{"report_id":"6655026a-98fc-4dcf-8d12-e55c5697e015","version":6,"status":"done","tags":[],"date":"2026-04-09T05:02:54Z","url":{"schema":"http","addr":"web-phantoms.app","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":0,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"web-phantoms.app/","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"title":"Phantom — Crypto \u0026 NFT Wallet — Solana | Download Extension | Login","dom":{"size":41386,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7271)","md5":"aa43ecb87b72e7664897daae66b345b7","sha1":"c7c76c6fb13fbdb4dea28a14e7db220756f6da39","sha256":"4faa77fabc4cdce42e3a248805154da4f1912eec6987c77aaeed909c894ced03","sha512":"a7986a7786fa46f45a83b70f8429026d8b1a516458a893575db590f12df8de5ce4f58a3a0d6ac552663b0d2ff8cc4836851e91ea93061b6da85f8823fdfa2318","ssdeep":"384:ku11be1ZO01yj1u1ic18+/bZ9YrJwZUq1M18N1vMrV1R1WUPEbctMv23GhbLz1yn:kwbFvhiieErLPoLEIsPmYrs/7ZM","tlshash":"96030a953780a13dc0032fdea1a2da5f245bb0cfcb450698fded5691afc4de588366e8","dom_hash":"domhash705bafb1ffb0b78fd1824c33877c81d2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"web-phantoms.app","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":0,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-14T05:02:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"web-phantoms.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"web-phantoms.app","ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":10,"request_count":10,"received_data":2302454,"sent_data":4594,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.6.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"web-phantoms.app/js/jquery-3.6.1.min.js","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"00727d1d5d9c90f7de826f1a4a9cc632","sha1":"ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2","sha256":"a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74","sha512":"69528a4518bf43f615fb89a3a0a06c138c771fe0647a0a0cfde9b8e8d3650aa3539946000e305b78d79f371615ee0894a74571202b6a76b6ea53b89569e64d5c","ssdeep":"1536:SjjxXUHJnxDjoXEZxkMV4PYDt0zxxf6gP3f8cApoEGOzZTBvUsuy8WnKdXwhLQvg:SdeIygP3fulzcsz8jlvaDioQ47GKH","tlshash":"5393f8ddb2c6702247a770ba007f510bf236199d684d8450f269d8e9bc78a4e827bf7d","size":89664,"data":"","first_seen":"2023-03-07T01:28:27Z","last_seen":"2026-04-09T09:20:30.207141Z","times_seen":27902,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web-phantoms.app/js/ethers-5.2.umd.min.js","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"50ed955cf32ac8e4e1daa0fac8fcde98","sha1":"fc073f2b9715e44dc2346d7cbe0b491fb59da146","sha256":"c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff","sha512":"62b27b6739ad99525dc02c2ee81f754e15062df363b137477f521d3dfdc9ec0650229543bda85c04b5a8282d5e6d9f5137aba99bd66178814a49feecee4fd961","ssdeep":"12288:YPEmxeUs6ky8Xb863bkmCEuls/LaottWsv1TY4:YPTWbsEss/LtttJz","tlshash":"4df44b85b3a5b0b583c628a4143f5006f63af46b502c40a4f759faf269f9d8c957bb3c","size":733070,"data":"","first_seen":"2023-03-07T12:07:13Z","last_seen":"2026-04-09T05:05:25.883339Z","times_seen":1138,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web-phantoms.app/","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"a237aef9123bd8f2be9c99fc6ae4c478","sha1":"4c543f4877e121c3c9db2a075de7e09fd82deeaf","sha256":"be06714d569a63eb7531c623569b402fdc027c14a9d0e630aa3f2437cbcb82e4","sha512":"0445d6577e005d32f3cef02c6d0b5b31c3b717182539f1c8c49cdecb0a55f30e707d7c48990cd30f1735674f55c298166b354fab62c99eecd8eb7364ff3e991d","ssdeep":"384:XPEbctMv23GhbLQ8mm84sttVFVVdg2xhgEWOn7JQ8F8mldv0ygZ8n1zxDtDRTYMM:XPmYrs/7Zd","tlshash":"0fc283503680a53ec1072fde61e29a5e216b71cfc75409a8bdad66d1df80ea188376fc","size":26746,"data":"","first_seen":"2026-04-09T05:03:00.998592Z","last_seen":"2026-04-09T05:03:00.998592Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"web-phantoms.app/","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-09T05:02:32.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"web-phantoms.app","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 21:10:57 GMT","end":"Tue, 07 Jul 2026 21:10:56 GMT"},"fingerprint":{"sha1":"C8:D0:5E:FB:BF:44:3C:53:22:BC:45:EB:DF:66:F7:3D:E2:69:10:A4","sha256":"57:87:E3:B1:15:C8:D1:49:63:34:4D:C3:C8:F6:F3:22:42:AB:2C:E6:5F:C9:D6:33:A0:4F:55:8D:DA:43:C6:6C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: web-phantoms.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 09 Apr 2026 05:02:33 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.6.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":36352,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7271), with CRLF line terminators","md5":"7c6d1543786e90499db09aee3cf5b47d","sha1":"247cc368da8e0dde9293bcab9f5e6bb5a29f8171","sha256":"05fca732191632cb780d6e7fa80409eeaae5e38d8e9948e7f743542a36c5bf48","sha512":"8e10e6ac318a6c4621f85e6e84bcbcb98c77ede1caa8715f03f5bfd617bf73dda5901356a64d8a17529ab260c27174f0a3013a70beb5389b1d3ca227c4b160c1","ssdeep":"384:0u11bw1Znn1yj1u1i818+/xZ9YrJwZUP1M18N1vMrV1R1W31yOY1jENPEbctMv2q:0wbYUhiUfEriTNPtYEst7Z5","tlshash":"6ef2e8513740a03ec0232bdaa1a2db5f646bb1cfc7410658fdbd6692efc0dd58436ae8","first_seen":"2026-04-09T05:03:00.980973Z","last_seen":"2026-04-09T05:03:00.980973Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1852,"timings":{"blocked":795,"dns":135,"connect":111,"send":0,"wait":263,"receive":0,"ssl":546},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"web-phantoms.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"web-phantoms.app/popup.5cbd182e.css","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://web-phantoms.app/","date":"2026-04-09T05:02:33.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"web-phantoms.app","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 21:10:57 GMT","end":"Tue, 07 Jul 2026 21:10:56 GMT"},"fingerprint":{"sha1":"C8:D0:5E:FB:BF:44:3C:53:22:BC:45:EB:DF:66:F7:3D:E2:69:10:A4","sha256":"57:87:E3:B1:15:C8:D1:49:63:34:4D:C3:C8:F6:F3:22:42:AB:2C:E6:5F:C9:D6:33:A0:4F:55:8D:DA:43:C6:6C"}}},"request":{"raw":"GET /popup.5cbd182e.css HTTP/1.1\r\nHost: web-phantoms.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web-phantoms.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 09 Apr 2026 05:02:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 283145\r\nLast-Modified: Thu, 05 Mar 2026 20:18:20 GMT\r\nConnection: keep-alive\r\nETag: \"69a9e50c-45209\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":283145,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ba4c1af6ab5dc69a6d6433b0822403c6","sha1":"23afaf2bf14441bff15c453e7157bf77f029a561","sha256":"d48f095841d6a8bc96aa232c4d62cf12a0f3558a4e6e21e9af85e947b3d96397","sha512":"224b1c203a09912460fa311cb449f070a987eb15c954d52ec4cfa09eadf73fce2e93f2eda4bb3292b6d9a10b9c94a533f043da7502fb0b670e8c05441ace4695","ssdeep":"1536:apKSQ3YyI/obeboL0T1+3tKSYHpKSQ3YyI/obeboL0T1+3tKSY1fmEcKfmEcm:7SDgbqil3YJMSDgbqil3YJxZT","tlshash":"4254992fe300243eed27831de143fe9da1775f99ba42c777b89228d49281993db93650","first_seen":"2024-10-11T08:50:23.926884Z","last_seen":"2026-04-09T05:05:25.881754Z","times_seen":35,"resource_available":false,"data":null}},"time_used":1849,"timings":{"blocked":596,"dns":0,"connect":100,"send":0,"wait":313,"receive":338,"ssl":497},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"web-phantoms.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"web-phantoms.app/popup.c34c79ff.css","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://web-phantoms.app/","date":"2026-04-09T05:02:33.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"web-phantoms.app","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 21:10:57 GMT","end":"Tue, 07 Jul 2026 21:10:56 GMT"},"fingerprint":{"sha1":"C8:D0:5E:FB:BF:44:3C:53:22:BC:45:EB:DF:66:F7:3D:E2:69:10:A4","sha256":"57:87:E3:B1:15:C8:D1:49:63:34:4D:C3:C8:F6:F3:22:42:AB:2C:E6:5F:C9:D6:33:A0:4F:55:8D:DA:43:C6:6C"}}},"request":{"raw":"GET /popup.c34c79ff.css HTTP/1.1\r\nHost: web-phantoms.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web-phantoms.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 09 Apr 2026 05:02:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 971\r\nLast-Modified: Thu, 05 Mar 2026 20:18:21 GMT\r\nConnection: keep-alive\r\nETag: \"69a9e50d-3cb\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":971,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (923)","md5":"1c0eff64531617e6cbeb6600289b221f","sha1":"1c0d16ed3fb8ba61efa0fa28ee18edde9f1a59c6","sha256":"fc4fc69adeaa80c65698af1ef46fe9992f232dc769928409f18afa8b6db9225a","sha512":"a6a7c8ed6285a4e0b4228c55421571a6d705e3dc8db4c6785151453fb7d42d8a3866717028b08a9913c75a2ca1c2b03b392f01ebfbb72d31a731a7eee78824dd","ssdeep":"","tlshash":"9611e61815afa845d4729e4231cf3922bd164468a2694522d27e0d5eccfbd7393f1f3a","first_seen":"2024-10-11T08:50:23.920468Z","last_seen":"2026-04-09T05:05:25.877428Z","times_seen":35,"resource_available":false,"data":null}},"time_used":1479,"timings":{"blocked":630,"dns":1,"connect":115,"send":0,"wait":211,"receive":0,"ssl":519},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"web-phantoms.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"web-phantoms.app/js/ethers-5.2.umd.min.js","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web-phantoms.app/","date":"2026-04-09T05:02:33.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"web-phantoms.app","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 21:10:57 GMT","end":"Tue, 07 Jul 2026 21:10:56 GMT"},"fingerprint":{"sha1":"C8:D0:5E:FB:BF:44:3C:53:22:BC:45:EB:DF:66:F7:3D:E2:69:10:A4","sha256":"57:87:E3:B1:15:C8:D1:49:63:34:4D:C3:C8:F6:F3:22:42:AB:2C:E6:5F:C9:D6:33:A0:4F:55:8D:DA:43:C6:6C"}}},"request":{"raw":"GET /js/ethers-5.2.umd.min.js HTTP/1.1\r\nHost: web-phantoms.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web-phantoms.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 09 Apr 2026 05:02:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 733070\r\nLast-Modified: Thu, 05 Mar 2026 20:18:29 GMT\r\nConnection: keep-alive\r\nETag: \"69a9e515-b2f8e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":733070,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"50ed955cf32ac8e4e1daa0fac8fcde98","sha1":"fc073f2b9715e44dc2346d7cbe0b491fb59da146","sha256":"c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff","sha512":"62b27b6739ad99525dc02c2ee81f754e15062df363b137477f521d3dfdc9ec0650229543bda85c04b5a8282d5e6d9f5137aba99bd66178814a49feecee4fd961","ssdeep":"12288:YPEmxeUs6ky8Xb863bkmCEuls/LaottWsv1TY4:YPTWbsEss/LtttJz","tlshash":"4df44b85b3a5b0b583c628a4143f5006f63af46b502c40a4f759faf269f9d8c957bb3c","first_seen":"2023-03-07T12:07:13Z","last_seen":"2026-04-09T05:05:25.883339Z","times_seen":1138,"resource_available":true,"data":null}},"time_used":2148,"timings":{"blocked":659,"dns":1,"connect":121,"send":0,"wait":325,"receive":490,"ssl":546},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"web-phantoms.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"web-phantoms.app/Inter-Regular.3b5c1ea8.woff","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://web-phantoms.app/","date":"2026-04-09T05:02:34.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"web-phantoms.app","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 21:10:57 GMT","end":"Tue, 07 Jul 2026 21:10:56 GMT"},"fingerprint":{"sha1":"C8:D0:5E:FB:BF:44:3C:53:22:BC:45:EB:DF:66:F7:3D:E2:69:10:A4","sha256":"57:87:E3:B1:15:C8:D1:49:63:34:4D:C3:C8:F6:F3:22:42:AB:2C:E6:5F:C9:D6:33:A0:4F:55:8D:DA:43:C6:6C"}}},"request":{"raw":"GET /Inter-Regular.3b5c1ea8.woff HTTP/1.1\r\nHost: web-phantoms.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web-phantoms.app/popup.c34c79ff.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 09 Apr 2026 05:02:34 GMT\r\nContent-Type: application/font-woff\r\nContent-Length: 133856\r\nLast-Modified: Thu, 05 Mar 2026 20:18:13 GMT\r\nConnection: keep-alive\r\nETag: \"69a9e505-20ae0\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":133856,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 133856, version 0.0","md5":"14d1275c67676cc5d911232d0c890d97","sha1":"b5541b2654eeeffb8e709cfe141a75644e53e9ba","sha256":"3710e2ce073ec0eb39274decc63768b52091a27e35f5c28d6abb7a5fcef0b7fc","sha512":"f29574b0d8173a667ed53dd2bec01a0d0b126637d61a011220c82957c303053b066308681ed05ab7aae999625a750e44d8fc09f9b6665815d86d08f9944ebb7b","ssdeep":"3072:wdJVqGxK6l7L8NEcHOW3d7TA/O0PcGt6TstGUPResU1ZiZCm:wdJVa6NLjcHZ3BAWcjybm","tlshash":"35d312c4eca1ad4bb333e79fdc60b64fe938d8176c39904a41a3c39e23a6e5481d8059","first_seen":"2023-05-11T13:56:46Z","last_seen":"2026-04-09T05:05:25.878973Z","times_seen":290,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":220,"receive":118,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"web-phantoms.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"web-phantoms.app/icon16.png","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://web-phantoms.app/","date":"2026-04-09T05:02:35.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"web-phantoms.app","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 21:10:57 GMT","end":"Tue, 07 Jul 2026 21:10:56 GMT"},"fingerprint":{"sha1":"C8:D0:5E:FB:BF:44:3C:53:22:BC:45:EB:DF:66:F7:3D:E2:69:10:A4","sha256":"57:87:E3:B1:15:C8:D1:49:63:34:4D:C3:C8:F6:F3:22:42:AB:2C:E6:5F:C9:D6:33:A0:4F:55:8D:DA:43:C6:6C"}}},"request":{"raw":"GET /icon16.png HTTP/1.1\r\nHost: web-phantoms.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web-phantoms.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 09 Apr 2026 05:02:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 364\r\nLast-Modified: Thu, 05 Mar 2026 20:18:16 GMT\r\nConnection: keep-alive\r\nETag: \"69a9e508-16c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":364,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"96ab8d2301b867d7e4113af5ebc59dd1","sha1":"87064faf66f6f06de4a39d2f31f86aaddd5350de","sha256":"267954ddd65f611106bb05d30b472e929726bee357a34565c3e6b5f4dfa24ae2","sha512":"c55573477e2596d22935abf6a4a03a5446833c18d5b61075c0a0604248fe604d7b151df8b5c75a224e87ed151ba3e2a9dbbc6e9c2b77bcdc41a0aeeaf5bbf81e","ssdeep":"","tlshash":"a7e0f110729854a5da834db78283d958e66060540b1583cc09019439419025da730569","first_seen":"2024-10-11T08:50:23.933597Z","last_seen":"2026-04-09T05:05:25.886198Z","times_seen":35,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"web-phantoms.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"web-phantoms.app/style.css","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://web-phantoms.app/","date":"2026-04-09T05:02:33.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"web-phantoms.app","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 21:10:57 GMT","end":"Tue, 07 Jul 2026 21:10:56 GMT"},"fingerprint":{"sha1":"C8:D0:5E:FB:BF:44:3C:53:22:BC:45:EB:DF:66:F7:3D:E2:69:10:A4","sha256":"57:87:E3:B1:15:C8:D1:49:63:34:4D:C3:C8:F6:F3:22:42:AB:2C:E6:5F:C9:D6:33:A0:4F:55:8D:DA:43:C6:6C"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: web-phantoms.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web-phantoms.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 09 Apr 2026 05:02:33 GMT\r\nContent-Type: text/css\r\nContent-Length: 737573\r\nLast-Modified: Thu, 05 Mar 2026 20:18:22 GMT\r\nConnection: keep-alive\r\nETag: \"69a9e50e-b4125\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":737573,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"63545a2c96e327ecf8655decf1eb906c","sha1":"8eba5b409906d6b55f2a844b15764dbf4554fa4c","sha256":"743c63a5acd1aa7d416d21b780989d5302b8a9688fa562c816ac0aa6b8492fa3","sha512":"50c16684e1e7c2ce3d6b68afd91bf5e2f1afc208b21bc47ed10430162a6e8cf425782210fe351ecab36509df02fa92c8b13328d0126de5b5aee79d5db3a1b399","ssdeep":"6144:I1jA3uIL43Ml7S+SDvdqV/TSsrHw3ae1jA3uIL43Ml7S+SDvdqV/TSsrHw3aG2kx:oz3aqz3aG2kqz3aqz3aG29B","tlshash":"73f4449bd2007c2dea67a3bdd143d4ceff790289ba05c3bb75425ae4c648547db827a0","first_seen":"2024-10-11T08:50:23.931213Z","last_seen":"2026-04-09T05:05:25.880451Z","times_seen":34,"resource_available":false,"data":null}},"time_used":812,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":335,"receive":477,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"web-phantoms.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"web-phantoms.app/js/jquery-3.6.1.min.js","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web-phantoms.app/","date":"2026-04-09T05:02:33.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"web-phantoms.app","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 21:10:57 GMT","end":"Tue, 07 Jul 2026 21:10:56 GMT"},"fingerprint":{"sha1":"C8:D0:5E:FB:BF:44:3C:53:22:BC:45:EB:DF:66:F7:3D:E2:69:10:A4","sha256":"57:87:E3:B1:15:C8:D1:49:63:34:4D:C3:C8:F6:F3:22:42:AB:2C:E6:5F:C9:D6:33:A0:4F:55:8D:DA:43:C6:6C"}}},"request":{"raw":"GET /js/jquery-3.6.1.min.js HTTP/1.1\r\nHost: web-phantoms.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web-phantoms.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 09 Apr 2026 05:02:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 89664\r\nLast-Modified: Thu, 05 Mar 2026 20:18:28 GMT\r\nConnection: keep-alive\r\nETag: \"69a9e514-15e40\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89664,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"00727d1d5d9c90f7de826f1a4a9cc632","sha1":"ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2","sha256":"a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74","sha512":"69528a4518bf43f615fb89a3a0a06c138c771fe0647a0a0cfde9b8e8d3650aa3539946000e305b78d79f371615ee0894a74571202b6a76b6ea53b89569e64d5c","ssdeep":"1536:SjjxXUHJnxDjoXEZxkMV4PYDt0zxxf6gP3f8cApoEGOzZTBvUsuy8WnKdXwhLQvg:SdeIygP3fulzcsz8jlvaDioQ47GKH","tlshash":"5393f8ddb2c6702247a770ba007f510bf236199d684d8450f269d8e9bc78a4e827bf7d","first_seen":"2023-03-07T01:28:27Z","last_seen":"2026-04-09T09:20:30.207141Z","times_seen":27902,"resource_available":true,"data":null}},"time_used":1772,"timings":{"blocked":641,"dns":1,"connect":122,"send":0,"wait":328,"receive":147,"ssl":530},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"web-phantoms.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"web-phantoms.app/Inter-Medium.42fabd1d.woff","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://web-phantoms.app/","date":"2026-04-09T05:02:34.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"web-phantoms.app","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 21:10:57 GMT","end":"Tue, 07 Jul 2026 21:10:56 GMT"},"fingerprint":{"sha1":"C8:D0:5E:FB:BF:44:3C:53:22:BC:45:EB:DF:66:F7:3D:E2:69:10:A4","sha256":"57:87:E3:B1:15:C8:D1:49:63:34:4D:C3:C8:F6:F3:22:42:AB:2C:E6:5F:C9:D6:33:A0:4F:55:8D:DA:43:C6:6C"}}},"request":{"raw":"GET /Inter-Medium.42fabd1d.woff HTTP/1.1\r\nHost: web-phantoms.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web-phantoms.app/popup.c34c79ff.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 09 Apr 2026 05:02:34 GMT\r\nContent-Type: application/font-woff\r\nContent-Length: 142340\r\nLast-Modified: Thu, 05 Mar 2026 20:18:12 GMT\r\nConnection: keep-alive\r\nETag: \"69a9e504-22c04\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":142340,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 142340, version 0.0","md5":"5ce3e4db9634913232403f166b2447de","sha1":"e1ed0feb06835626a35e96bb71ffa06a6802a09b","sha256":"68d52e74e8171ddb2c94ca60a2596dc8a46407320449881fd09369dbc317624c","sha512":"9f156d12c885c0662a58576b48209eac0f82abf0cd22dbeb9e9f83fd967909f5824e411211c5b3f77a869e28b3af32020ae3ed55a2fb3a218d0f2ad2e50eea0d","ssdeep":"3072:1EqGHwgRgE91xHUDe9TuA3+tN7JQQLuCaM1E51sU1ZiZCm:1hZQ1BUuyA3YfLH1Ebm","tlshash":"f4d31208fe2b2995f7576fa72a744596c51dc026140f0c8f52a71bed2cf9ba818ca4ec","first_seen":"2023-05-11T13:56:46Z","last_seen":"2026-04-09T05:05:25.883851Z","times_seen":77,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":200,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"web-phantoms.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"web-phantoms.app/Inter-SemiBold.02b70154.woff","fqdn":"web-phantoms.app","domain":"web-phantoms.app","tld":"app"},"ip":{"addr":"147.45.211.115","port":443,"asn":49055,"as":"New information technologies Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://web-phantoms.app/","date":"2026-04-09T05:02:35.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"web-phantoms.app","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 21:10:57 GMT","end":"Tue, 07 Jul 2026 21:10:56 GMT"},"fingerprint":{"sha1":"C8:D0:5E:FB:BF:44:3C:53:22:BC:45:EB:DF:66:F7:3D:E2:69:10:A4","sha256":"57:87:E3:B1:15:C8:D1:49:63:34:4D:C3:C8:F6:F3:22:42:AB:2C:E6:5F:C9:D6:33:A0:4F:55:8D:DA:43:C6:6C"}}},"request":{"raw":"GET /Inter-SemiBold.02b70154.woff HTTP/1.1\r\nHost: web-phantoms.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web-phantoms.app/popup.c34c79ff.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 09 Apr 2026 05:02:35 GMT\r\nContent-Type: application/font-woff\r\nContent-Length: 142760\r\nLast-Modified: Thu, 05 Mar 2026 20:18:14 GMT\r\nConnection: keep-alive\r\nETag: \"69a9e506-22da8\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":142760,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 142760, version 0.0","md5":"1d5bb5c64dc15405bdb04145dab7b436","sha1":"b1998ff442a405f783f2969a30c73eae62809d9a","sha256":"807d56b95fcc04cd1c26fca043ddf19e300c8ae156747458bd025a2b21cf54b4","sha512":"1854e0ed3d16e4304abe68a6fbeeb4bc852b678f60fa12ccd48b507b0ee6ad4711c36625d9ea3a6deca84a5ca909b3f28b12e6943aae5d386982b57d2aaa77d9","ssdeep":"3072:woGCVBMa0wOu0YcxfPHArepYYjnn+95SkuHhsU1ZiZCm:oa0wR0LeepYYjnsAbm","tlshash":"8bd31248fcd1e8c37396fc5b8afc5f2a237ad7117c5ae46a807e348b1a64c84c5d4469","first_seen":"2023-05-11T13:56:46Z","last_seen":"2026-04-09T05:05:25.879868Z","times_seen":75,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":223,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"web-phantoms.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}