{"report_id":"577f95d4-2b4a-48f2-a9f1-de6be7751095","version":0,"status":"done","tags":["suspicious"],"date":"2026-06-22T12:25:45Z","url":{"schema":"http","addr":"combochip.ru/attachment.html","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"ip":{"addr":"72.56.5.200","port":0,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"combochip.ru/attachment.html","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"title":"로그인","dom":{"size":83635,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2243)","md5":"f28bff02182ba1bcf3ae3a2221a08069","sha1":"e61e751d79e60047b1501349809d7abe9d6f641d","sha256":"b4fac505144072a2ff1b04f11c6b95d3ce9f58d418f1d1da90fccf0eb5220802","sha512":"55a3452244ed913b8d979c9ae686e9ca9b70f00b6f8699a5250e1b25352f73c4561d64bf80ef8c579cccfb55ed7d9c4f2756c010f3fefb29a844d5e6989d34ed","ssdeep":"1536:EY8zxYpmRV9hfNSNQqJwd29LWAwpdoDEz/2OInXOXQYb1NApfR4vV1ZN4e9/LLqt:EY8ljNSNQq6d29LWAkdoDEz/JInX2QYc","tlshash":"e683f83922f5916b909fc29eb6f225195598d81bd1860644f6fc0b246fd3cc0fc8babd","dom_hash":"domhash7c8ed6269812cc5c215fbb9990487135","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"combochip.ru/attachment.html","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"ip":{"addr":"72.56.5.200","port":0,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-27T12:25:45Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-22","alert":"Detects file containing Telegram Bot API","trigger":"theexternalfiles.elevatedprude.shop/fedex2/css/funcs.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"combochip.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-06-22T07:35:09.947266Z","alert_count":0,"request_count":1,"received_data":88517,"sent_data":498,"comment":"","tags":null,"fingerprints":null},{"fqdn":"combochip.ru","ip":{"addr":"72.56.5.200","port":443,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"domain_registered":"2014-10-30","domain_rank":0,"first_seen":"2026-06-22T04:49:14.739285Z","last_seen":"2026-06-22T04:49:14.739285Z","alert_count":8,"request_count":8,"received_data":280391,"sent_data":4533,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"1C-Bitrix","description":"1C-Bitrix is a system of web project management, universal software for the creation, support and successful development of corporate websites and online stores.","website":"https://www.1c-bitrix.ru","common_platform_enumeration":"","icon":"1C-Bitrix.svg","categories":["CMS","Ecommerce"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"scriptseai6686.fedex.com","ip":{"addr":"3.164.240.119","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"1991-02-26","domain_rank":0,"first_seen":"2025-10-13T09:25:46.488497Z","last_seen":"2026-06-18T12:38:20.445605Z","alert_count":0,"request_count":2,"received_data":1339,"sent_data":1429,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"theexternalfiles.elevatedprude.shop","ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-10-28T23:59:19.067892Z","last_seen":"2026-06-22T10:35:44.930601Z","alert_count":2,"request_count":14,"received_data":2305626,"sent_data":7959,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}]},{"fqdn":"extjs.elevatedprude.shop","ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-15T22:28:30.815102Z","last_seen":"2026-06-18T12:38:22.262105Z","alert_count":0,"request_count":1,"received_data":1545,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"combochip.ru/attachment.html","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"ip":{"addr":"72.56.5.200","port":443,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"de6000f0003000000003c30000330cf300000c0f00ccc30cfc0000c000c00000000c03","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-06-22T15:35:54.279037Z","times_seen":312916,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-06-22T15:39:52.390246Z","times_seen":172888,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/funcs.js","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"08fc18c44d04c0a1f6b759dcc72c40e5","sha1":"9e2b584e10a10cc97994b256838d54aceecc94f4","sha256":"f701543ad7f7e8ff6f1f3bd2e3095c60c42b897eac51344ed7efdcfc65fa120b","sha512":"dc3da821c5b2fef224cdf58b2ee4399cf8c919e95d63372332aa71182837ceeeb1b69b3cf28c8fb15c37e27db951d123986cd9ab9b57b87db869a88985ff5bab","ssdeep":"384:XYTIDkoAzNFYjtqbz9ibJzAfSbkH47Vf53kN2k1AiUN7OkG7Xvc0NG:XGYbFYDUJKw","tlshash":"1282009f23575986aaab702c76933319a1ed0f13cc3cc85d9c902e50526127627e7abf","size":18600,"data":"","first_seen":"2026-06-18T12:38:24.468343Z","last_seen":"2026-06-22T13:27:07.142482Z","times_seen":5,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-22","alert":"Detects file containing Telegram Bot API","trigger":"theexternalfiles.elevatedprude.shop/fedex2/css/funcs.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"extjs.elevatedprude.shop/validator.js","fqdn":"extjs.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bfbf014a279ef0047ea805aae7bc5654","sha1":"e4aa6c4abe5d8ed937054bbcca0df33c15864040","sha256":"51da6d84d149da13b28aaf97c4916174d45a85c7f3ba35ccd94bcb21415c035a","sha512":"5476ca186ccf22d914c9cfa92af9a8432adab95ce87edb574138b1de154d2d734f30723fdf3f94b2aa826d59b56f7a27734becc520b87416aa8e853a98a89c0a","ssdeep":"","tlshash":"3221514435c722144243942c688f9004256e85f30c8eba0eff4e61f4cf0093fa0f6a28","size":1258,"data":"","first_seen":"2026-02-15T22:28:36.542525Z","last_seen":"2026-06-22T13:27:07.136569Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"combochip.ru/attachment.html","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"ip":{"addr":"72.56.5.200","port":443,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ac51e53dc3e283fe2e7cbe79e3e96a58","sha1":"544fd99f8d87c072fdbfac5ad806f6542200a9a5","sha256":"17337679ef0bd5d624754dd84f4f2f8f988e0e9ef79bf81f3fa9e990cab8cc73","sha512":"ca708625453382686f643c09e010ae95fc2f9b954c668b0a676e1c6529d0746cad282765e00e574ff68c3744b61b2186f40a6df83fafb9b8155fd880d17fdc5a","ssdeep":"","tlshash":"eee0684206cc18912d2a8409f52fb00bb7a7a5014c8dbe99f049620c5f2d768b11588d","size":372,"data":"","first_seen":"2026-06-22T12:25:52.309118Z","last_seen":"2026-06-22T13:27:07.150137Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"combochip.ru/content/dam/fedex-com/common/sprite-placeholder.png","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"ip":{"addr":"72.56.5.200","port":443,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:21.532Z","timestamp":1782131121532,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"combochip.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 09:14:54 GMT","end":"Wed, 24 Jun 2026 09:14:53 GMT"},"fingerprint":{"sha1":"D2:BD:72:F0:6B:96:21:2A:44:BE:F8:DD:3B:83:EB:BC:C2:EF:FA:C9","sha256":"99:7A:36:D0:03:F2:FB:D9:38:9D:C2:14:00:1C:77:41:06:93:DB:F2:6A:6C:96:E9:0F:08:15:3E:81:BE:0F:DF"}}},"request":{"raw":"GET /content/dam/fedex-com/common/sprite-placeholder.png HTTP/1.1\r\nHost: combochip.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/attachment.html\r\nCookie: PHPSESSID=F46VYGWUDF00Z75DBeAT87YrnFjV2kYf\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 22 Jun 2026 12:25:21 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\np3p: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"\r\nx-powered-cms: Bitrix Site Manager (2f910b7aba0fc12718dfc3493ad867cc)\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self';\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"1C-Bitrix","description":"1C-Bitrix is a system of web project management, universal software for the creation, support and successful development of corporate websites and online stores.","website":"https://www.1c-bitrix.ru","common_platform_enumeration":"","icon":"1C-Bitrix.svg","categories":["CMS","Ecommerce"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":26026,"size_decoded":7119,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4139), with CRLF, LF line terminators","md5":"3740154d31705ee5bf2a0d6fd98c6b93","sha1":"c7265b68799ea7db359609a941cb978ea618a598","sha256":"47c124f2fad139d3733054c85559dc69666319aa9b94c3b135859b074e5873e4","sha512":"2ae1064f9dd65fb4f917163ef787d47c61d581569fd615e8aea46b50751af75942828c67864b8eddac0a209d624bc365f7f0cd3d3f7be79163a37a902e6fc4ef","ssdeep":"768:Z0MPZKqjjgJh1O+BH7/K/0PizEiQA5BDdl/HZFIvBEdntQO2gHENn9QJaBpwm:Z0MPZKqjjgJh1O+BH7/KsPMGvBEdntQr","tlshash":"b4c2b63060e56d6606a341dcf8367b066a93e737ef0786d0b0ec54a84fe9de2d917a4c","first_seen":"2026-06-22T12:25:52.268258Z","last_seen":"2026-06-22T12:25:52.268258Z","times_seen":1,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"combochip.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"scriptseai6686.fedex.com/cdn/cd/apple-touch-icon.png?bz0zN2UzZTE1MDkxMDY0NDljNzgzOTg4MzVjZWZmZWYyZixhPTlmODljODRhNTU5ZjU3MzYzNmE0N2ZmOGRhZWQwZDMz","fqdn":"scriptseai6686.fedex.com","domain":"fedex.com","tld":"com"},"ip":{"addr":"3.164.240.119","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:21.732Z","timestamp":1782131121732,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"scriptseai6686.fedex.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 18 Sep 2025 00:00:00 GMT","end":"Fri, 18 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2A:7D:3F:EE:FA:DE:20:37:AF:C3:F4:D0:7A:19:DD:49:D0:92:00:8B","sha256":"E7:E8:F0:69:BF:3B:16:FF:3B:46:8E:CE:85:9F:B6:76:21:0C:3C:AC:1A:57:0D:78:7E:5B:4B:8B:52:25:66:99"}}},"request":{"raw":"GET /cdn/cd/apple-touch-icon.png?bz0zN2UzZTE1MDkxMDY0NDljNzgzOTg4MzVjZWZmZWYyZixhPTlmODljODRhNTU5ZjU3MzYzNmE0N2ZmOGRhZWQwZDMz HTTP/1.1\r\nHost: scriptseai6686.fedex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://combochip.ru\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/jpeg\r\ncontent-length: 0\r\ndate: Mon, 22 Jun 2026 12:25:22 GMT\r\nstrict-transport-security: max-age=31536000\r\nserver: nginx\r\npragma: no-cache\r\ncache-control: no-cache, pre-check=0, post-check=0, max-age=0, s-maxage=0, no-store, must-revalidate\r\nreferrer-policy: unsafe-url\r\nx-content-type-options: no-sniff\r\naccess-control-allow-origin: https://combochip.ru\r\naccess-control-allow-credentials: true\r\nx-permitted-cross-domain-policies: master-only\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 cfc62e0b84c9c493a10eb6aef6aad512.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: n8E14anx9HEEeSML80eNR4lmBa1gYfdd5XkrsFzGHM8Cxqrgf4_OWQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":696,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T15:29:54.382955Z","times_seen":16639861,"resource_available":true,"data":null}},"time_used":693,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":693,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Regular-FT2ZS5ZP.woff","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:21.736Z","timestamp":1782131121736,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Regular-FT2ZS5ZP.woff HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://combochip.ru\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/styles-HFSJOUXO.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Mon, 29 Jun 2026 12:25:21 GMT\r\ncontent-type: font/woff\r\nlast-modified: Sat, 31 Jan 2026 19:03:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 45080\r\ndate: Mon, 22 Jun 2026 12:25:21 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":45080,"size_decoded":45429,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 45080, version 1.0","md5":"54a4a46eadf2bad915dba79458aac017","sha1":"d234584f867218de98a78a481570273919f35b49","sha256":"c361fe5762f2acd3432bf233c0012887c1c2c3523314872675d1924d33b47098","sha512":"7d4074797da56b380877f4fae242b52486a31ce2246675e34f85cc0f13459a2bc6f070d8fc6f8318e9145b840888ef298e7cd3b34b2df703cdd2c6e70bb4fee4","ssdeep":"768:lDX+vnoUZjJSwE0mIMXVf5YETLIwkTSBByRMdkCGLEFwMAiAa:lml3SwE0VMXzIw2UByRVLE6Q","tlshash":"1813f28b976bbfda50a6707d209017d79704c4a992d1af9bfd4f14b831340ad2c788de","first_seen":"2023-05-08T21:33:40Z","last_seen":"2026-06-22T13:27:07.14357Z","times_seen":261,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/logo.png","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:21.921Z","timestamp":1782131121921,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/logo.png HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Mon, 29 Jun 2026 12:25:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 04 Feb 2026 00:27:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 17964\r\ndate: Mon, 22 Jun 2026 12:25:22 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":17964,"size_decoded":18313,"mime_type":"image/png","magic":"PNG image data, 176 x 50, 8-bit/color RGBA, non-interlaced","md5":"f9f3a4bf508eec8270bf7c8fe4397384","sha1":"8b47c45b41e159b9dc2d6fe563b1197bd2a3ec16","sha256":"99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90","sha512":"43e6b09ac312c53efd9654a46d84fb17fda4057bc07cc49147ed955a9317943da5b6adec1bd3f5235d1aa7ee270024f600e9d0a049c6caebfa99eda87d407394","ssdeep":"192:GCakQAsCxwwenxObL6R/TkkiCEiRJ01U752Fj:GCphGTkkHrkC2j","tlshash":"af824b45e57538d0415deabdbad2281a281371d3c9c34d80baef88913f927a4cc4d8e5","first_seen":"2023-05-05T02:07:39Z","last_seen":"2026-06-22T13:27:07.144084Z","times_seen":748,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":167,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Light.woff2","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:21.979Z","timestamp":1782131121979,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Light.woff2 HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://combochip.ru\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/common-core_SHF.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Mon, 29 Jun 2026 12:25:22 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 31 Jan 2026 19:03:09 GMT\r\naccept-ranges: bytes\r\ncontent-length: 37212\r\ndate: Mon, 22 Jun 2026 12:25:22 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":37212,"size_decoded":37562,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37212, version 1.0","md5":"7bd147fecf10f520157f6374a969483d","sha1":"2b35d5e7013fbddd3a5b03730641182eaf04a7c0","sha256":"06ac0dc3349799cc0273a77a565d65cdf1f362dcffbfadf590d832c01b0acb6b","sha512":"aa90668f7aa938a79ec855d078faed1264248b4718714e80b299a9ff8368545a57f1ddeae748c246c0209e1d5a89f438b32a5c1cea17203fab6b9acd42fe684d","ssdeep":"768:pBsKAtmt21dVVsyyI+ZH0YR4axgzXXu041NxNzuXvyO2uJ:D0YRDRnxMOfyXf2uJ","tlshash":"a8f2f1cd9ed3759045fb18e247133cefe50b281c2849efad580dd427ab64c5ea49ae0e","first_seen":"2023-11-15T04:08:52Z","last_seen":"2026-06-22T13:27:07.145972Z","times_seen":305,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Bold.woff2","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:21.980Z","timestamp":1782131121980,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Bold.woff2 HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://combochip.ru\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/common-core_SHF.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Mon, 29 Jun 2026 12:25:22 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 31 Jan 2026 19:03:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 38540\r\ndate: Mon, 22 Jun 2026 12:25:22 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":38540,"size_decoded":38890,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 38540, version 1.0","md5":"d46339c854a0dbc522d67d17c8cf929a","sha1":"44b817d8237ae0f23e2b179cc68f96b31c139222","sha256":"581f47436501e3855b637339bbe82b36020eaf4dcd14da4e1463b02f96b423b6","sha512":"d34487128ef03b9478b1d6643511b5b67a6927a2e60e874ce11fd7d77da32a5330ead8b1c1ecc773b6500e446b75e54f2e64fe16a9aa02b0cebd4e096931cd77","ssdeep":"768:iOSWhJe2C0HNpSYCF5NbD7nCn3JrFQTw0wgRtRB2477NKL:iO2RI0ZzCn3AT82RBN8","tlshash":"c303f2889b4a34aac9744239cc1f03a1773737dfa9253b765ef490d6939a05bf42ed04","first_seen":"2023-11-15T04:08:53Z","last_seen":"2026-06-22T13:27:07.13488Z","times_seen":238,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Medium.woff2","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:21.985Z","timestamp":1782131121985,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Medium.woff2 HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://combochip.ru\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/common-core_SHF.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Mon, 22 Jun 2026 12:25:22 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1251,"size_decoded":1542,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-06-22T15:42:26.396275Z","times_seen":135188,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/styles-HFSJOUXO.css","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:20.237Z","timestamp":1782131120237,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/styles-HFSJOUXO.css HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Mon, 29 Jun 2026 12:25:20 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 31 Jan 2026 19:03:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 98083\r\ndate: Mon, 22 Jun 2026 12:25:20 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1044268,"size_decoded":98476,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"54397abf16a4ff008ed74cd4ecb17cbb","sha1":"026e079afa5dd85c313a5b66cfe43f1a5513a517","sha256":"86c0e13240046e28066423791141a0b8219816be3a125dfafc2be666e31ce85c","sha512":"4da4dc3ec7a7a7b9318417245651d1c560156155907ffc2a1a043ead2172c5e696c4db709be21cb555b3a644bcdb7c3cbc44a88234e483e36c6c8d53413a1824","ssdeep":"3072:VpY0cFm5eMSJ3U4lyTAzajkilKz4RofGRTg3:Y0cFqeMSJ3U4lyTAzajkilKz4RofGRTE","tlshash":"e425fefbf5c2155ac19fc90141a43fb855ef781092078ea8c6036bad878f7dd2a6364b","first_seen":"2026-06-18T12:38:24.476898Z","last_seen":"2026-06-22T13:27:07.146599Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1172,"timings":{"blocked":-1,"dns":26,"connect":163,"send":0,"wait":164,"receive":487,"ssl":332},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"scriptseai6686.fedex.com/cdn/cd/style.css?bz0zN2UzZTE1MDkxMDY0NDljNzgzOTg4MzVjZWZmZWYyZixhPTlmODljODRhNTU5ZjU3MzYzNmE0N2ZmOGRhZWQwZDMzLGQ9MzdlM2UxNTA5MTA2NDQ5Yzc4Mzk4ODM1Y2VmZmVmMmYtMTkzNDgwNzcxMTY1MTkwMCx1cmw9aHR0cHM6Ly93d3cuZmVkZXguY29tL3NlY3VyZS1sb2dpbi9rby1rci8jL2NyZWRlbnRpYWxzLHA9ZmFsc2U=","fqdn":"scriptseai6686.fedex.com","domain":"fedex.com","tld":"com"},"ip":{"addr":"3.164.240.119","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:20.240Z","timestamp":1782131120240,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"scriptseai6686.fedex.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 18 Sep 2025 00:00:00 GMT","end":"Fri, 18 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2A:7D:3F:EE:FA:DE:20:37:AF:C3:F4:D0:7A:19:DD:49:D0:92:00:8B","sha256":"E7:E8:F0:69:BF:3B:16:FF:3B:46:8E:CE:85:9F:B6:76:21:0C:3C:AC:1A:57:0D:78:7E:5B:4B:8B:52:25:66:99"}}},"request":{"raw":"GET /cdn/cd/style.css?bz0zN2UzZTE1MDkxMDY0NDljNzgzOTg4MzVjZWZmZWYyZixhPTlmODljODRhNTU5ZjU3MzYzNmE0N2ZmOGRhZWQwZDMzLGQ9MzdlM2UxNTA5MTA2NDQ5Yzc4Mzk4ODM1Y2VmZmVmMmYtMTkzNDgwNzcxMTY1MTkwMCx1cmw9aHR0cHM6Ly93d3cuZmVkZXguY29tL3NlY3VyZS1sb2dpbi9rby1rci8jL2NyZWRlbnRpYWxzLHA9ZmFsc2U= HTTP/1.1\r\nHost: scriptseai6686.fedex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css\r\ncontent-length: 0\r\ndate: Mon, 22 Jun 2026 12:25:20 GMT\r\nstrict-transport-security: max-age=31536000\r\nserver: nginx\r\npragma: no-cache\r\ncache-control: no-cache, pre-check=0, post-check=0, max-age=0, s-maxage=0, no-store, must-revalidate\r\nreferrer-policy: unsafe-url\r\nx-content-type-options: no-sniff\r\naccess-control-allow-credentials: true\r\nx-permitted-cross-domain-policies: master-only\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 cfc62e0b84c9c493a10eb6aef6aad512.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: B9SkSVgLoSF0YVAsBy7wLaRIcn8hC695bGYuZcdDZ0YqxUfciXivJA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":643,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T15:29:54.382955Z","times_seen":16639861,"resource_available":true,"data":null}},"time_used":419,"timings":{"blocked":-1,"dns":54,"connect":8,"send":0,"wait":338,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"extjs.elevatedprude.shop/validator.js","fqdn":"extjs.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:20.248Z","timestamp":1782131120248,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"extjs.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AE:86:50:9D:A5:CE:7F:DD:1C:01:03:17:46:CD:4C:AE:18:B2:BC:DB","sha256":"EF:19:61:6C:41:74:CB:56:46:73:B4:BA:D5:5F:E3:4E:11:26:95:7B:EA:DA:A9:DD:D6:5E:5F:BC:2B:7D:3D:E5"}}},"request":{"raw":"GET /validator.js HTTP/1.1\r\nHost: extjs.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/javascript\r\nlast-modified: Thu, 08 Jan 2026 00:43:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 617\r\ndate: Mon, 22 Jun 2026 12:25:20 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1258,"size_decoded":904,"mime_type":"text/javascript","magic":"ASCII text","md5":"bfbf014a279ef0047ea805aae7bc5654","sha1":"e4aa6c4abe5d8ed937054bbcca0df33c15864040","sha256":"51da6d84d149da13b28aaf97c4916174d45a85c7f3ba35ccd94bcb21415c035a","sha512":"5476ca186ccf22d914c9cfa92af9a8432adab95ce87edb574138b1de154d2d734f30723fdf3f94b2aa826d59b56f7a27734becc520b87416aa8e853a98a89c0a","ssdeep":"","tlshash":"3221514435c722144243942c688f9004256e85f30c8eba0eff4e61f4cf0093fa0f6a28","first_seen":"2026-02-15T22:28:36.542525Z","last_seen":"2026-06-22T13:27:07.136569Z","times_seen":14,"resource_available":true,"data":null}},"time_used":699,"timings":{"blocked":-1,"dns":27,"connect":166,"send":0,"wait":167,"receive":0,"ssl":339},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"combochip.ru/content/dam/fedex-com/common/sprite-placeholder.png","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"ip":{"addr":"72.56.5.200","port":443,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:20.260Z","timestamp":1782131120260,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"combochip.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 09:14:54 GMT","end":"Wed, 24 Jun 2026 09:14:53 GMT"},"fingerprint":{"sha1":"D2:BD:72:F0:6B:96:21:2A:44:BE:F8:DD:3B:83:EB:BC:C2:EF:FA:C9","sha256":"99:7A:36:D0:03:F2:FB:D9:38:9D:C2:14:00:1C:77:41:06:93:DB:F2:6A:6C:96:E9:0F:08:15:3E:81:BE:0F:DF"}}},"request":{"raw":"GET /content/dam/fedex-com/common/sprite-placeholder.png HTTP/1.1\r\nHost: combochip.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/attachment.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 22 Jun 2026 12:25:20 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\np3p: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"\r\nx-powered-cms: Bitrix Site Manager (2f910b7aba0fc12718dfc3493ad867cc)\r\nset-cookie: PHPSESSID=F46VYGWUDF00Z75DBeAT87YrnFjV2kYf; path=/; HttpOnly\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self';\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"1C-Bitrix","description":"1C-Bitrix is a system of web project management, universal software for the creation, support and successful development of corporate websites and online stores.","website":"https://www.1c-bitrix.ru","common_platform_enumeration":"","icon":"1C-Bitrix.svg","categories":["CMS","Ecommerce"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28833,"size_decoded":7957,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4139), with CRLF, LF line terminators","md5":"684507e0375c0a2e60d6a472f1768ad5","sha1":"c6716fa759fda70f476bb6b294835566b9cd1d1f","sha256":"5bd945c823144bb882f4d4c0b9a932443c41f67421b5a73c64a78047bb07c6a0","sha512":"9bb552fbf2a69c64fa9ce37e3eed0cd544f16ea598dba295265a92cc0cca6801583c7c7e244557ecbaa7807ef0283a4f0846c9ed27f5a5b8427303018adaad39","ssdeep":"768:Z0MPZKqjjgJG1O+BH7/K/0PizEiQA5BDdl/HZFIvBEdntQO2gH64Nn9QvaB2m:Z0MPZKqjjgJG1O+BH7/KsPMGvBEdntQy","tlshash":"94d2c73060f46da606a740d8f8357b066ad3e637eb0786d0b0fc54b94fe9da2d913a4d","first_seen":"2026-06-22T12:25:52.282045Z","last_seen":"2026-06-22T12:25:52.282045Z","times_seen":1,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"combochip.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"combochip.ru/content/dam/fedex/apac-asia-pacific/MVP-APAC/images/2020/Q1/naver_blog_131181076.svg","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"ip":{"addr":"72.56.5.200","port":443,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:21.923Z","timestamp":1782131121923,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"combochip.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 09:14:54 GMT","end":"Wed, 24 Jun 2026 09:14:53 GMT"},"fingerprint":{"sha1":"D2:BD:72:F0:6B:96:21:2A:44:BE:F8:DD:3B:83:EB:BC:C2:EF:FA:C9","sha256":"99:7A:36:D0:03:F2:FB:D9:38:9D:C2:14:00:1C:77:41:06:93:DB:F2:6A:6C:96:E9:0F:08:15:3E:81:BE:0F:DF"}}},"request":{"raw":"GET /content/dam/fedex/apac-asia-pacific/MVP-APAC/images/2020/Q1/naver_blog_131181076.svg HTTP/1.1\r\nHost: combochip.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/attachment.html\r\nCookie: PHPSESSID=F46VYGWUDF00Z75DBeAT87YrnFjV2kYf\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 22 Jun 2026 12:25:21 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\np3p: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"\r\nx-powered-cms: Bitrix Site Manager (2f910b7aba0fc12718dfc3493ad867cc)\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self';\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"1C-Bitrix","description":"1C-Bitrix is a system of web project management, universal software for the creation, support and successful development of corporate websites and online stores.","website":"https://www.1c-bitrix.ru","common_platform_enumeration":"","icon":"1C-Bitrix.svg","categories":["CMS","Ecommerce"]}],"data":{"size":27516,"size_decoded":7412,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4139), with CRLF, LF line terminators","md5":"dcbdc65bf527107de45bf07a16c79a25","sha1":"a10efc9c56573cbb1cf541a5283bca9e66173083","sha256":"5237679b89ab9e7b8893284201e87e61f2c1cf96967e5d69a063b1aa1db6cd32","sha512":"6d021106a9059b1b5029096f0399843344b08dd4001089cfc6aa0eae829465233d7623d4da8ea49752516a408a134e7caa0c22b498694859d3b31ca8fa406c65","ssdeep":"768:Z0MPZKqjjgJh1O+BH7/K/0PizEiQA5BDdl/HZFIvBEdntQOjGS0MgH5Nn9QuaBPm:Z0MPZKqjjgJh1O+BH7/KsPMGvBEdntQB","tlshash":"afc2b83060e56d7616a385dcf835bb066e93a237df0786d0b0ec54a80fe9dd2d953a4c","first_seen":"2026-06-22T12:25:52.284061Z","last_seen":"2026-06-22T12:25:52.284061Z","times_seen":1,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"combochip.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"combochip.ru/media/FedExSans_W-Regular-FT2ZS5ZP.woff","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"ip":{"addr":"72.56.5.200","port":443,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:21.986Z","timestamp":1782131121986,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"combochip.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 09:14:54 GMT","end":"Wed, 24 Jun 2026 09:14:53 GMT"},"fingerprint":{"sha1":"D2:BD:72:F0:6B:96:21:2A:44:BE:F8:DD:3B:83:EB:BC:C2:EF:FA:C9","sha256":"99:7A:36:D0:03:F2:FB:D9:38:9D:C2:14:00:1C:77:41:06:93:DB:F2:6A:6C:96:E9:0F:08:15:3E:81:BE:0F:DF"}}},"request":{"raw":"GET /media/FedExSans_W-Regular-FT2ZS5ZP.woff HTTP/1.1\r\nHost: combochip.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/attachment.html\r\nCookie: PHPSESSID=F46VYGWUDF00Z75DBeAT87YrnFjV2kYf\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 22 Jun 2026 12:25:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\np3p: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"\r\nx-powered-cms: Bitrix Site Manager (2f910b7aba0fc12718dfc3493ad867cc)\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self';\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"1C-Bitrix","description":"1C-Bitrix is a system of web project management, universal software for the creation, support and successful development of corporate websites and online stores.","website":"https://www.1c-bitrix.ru","common_platform_enumeration":"","icon":"1C-Bitrix.svg","categories":["CMS","Ecommerce"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":27426,"size_decoded":27960,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4139), with CRLF, LF line terminators","md5":"08c5e3133252125dfecd98403bd69ad2","sha1":"a2186d995aa414dfc21d4a6e2792a727c265ecaa","sha256":"f98d55030d6dc19a15ffefa48d0cee1ebb2c9aed9fada8222989dc7df9373db0","sha512":"7352058812073484eb3809781d0dff0e32df6ab4ebbcf8690124fa97c5aea5861fdc15e9f09af6fee6e79e7a0b83e3a17b4f7e1c1508babe27020d36c853f513","ssdeep":"768:Z0MPZKqjjgJU1O+BH7/K/0PizEiQA5BDdl/HZFIvBEdntQOVGS0MgHTNn9QOaBZm:Z0MPZKqjjgJU1O+BH7/KsPMGvBEdntQz","tlshash":"dfc2b73060e46d7616a344dcf835bb0a6e93a237ef0786d0b0ec54a94fe9dd2d917a4c","first_seen":"2026-06-22T12:25:52.285992Z","last_seen":"2026-06-22T12:25:52.285992Z","times_seen":1,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"combochip.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Light-O5ACP6NZ.woff","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:22.180Z","timestamp":1782131122180,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Light-O5ACP6NZ.woff HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://combochip.ru\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/styles-HFSJOUXO.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Mon, 29 Jun 2026 12:25:22 GMT\r\ncontent-type: font/woff\r\nlast-modified: Sat, 31 Jan 2026 19:03:09 GMT\r\naccept-ranges: bytes\r\ncontent-length: 45484\r\ndate: Mon, 22 Jun 2026 12:25:22 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":45484,"size_decoded":45833,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 45484, version 1.0","md5":"449c745b78495e0b82221cf55bbcd717","sha1":"8982e3f3ec432f1aa6829d27ab966a5ac69bc6f8","sha256":"b6eb141c02454bb6e59981e13c9936dd3b30f84f3d0831a3585c67f7fd1534e2","sha512":"dd01727ec4e4cba74a47af72f0d7ffcd57300f5590c82b1512092f1c65a29690d9d9015d81c8ef38cbcb6630b87b8ac966909a5af1a1308b59af655783b5ddc2","ssdeep":"768:YO9+3dejEjs0ZXeJC/hieDrR8P2v3GvX8bXe+2rPkUQ+A05YQTtvjYH7IF0PiAa:DtYjs04uiPu3TbXN2A+A05YQJbBoQ","tlshash":"dd13f1c90651d0e0e8acb1f86b6b0b6bcd15bff9814acc16f4634e424e64b66c965f3c","first_seen":"2023-05-08T21:33:40Z","last_seen":"2026-06-22T13:27:07.135649Z","times_seen":244,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"combochip.ru/attachment.html","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"ip":{"addr":"72.56.5.200","port":443,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-22T12:25:19.598Z","timestamp":1782131119598,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"combochip.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 09:14:54 GMT","end":"Wed, 24 Jun 2026 09:14:53 GMT"},"fingerprint":{"sha1":"D2:BD:72:F0:6B:96:21:2A:44:BE:F8:DD:3B:83:EB:BC:C2:EF:FA:C9","sha256":"99:7A:36:D0:03:F2:FB:D9:38:9D:C2:14:00:1C:77:41:06:93:DB:F2:6A:6C:96:E9:0F:08:15:3E:81:BE:0F:DF"}}},"request":{"raw":"GET /attachment.html HTTP/1.1\r\nHost: combochip.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 22 Jun 2026 12:25:19 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 21 Jun 2026 23:27:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a38735f-148e1\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":84193,"size_decoded":17530,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2243)","md5":"8da43bf285976ae0daba998faf573d6c","sha1":"213a9b0b8ea1c1a304e8ba45c8ae00066fd08b1e","sha256":"8cf4abafbf4e99ef2216d64e2a4f237c2063051ae50dc15704495143dc35e534","sha512":"7c11cf28d86f2bdb88949fa455040d1bcd51f3217348247473f527fb7699bea88eb63ea708f6307de8f913b0aa3e9930144c99d5c97e83dd0850f6aed7546dee","ssdeep":"1536:wc8ynYpmRV9hK4SNQqJwd29LWAwpdoDEz/2OInXOXQYWlNupQi1vVj3NPd9lLLU:wc8OO4SNQq6d29LWAkdoDEz/JInX2QYK","tlshash":"3b83f73922f4917b515fc2aea7f625195698d81bd1860684f6fc0b102f93cc1fc8babd","first_seen":"2026-06-22T12:25:52.291441Z","last_seen":"2026-06-22T13:27:07.129112Z","times_seen":2,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":89,"connect":28,"send":0,"wait":27,"receive":0,"ssl":63},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"combochip.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/nuance-c2c-button.css","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:20.242Z","timestamp":1782131120242,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/nuance-c2c-button.css HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Mon, 29 Jun 2026 12:25:20 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 31 Jan 2026 19:03:11 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3089\r\ndate: Mon, 22 Jun 2026 12:25:20 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":15196,"size_decoded":3481,"mime_type":"text/css","magic":"ASCII text","md5":"012c618f96b2fec914d452e1b92973e9","sha1":"9fa7e8924ed51dbd8a89f16e4774c1dc85526298","sha256":"10ccd4c3abcabd4ba976d2cf527d375c8e48480a26f7a4392f341be420aa2338","sha512":"3fece2e53f2baa5b95e65e2e57ce464e85f1e599bfb8b5a1f16288e53724f04a50fdbf219d06733975fe7c09068ddb2721bf6cf9ab77b0f8c425c04bbfc59cf2","ssdeep":"384:8JiHbQnq7ABH6QYTsLsHsWsNsHV3IMLs7fLNv0NBrWkiF0Ub:zaIMReHZsb","tlshash":"076283b95b83040e793b825c57ebab59123dc043e80add7c77d9229b9f860dc5097b87","first_seen":"2026-06-18T12:38:24.488087Z","last_seen":"2026-06-22T13:27:07.131303Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1169,"timings":{"blocked":-1,"dns":22,"connect":168,"send":0,"wait":641,"receive":0,"ssl":337},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:20.245Z","timestamp":1782131120245,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:19 GMT","end":"Mon, 17 Aug 2026 08:38:18 GMT"},"fingerprint":{"sha1":"4D:E0:8E:62:2F:B2:3D:28:5D:7D:B5:8D:C5:3A:72:E4:EE:AB:7D:93","sha256":"AE:0B:4F:B5:B7:41:E5:0C:70:C0:E1:2A:F9:DB:AD:A8:64:94:F3:70:6D:38:1C:8A:8A:CA:52:96:5C:D8:5C:87"}}},"request":{"raw":"GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30462\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Jun 2026 07:11:07 GMT\r\nexpires: Thu, 17 Jun 2027 07:11:07 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Tue, 12 Sep 2023 02:38:22 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 450853\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":87533,"size_decoded":31446,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-06-22T15:39:52.390246Z","times_seen":172888,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":2,"connect":14,"send":0,"wait":15,"receive":14,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Regular.woff2","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:21.552Z","timestamp":1782131121552,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Regular.woff2 HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://combochip.ru\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/common-core_SHF.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Mon, 22 Jun 2026 12:25:21 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":1542,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-06-22T15:42:26.396275Z","times_seen":135188,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"combochip.ru/media/FedExSans_W-Bold-L2XWYCJE.woff","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"ip":{"addr":"72.56.5.200","port":443,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:22.184Z","timestamp":1782131122184,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"combochip.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 09:14:54 GMT","end":"Wed, 24 Jun 2026 09:14:53 GMT"},"fingerprint":{"sha1":"D2:BD:72:F0:6B:96:21:2A:44:BE:F8:DD:3B:83:EB:BC:C2:EF:FA:C9","sha256":"99:7A:36:D0:03:F2:FB:D9:38:9D:C2:14:00:1C:77:41:06:93:DB:F2:6A:6C:96:E9:0F:08:15:3E:81:BE:0F:DF"}}},"request":{"raw":"GET /media/FedExSans_W-Bold-L2XWYCJE.woff HTTP/1.1\r\nHost: combochip.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/attachment.html\r\nCookie: PHPSESSID=F46VYGWUDF00Z75DBeAT87YrnFjV2kYf\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 22 Jun 2026 12:25:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\np3p: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"\r\nx-powered-cms: Bitrix Site Manager (2f910b7aba0fc12718dfc3493ad867cc)\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self';\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"1C-Bitrix","description":"1C-Bitrix is a system of web project management, universal software for the creation, support and successful development of corporate websites and online stores.","website":"https://www.1c-bitrix.ru","common_platform_enumeration":"","icon":"1C-Bitrix.svg","categories":["CMS","Ecommerce"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":27420,"size_decoded":27954,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4139), with CRLF, LF line terminators","md5":"a3c1b1ee8306ab0244796449c20c70b2","sha1":"13e0e0e6d7acf3b8e3e6eb24daa58865236371ab","sha256":"b4daf010c9ae75da449364a262856622d869a546a782ffd1d014c0ae0fd9e71a","sha512":"20d041d84a110f0623a7f2bdd95a606e07a65ebe04c9a0e893da736a2d25500823f018168166975ab5745edcfbf79f0f9056caf6a8a923b10e752d8f19b415ab","ssdeep":"768:Z0MPZKqjjgJU1O+BH7/K/0PizEiQA5BDdl/HZFIvBEdntQOeGS0MgHzNn9QnaBym:Z0MPZKqjjgJU1O+BH7/KsPMGvBEdntQi","tlshash":"abc2b73060e56d7616a344dcf835bb0a6e92a237df0786d0b0ec54a94fe9dd2d913a4c","first_seen":"2026-06-22T12:25:52.295436Z","last_seen":"2026-06-22T12:25:52.295436Z","times_seen":1,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"combochip.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"combochip.ru/media/FedExSans_W-Medium-U5SS2SUK.woff","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"ip":{"addr":"72.56.5.200","port":443,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:22.377Z","timestamp":1782131122377,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"combochip.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 09:14:54 GMT","end":"Wed, 24 Jun 2026 09:14:53 GMT"},"fingerprint":{"sha1":"D2:BD:72:F0:6B:96:21:2A:44:BE:F8:DD:3B:83:EB:BC:C2:EF:FA:C9","sha256":"99:7A:36:D0:03:F2:FB:D9:38:9D:C2:14:00:1C:77:41:06:93:DB:F2:6A:6C:96:E9:0F:08:15:3E:81:BE:0F:DF"}}},"request":{"raw":"GET /media/FedExSans_W-Medium-U5SS2SUK.woff HTTP/1.1\r\nHost: combochip.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/attachment.html\r\nCookie: PHPSESSID=F46VYGWUDF00Z75DBeAT87YrnFjV2kYf\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 22 Jun 2026 12:25:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\np3p: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"\r\nx-powered-cms: Bitrix Site Manager (2f910b7aba0fc12718dfc3493ad867cc)\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self';\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"1C-Bitrix","description":"1C-Bitrix is a system of web project management, universal software for the creation, support and successful development of corporate websites and online stores.","website":"https://www.1c-bitrix.ru","common_platform_enumeration":"","icon":"1C-Bitrix.svg","categories":["CMS","Ecommerce"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":27424,"size_decoded":27958,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4139), with CRLF, LF line terminators","md5":"3ec1302a6a2af861935ce784366e9275","sha1":"7d7310bc3dee6de12cd3d0522b2c5d8a930f6c4f","sha256":"4df3c8305895133d0cea08d276856cebafd5dc1e0de0b3505602af61b4264042","sha512":"4edc1a97a5259f0fe6cbdca9696531f510a53ad2fa52e75ef91a5fc24abf87b7ad4685c91b2376a4194ef549bbe0a5f568163a5d4ccc77cc005ab6cdea16080a","ssdeep":"768:Z0MPZKqjjgJU1O+BH7/K/0PizEiQA5BDdl/HZFIvBEdntQOXGS0MgHKNn9QGaBdm:Z0MPZKqjjgJU1O+BH7/KsPMGvBEdntQi","tlshash":"40c2b73060e46d7616a344dcf835bb0a6e93a237ef0786d0b0ec54a94fe9dd2d917a4c","first_seen":"2026-06-22T12:25:52.297212Z","last_seen":"2026-06-22T12:25:52.297212Z","times_seen":1,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"combochip.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/funcs.js","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:20.247Z","timestamp":1782131120247,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/funcs.js HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/javascript\r\nlast-modified: Thu, 12 Feb 2026 08:42:09 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5191\r\ndate: Mon, 22 Jun 2026 12:25:20 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":18600,"size_decoded":5511,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (18600), with no line terminators","md5":"08fc18c44d04c0a1f6b759dcc72c40e5","sha1":"9e2b584e10a10cc97994b256838d54aceecc94f4","sha256":"f701543ad7f7e8ff6f1f3bd2e3095c60c42b897eac51344ed7efdcfc65fa120b","sha512":"dc3da821c5b2fef224cdf58b2ee4399cf8c919e95d63372332aa71182837ceeeb1b69b3cf28c8fb15c37e27db951d123986cd9ab9b57b87db869a88985ff5bab","ssdeep":"384:XYTIDkoAzNFYjtqbz9ibJzAfSbkH47Vf53kN2k1AiUN7OkG7Xvc0NG:XGYbFYDUJKw","tlshash":"1282009f23575986aaab702c76933319a1ed0f13cc3cc85d9c902e50526127627e7abf","first_seen":"2026-06-18T12:38:24.468343Z","last_seen":"2026-06-22T13:27:07.142482Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1164,"timings":{"blocked":-1,"dns":17,"connect":168,"send":0,"wait":641,"receive":0,"ssl":338},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-22","alert":"Detects file containing Telegram Bot API","trigger":"theexternalfiles.elevatedprude.shop/fedex2/css/funcs.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/common-core_SHF.css","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:20.250Z","timestamp":1782131120250,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/common-core_SHF.css HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Mon, 29 Jun 2026 12:25:20 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 31 Jan 2026 19:03:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 81283\r\ndate: Mon, 22 Jun 2026 12:25:20 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":982493,"size_decoded":81676,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d142aad005b8c85435f281e952ac60fb","sha1":"56603a0975b6a447e7d2dbd5052ac9e2a0301a59","sha256":"6338a5153a88a2f80783be569dda27227aa003bfac382bcc0ca73fdf6565ce3e","sha512":"72da096feeb4e278e2eddd90e54be921fbe680c95278b636699f5ab78253f0e4e6d22386036514a5039eb876b56fbf3ab6841e2c17d735b15f2f7e08c4afd85d","ssdeep":"1536:nTV+ho7FCZ+ZLCTtAyPynnnKRry57w6Bico/cGuUL5IcEobhmJIX8h25cp6U/Uxi:nTd06NIX8h25cp6U/UxubmtgTld7","tlshash":"bc25bbebb7c11419e1be850840f43bba456f3c50b2178999e11b2bad6e4bfc52663d0f","first_seen":"2026-06-18T12:38:24.481286Z","last_seen":"2026-06-22T13:27:07.143013Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1162,"timings":{"blocked":-1,"dns":14,"connect":166,"send":0,"wait":640,"receive":2,"ssl":338},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/favicon.ico","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:21.733Z","timestamp":1782131121733,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/favicon.ico HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Mon, 29 Jun 2026 12:25:21 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Sat, 31 Jan 2026 19:06:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5430\r\ndate: Mon, 22 Jun 2026 12:25:21 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5430,"size_decoded":5781,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"a53129769d15f251d4e5c5cb966765b4","sha1":"043d6a7b9cca5d05aba04fc0a3f4527e3ad075e0","sha256":"eab1b9a0ef942d84e3a8ed8c3e3996acb7a46af9a0b9f914ced662bcbe0e54be","sha512":"149e9ecc344fc864c4f772acdbb6e00bdfc5399301922b58f137c14ac042f1c57775213dc6335c8d9cd39b7e9ef7982acfda29f2be794a8c0923ab4e6735792c","ssdeep":"24:EDfxncjMt+eDLLA0y3AoqJkYr2NjPx+nQjBpTTOBjEV1tdSnhajWljDXjX0XXjXL:cVDD4CExYjQEag07023H","tlshash":"06b1a709a638edd0d0a12a31c842d9fe0b25ed07e87c483b5a90ff8a777311c0e2568f","first_seen":"2023-04-30T20:19:19Z","last_seen":"2026-06-22T13:27:07.147202Z","times_seen":918,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Medium-U5SS2SUK.woff","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:22.157Z","timestamp":1782131122157,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Medium-U5SS2SUK.woff HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://combochip.ru\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/styles-HFSJOUXO.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Mon, 22 Jun 2026 12:25:22 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1251,"size_decoded":1542,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-06-22T15:42:26.396275Z","times_seen":135188,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Bold-L2XWYCJE.woff","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:22.181Z","timestamp":1782131122181,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Bold-L2XWYCJE.woff HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://combochip.ru\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/styles-HFSJOUXO.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Mon, 29 Jun 2026 12:25:22 GMT\r\ncontent-type: font/woff\r\nlast-modified: Sat, 31 Jan 2026 19:03:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 46788\r\ndate: Mon, 22 Jun 2026 12:25:22 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":46788,"size_decoded":47137,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 46788, version 1.0","md5":"965c7fbfd23fd8dd34f94d18240b0c18","sha1":"b9fc73e0128d3f5f5f53a2279f29db5c2451feb5","sha256":"a0bb0e1a14e37723f7a9b0b13ce4c26969f163c7b07deb696fe4b379f5293e08","sha512":"4b4da408e425f17594a3ea16d7ea76748a6dc8a0d735aaf143bf743f30ab3b2a6eb4085deb978df5e31f609b69476203cc5d47983df5442d79386f53dcdaa831","ssdeep":"768:rVs/C+RBpdZuMPLPkIcsbmguDmnwPnuqbt/C5KDgqoPWNzTyvDC/OzFnM83YWF1U:r8dkMYIxmc/+pCkDgr/JFnM8I8v8IX34","tlshash":"032301ab6602eb71f275bc5820895fa18f10f6320b93dcf6d95b9e334eb31ba4545213","first_seen":"2023-10-16T19:53:30Z","last_seen":"2026-06-22T13:27:07.148705Z","times_seen":245,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"combochip.ru/media/FedExSans_W-Light-O5ACP6NZ.woff","fqdn":"combochip.ru","domain":"combochip.ru","tld":"ru"},"ip":{"addr":"72.56.5.200","port":443,"asn":1239,"as":"SPRINTLINK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://combochip.ru/attachment.html","date":"2026-06-22T12:25:22.185Z","timestamp":1782131122185,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"combochip.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 09:14:54 GMT","end":"Wed, 24 Jun 2026 09:14:53 GMT"},"fingerprint":{"sha1":"D2:BD:72:F0:6B:96:21:2A:44:BE:F8:DD:3B:83:EB:BC:C2:EF:FA:C9","sha256":"99:7A:36:D0:03:F2:FB:D9:38:9D:C2:14:00:1C:77:41:06:93:DB:F2:6A:6C:96:E9:0F:08:15:3E:81:BE:0F:DF"}}},"request":{"raw":"GET /media/FedExSans_W-Light-O5ACP6NZ.woff HTTP/1.1\r\nHost: combochip.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://combochip.ru/attachment.html\r\nCookie: PHPSESSID=F46VYGWUDF00Z75DBeAT87YrnFjV2kYf\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 22 Jun 2026 12:25:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\np3p: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"\r\nx-powered-cms: Bitrix Site Manager (2f910b7aba0fc12718dfc3493ad867cc)\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self';\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"1C-Bitrix","description":"1C-Bitrix is a system of web project management, universal software for the creation, support and successful development of corporate websites and online stores.","website":"https://www.1c-bitrix.ru","common_platform_enumeration":"","icon":"1C-Bitrix.svg","categories":["CMS","Ecommerce"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":27422,"size_decoded":27956,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4139), with CRLF, LF line terminators","md5":"1b026b9aea89ea792a7dafc2ddff3d2f","sha1":"62b5483fea34bd20a3591ae268fd5128b43e2248","sha256":"c8eb6ad46e2f55a791cb3d8dd0663b11411b6be5023f3c39f4d918b56772c54d","sha512":"2c700b840e08d8f420a2f788c01070de543421275c81ac9a8a9b71178dd502a2e1644c0912d6586562be65f9891ebfa88fa7372c3b3f882bba88fc1b058d80fe","ssdeep":"768:Z0MPZKqjjgJU1O+BH7/K/0PizEiQA5BDdl/HZFIvBEdntQO3GS0MgHzNn9QwaBdG:Z0MPZKqjjgJU1O+BH7/KsPMGvBEdntQ3","tlshash":"54c2b73060e46d7616a344dcf835bb0a6e93a237ef0786d0b0ec54a94fe9dd2d917a4c","first_seen":"2026-06-22T12:25:52.305985Z","last_seen":"2026-06-22T12:25:52.305985Z","times_seen":1,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"combochip.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}