{"report_id":"5d087449-18c0-447b-ab92-5123fa4b08cb","version":6,"status":"done","tags":[],"date":"2026-03-28T04:41:22Z","url":{"schema":"https","addr":"slon4-------at.ru","fqdn":"slon4-------at.ru","domain":"slon4-------at.ru","tld":"ru"},"ip":{"addr":"198.251.84.254","port":0,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"final":{"url":{"schema":"https","addr":"slon4-------at.ru/","fqdn":"slon4-------at.ru","domain":"slon4-------at.ru","tld":"ru"},"title":"Эпоксидные столешницы на заказ в Москве — slon4.at","dom":{"size":21559,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"3a324882e60f36506f38dfdb196b3e24","sha1":"d0162ad64db6a7e52b759f2279b5861a6bb5941f","sha256":"71087b3a7fc0007c8304e452721ea87878364c853ebd0cc0212979dc8e90094a","sha512":"4385e27fa0e1b533aaa339d3056700a659a706d0913cc9c14fcd4d0e5756ec29b1dff0a663614dc45c6de57791ae4f538450373cec1d0f4533f1582aa370b6d3","ssdeep":"384:fL7tN9bg6BQOnkBWm9EhCp8akDjtTE+qWq1+1hsLDOU0:fL7tN9bg6BQOnoWSEhCCakDjtTE+qWqC","tlshash":"5aa23f5255e8689a2115f057e8006f0d2c6ac4ff7b5f2765316c29bf3fd2548ca6b30e","dom_hash":"domhash05c5a048ae930ac19dd54e9de15062eb","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"slon4-------at.ru","fqdn":"slon4-------at.ru","domain":"slon4-------at.ru","tld":"ru"},"ip":{"addr":"198.251.84.254","port":0,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-02T04:41:22Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"slon4-------at.ru","ip":{"addr":"198.251.84.254","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"domain_registered":"2026-03-20","domain_rank":0,"first_seen":"2026-03-28T04:41:22.703458Z","last_seen":"2026-03-28T04:41:22.703458Z","alert_count":0,"request_count":2,"received_data":22677,"sent_data":940,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"s.fotora.ru","ip":{"addr":"95.182.74.9","port":443,"asn":61372,"as":"AZIMUT TELECOM Ltd.","country":"Russia","country_code":"RU"},"domain_registered":"2025-05-22","domain_rank":0,"first_seen":"2026-03-18T02:39:44.58378Z","last_seen":"2026-03-28T04:33:01.917573Z","alert_count":0,"request_count":1,"received_data":1277,"sent_data":443,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"slon4-------at.ru/","fqdn":"slon4-------at.ru","domain":"slon4-------at.ru","tld":"ru"},"ip":{"addr":"198.251.84.254","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-28T04:41:00.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"slon4-------at.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 02:48:45 GMT","end":"Thu, 18 Jun 2026 02:48:44 GMT"},"fingerprint":{"sha1":"AE:6E:89:82:16:45:CA:E6:AE:28:C8:D3:FC:8E:2D:8D:47:29:9A:FB","sha256":"68:32:B8:C1:A9:AF:4E:33:FE:EE:E4:C7:E6:35:9B:BF:D8:D6:A5:D1:00:95:76:09:66:D6:33:FA:81:16:B0:C8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: slon4-------at.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 28 Mar 2026 04:40:41 GMT\r\nContent-Type: text/html\r\nLast-Modified: Fri, 20 Mar 2026 04:26:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69bccc66-565d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22109,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"be1ed5719be1b44c2f27acaa8324baad","sha1":"ff4c26a984c26c31d02d7fabf5ac278dc8b7b696","sha256":"c519b2fd567178c23731db117b54d4c621f3773e9782f80a8141ccbca6e1a332","sha512":"5e57139dcde164720c15381cc09adde70ba8eb8b1496506d1a4026624c38b5682b5b626f6455b37fe36336131bc1b4ea485ba2f22d0b4576dd63a58b3c89aa98","ssdeep":"384:YLjA9cgEW13Xz14onSmKd08pkyM8TSYEBqq+phxykTLYOxS:YLjA9cgEW13Xx4onnKd9pkyM8TSYEBqU","tlshash":"a7a21d2245d5686a2135b056e8006b4dfc6ac4ff775b1766307c2abf3ff2518ca2b70a","first_seen":"2026-03-28T04:41:25.175687Z","last_seen":"2026-03-28T04:41:25.175687Z","times_seen":1,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":121,"dns":37,"connect":44,"send":0,"wait":34,"receive":1,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"slon4-------at.ru/css2?family=Roboto\u0026display=swap","fqdn":"slon4-------at.ru","domain":"slon4-------at.ru","tld":"ru"},"ip":{"addr":"198.251.84.254","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://slon4-------at.ru/","date":"2026-03-28T04:41:00.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"slon4-------at.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 02:48:45 GMT","end":"Thu, 18 Jun 2026 02:48:44 GMT"},"fingerprint":{"sha1":"AE:6E:89:82:16:45:CA:E6:AE:28:C8:D3:FC:8E:2D:8D:47:29:9A:FB","sha256":"68:32:B8:C1:A9:AF:4E:33:FE:EE:E4:C7:E6:35:9B:BF:D8:D6:A5:D1:00:95:76:09:66:D6:33:FA:81:16:B0:C8"}}},"request":{"raw":"GET /css2?family=Roboto\u0026display=swap HTTP/1.1\r\nHost: slon4-------at.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://slon4-------at.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Sat, 28 Mar 2026 04:40:42 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-05-23T17:07:22.725818Z","times_seen":514938,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.fotora.ru/8d21b8474353e89c.png","fqdn":"s.fotora.ru","domain":"fotora.ru","tld":"ru"},"ip":{"addr":"95.182.74.9","port":443,"asn":61372,"as":"AZIMUT TELECOM Ltd.","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://slon4-------at.ru/","date":"2026-03-28T04:41:00.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s.fotora.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 13:01:26 GMT","end":"Sat, 30 May 2026 13:01:25 GMT"},"fingerprint":{"sha1":"C4:18:E8:64:AE:CC:BC:10:F8:B5:99:A8:0D:4A:01:ED:F2:16:4F:2E","sha256":"B0:65:EE:D5:69:2A:F4:23:C9:A8:17:75:AB:3E:2C:04:E3:96:D3:3E:9B:84:BC:F8:05:E2:75:2E:8B:8B:C1:72"}}},"request":{"raw":"GET /8d21b8474353e89c.png HTTP/1.1\r\nHost: s.fotora.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://slon4-------at.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 28 Mar 2026 04:41:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 990\r\nlast-modified: Wed, 18 Mar 2026 06:17:18 GMT\r\netag: \"69ba436e-3de\"\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-served-by: s.fotora.ru\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":990,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"3d86be98360e167fee74df4bb8333f6a","sha1":"4c2a4eba857474441fde57432ae2c839d2f56a7a","sha256":"0338082436dc8da0726df39aa50fcf0175f82e2ea85311829de4e590b97553cb","sha512":"24f037bebd3ccc34df6054a439c8e293f15cd86e6b3eb643bd7c6e9547557679c00a8f0453fcece5bc9e4c301d47fa9b4d74a728ca1f1b0609e4e23b87fe3f26","ssdeep":"","tlshash":"5e1102a3c13d1d3ee69869744933641d6b334d18693fb50d915bcd4ab0026e58612306","first_seen":"2026-03-28T04:33:06.104221Z","last_seen":"2026-03-28T04:41:35.354545Z","times_seen":3,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":7,"connect":64,"send":0,"wait":64,"receive":1,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}