb33c993d8a48226968d5a78da5dd73","sha1":"7a2c133929490c354e6ad9d419560ca90835bbf7","sha256":"2157b965e80d237d9f74f6a089f66f0fcaf03d7652bcff3c817aac0b2f4ca039","sha512":"761d023e89e112eb89ebc70f043ec664cd6b951bf4b63ce4f241114a92c64c25a971bc1451973ca41d9342e9f100f7f1ea4a27b93ab34d8c87e4f35ccb4b32df","ssdeep":"768:6D8ilFA1HCuXRl/UiQAtj+dEU23HEtIZhabmpDOxQQRgdLKPxEGv8da9kW2uDbyS:6D8EAg+yrARcESB3OLUPeZdykfuD9Rtv","tlshash":"4e23e138e187adecfd5396fa438628dde7a1643de4b20e574722c0db2651bdc86c490c","first_seen":"2026-01-19T15:42:31.198553Z","last_seen":"2026-02-27T20:31:26.010401Z","times_seen":8,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crab3at.ru/favicon.ico","fqdn":"crab3at.ru","domain":"crab3at.ru","tld":"ru"},"ip":{"addr":"193.105.134.65","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crab3at.ru/","date":"2026-01-19T15:42:12.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crab3at.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 14:37:53 GMT","end":"Sat, 18 Apr 2026 14:37:52 GMT"},"fingerprint":{"sha1":"7F:16:F8:47:0E:B3:BD:BD:64:CA:CE:FD:98:9C:76:60:0E:B5:C8:85","sha256":"4C:D4:0B:B1:56:DA:FC:3D:6C:22:52:43:13:07:4F:E2:61:94:E2:3D:69:4F:B6:F8:0D:54:48:A8:3B:1E:B1:D5"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: crab3at.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crab3at.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.26.3\r\nDate: Mon, 19 Jan 2026 15:42:22 GMT\r\nContent-Type: image/vnd.microsoft.icon\r\nContent-Length: 14129\r\nConnection: keep-alive\r\nLast-Modified: Sun, 18 Jan 2026 13:19:38 GMT\r\nETag: \"3731-648a96d2b6124\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14129,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"JPEG image data, baseline, precision 8, 600x600, components 1","md5":"bf979f0e5dc662535e3db19a5eb45655","sha1":"5471aeb75a107db57fb22c695456f02e39125f89","sha256":"e1ff2d5e1f3774eb50f62bfc25a7ba1302534e4722abe72b5ff9ec6af0cd427b","sha512":"37b0b69c4fc2b1ac98a293c68c9631acdf8220fd136c6a8cb27d2d26c0d9d7a5788fe5093d58acb1e95d5cf92f060c7a2920be3d4d7072ff66090fc6b135ed77","ssdeep":"192:yg11Zes+FEvKCU/IEj7EPcvA+jDeRP4OJ8ThT4T15WbyGnMuf9gk:l5esCEVW7MP4OEu1oyoMu1gk","tlshash":"cf52bf1283ddd64bf5826af5f2837f0113bb7c983d2b865cd5c62b8fe2d41d62920469","first_seen":"2026-01-19T15:42:31.200102Z","last_seen":"2026-01-26T19:48:46.559807Z","times_seen":4,"resource_available":false,"data":null}},"time_used":10114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10113,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}