{"report_id":"6cf5f8a4-f071-4e0c-93f2-0654dab7f464","version":6,"status":"done","tags":[],"date":"2025-12-07T00:21:58Z","url":{"schema":"http","addr":"kra47.bestsiter.ru","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":0,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"final":{"url":{"schema":"https","addr":"kra47.bestsiter.ru/","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"title":"kra47 - информационный CC портал о культуре, истории и современности США","dom":{"size":25752,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (15976)","md5":"ab1a83148c272c6ed6936dbcd6e503c3","sha1":"a0d15a2ef887c3d6421b97c3b0c6891a67bee579","sha256":"3690011c67da2953cf45d804e93fb67bb276b027fc4cfa92a0ecfe109b8d0747","sha512":"688bf7249920680d337a658686261fb6597fce2b25944edae61f8261987f56ffdb0e93a14b7590821ae907fbed6a85a6d918366c80c890e24e959a67c4cb3b45","ssdeep":"384:I5zLOvKhqnUSDnz2OhGPJcTz/Vaz0gSYGbBxeTO/6lVkKyrYemR2UhkFcHE3iRMT:wz1hyP2F+TbVagB3e6/OkdqRyyTcWvC","tlshash":"8dc29d717cb6006615489046f952bf8a3d99457fbb0b6b2439ec5d8a3fc2e80ca7b71c","dom_hash":"domhashd7a66319075a41e0d2ea21a8b603d486","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kra47.bestsiter.ru","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":0,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-11T00:21:58Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-07","alert":"Phishing Block","trigger":"kra47.bestsiter.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"kra47.bestsiter.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"kra47.bestsiter.ru","ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2025-02-08","domain_rank":0,"first_seen":"2025-12-07T00:21:59.015333Z","last_seen":"2025-12-07T00:21:59.015333Z","alert_count":16,"request_count":8,"received_data":41013,"sent_data":3560,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kra47.bestsiter.ru/","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"8228f0e2de131fc76dbcf712e72ef4d1","sha1":"1a51a01150440123649857e837f00ceea8017293","sha256":"df89c51b2f01c6b80fb112b911a077354b59c2e882de8ae098f89693d9e64e32","sha512":"e7593efba58844d5a894904e87f757afcc46bbc1f4ed4ed528c29c8e5e7c600639b4c01c7ab4628336588a608bbf5428e0981d2e045b0452f87293e8eeeb3400","ssdeep":"","tlshash":"c1f005953cdc44248377012627fb91487479652a2c0afd15f54cc4412f99eac14bb54c","size":538,"data":"","first_seen":"2025-12-07T00:22:00.67527Z","last_seen":"2025-12-07T00:22:00.67527Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kra47.bestsiter.ru/","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"ebdb6da2c5b8bbe3f6ba066ba975895b","sha1":"a9b8dfc03f2451b67a35e46705ef80d07d7a120c","sha256":"1c40d9038ba32e18774f2dcb68a01bfb378e89f069d53b8d43fbb579e8f45ed6","sha512":"91d744f19ac9692aedc821a19042a43fdf9a9891afb9c86b2d91a979145e41b7b1446808a7f2cb0d1e384a4ece85120c69ff812282377a1d4b4377c622ee19bb","ssdeep":"","tlshash":"58600033300c0003cc0c0c0300c00c0000c0003c000ccc303000f00c0f0000fc30c3c0","size":15,"data":"","first_seen":"2025-11-07T18:36:06.466308Z","last_seen":"2026-03-19T12:19:34.895414Z","times_seen":235,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kra47.bestsiter.ru/","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"eventHandler","is_inline":false,"md5":"e56ddbb05a974a6bc5ea44661e509a21","sha1":"448d4cb69f9441e10731b1ff4aa9dc81502589bd","sha256":"1759e8c6c2ce9c987245281cd33bb9260ce82e31b604131a5da486db89369913","sha512":"a3b2b0accbc0f18d13fc0eb6d742a5bf00a9614399e05b97b96ed0963e7d29b5868f73ef541c5f5bf8d125e7f7040d03f39cc853a52ffa2f1e2ebb7a20165242","ssdeep":"","tlshash":"7b700008080000800a002c00e000020080c2000802202008c020a8a0082c088808f800","size":21,"data":"","first_seen":"2023-04-10T22:51:51Z","last_seen":"2026-04-03T22:00:57.296067Z","times_seen":39535,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kra47.bestsiter.ru/","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"7990eff4acbffbec0dbaa15d76d6bf90","sha1":"0d3f0687d29e815900c5577e1e0eddfd960d3d1c","sha256":"79b23fa4b2b7110b9ec423c0c6ff71ed30a03553520b4b6c92d971b350bef733","sha512":"0a1e949e32f7a85a86b2eb97bee1aca307894a018de87f4255356dad447faeb71133321a90fcb80ef9a46a961991418fdd40183a6a707976df3f17d19c3fd36e","ssdeep":"","tlshash":"74c08c100d32c034421708972332c26121a0201aa411e08976ccdd8d2f20fc54c02c18","size":164,"data":"","first_seen":"2025-06-27T14:25:42.770305Z","last_seen":"2026-02-03T08:21:52.163924Z","times_seen":268,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kra47.bestsiter.ru/","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"e5ea76b1d01222698098ef9ffd3e2fd5","sha1":"b47cbbbbfd6c09e780755b3239ce3122cac99a96","sha256":"fbe31135b7ece0ec9dfb4c197a5575cba067296498a54f4edcd02caeeeb5dcca","sha512":"d4032f16322193bcc121a6173449943a0dfaa0f6282391ede483e884090b1faa71e11bac64d34cc4fdc33ce46082703206ac03d8f60c2c8e664ac1167779c167","ssdeep":"","tlshash":"4311f07971b5022003f6c0baf5ea3e08647a0c5f3b05a2407e6c47461d6bee6a1f6e5e","size":1096,"data":"","first_seen":"2025-11-07T18:36:06.468445Z","last_seen":"2026-02-03T08:21:52.164787Z","times_seen":266,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kra47.bestsiter.ru/script.js?v=1765066897944","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"445697371633c79871bf78a0fdf3c370","sha1":"2927e758128fbfe0ffbe898288e8bf700c84f408","sha256":"23cb3e29ca4ecece95eaf4a5e45fc628bf2ce1d21a01da4ef33d71e8d8e4630c","sha512":"587e1db171c52e6ae7bd37ae5d8896a62f39523bd591219088067af64d6e521095bc0add46e0c1397fd112ec316c467c289e25eefaf7858a7b505532a3b471b6","ssdeep":"","tlshash":"74f02e7721347a7405a575bb36c657c8d63b00efb80510013e098d181f746e60372f9d","size":459,"data":"","first_seen":"2025-12-05T14:56:02.67166Z","last_seen":"2025-12-08T00:33:51.961738Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"kra47.bestsiter.ru/","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-07T00:21:37.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kra47.bestsiter.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 15:25:50 GMT","end":"Wed, 04 Mar 2026 15:25:49 GMT"},"fingerprint":{"sha1":"25:92:C4:AC:1C:0D:06:00:C2:7C:F6:ED:EE:2E:A0:19:ED:4B:AD:11","sha256":"C1:F4:1B:A6:AB:71:40:B8:6F:94:3F:97:01:01:19:62:82:56:AB:47:02:A6:02:5B:CC:05:CB:4E:C8:F6:09:B8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kra47.bestsiter.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 07 Dec 2025 00:21:37 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000;\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26359,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15976), with CRLF, LF line terminators","md5":"2f992620f981700682beaa6f85c66514","sha1":"457c35409a5b85889d0d9dcbd1b28a6958e2012b","sha256":"110e505eedf8b4e23851fd334405a8563a5e3a2e8feb37e671240f8db3a4e884","sha512":"424c8e086ac31f7e0ece275f02a75847babd0c583063ce47d9dcc0a6c06ccc33e6221e5204a2e37c642fc720a0e858a9c08a1eae690d78d72c0e52f90789eb6c","ssdeep":"768:jzbZhlCP2F+TbVagB3e6/OkdqR854uWvD:jzbZhl8i+laiV/Og/4HvD","tlshash":"92c27c307886002716359156fb51bf89fe95417fab07171439ec6a8b3fe2e548a3bb1c","first_seen":"2025-12-07T00:22:00.670415Z","last_seen":"2025-12-07T00:22:00.670415Z","times_seen":1,"resource_available":false,"data":null}},"time_used":518,"timings":{"blocked":151,"dns":70,"connect":8,"send":0,"wait":215,"receive":1,"ssl":70},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-07","alert":"Phishing Block","trigger":"kra47.bestsiter.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"kra47.bestsiter.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kra47.bestsiter.ru/style.css","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kra47.bestsiter.ru/","date":"2025-12-07T00:21:37.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kra47.bestsiter.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 15:25:50 GMT","end":"Wed, 04 Mar 2026 15:25:49 GMT"},"fingerprint":{"sha1":"25:92:C4:AC:1C:0D:06:00:C2:7C:F6:ED:EE:2E:A0:19:ED:4B:AD:11","sha256":"C1:F4:1B:A6:AB:71:40:B8:6F:94:3F:97:01:01:19:62:82:56:AB:47:02:A6:02:5B:CC:05:CB:4E:C8:F6:09:B8"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: kra47.bestsiter.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kra47.bestsiter.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 07 Dec 2025 00:21:37 GMT\r\nContent-Type: text/css\r\nContent-Length: 4828\r\nLast-Modified: Mon, 03 Nov 2025 03:00:00 GMT\r\nConnection: keep-alive\r\nETag: \"69081ab0-12dc\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4828,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"5754c32a98dc53994b7b10e2c7edabe5","sha1":"315cb12fc138b932de08d43401414cab95dfd246","sha256":"1992412e3a1020da3805f21c9c6dbed6431a79e9cddc5761ee7f9ee373ff7306","sha512":"cfc4dcf3f1a3b92bf61a971005dcf0cb4bcf4e4eb1576a283e55616e925097e006aea0f0fddcb470ce1cf681ca061617f48ce0bf24e01cf328eebfc7728eabf5","ssdeep":"48:E8pdnkKw8BK19dQQoQQQ0t33gtEbPaCM+DWlKhX08Bs818X0yb898f8KLfHV8fDT:E8rjw88190gtwRPWlKhXILfUupM","tlshash":"b1a1f016ea0910467132d278fb614705fb6980bb970646fd3ffc62286ff62658621fdc","first_seen":"2025-11-07T18:36:06.4639Z","last_seen":"2026-02-03T08:21:52.155737Z","times_seen":265,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"kra47.bestsiter.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-07","alert":"Phishing Block","trigger":"kra47.bestsiter.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kra47.bestsiter.ru/logo.svg","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kra47.bestsiter.ru/","date":"2025-12-07T00:21:37.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kra47.bestsiter.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 15:25:50 GMT","end":"Wed, 04 Mar 2026 15:25:49 GMT"},"fingerprint":{"sha1":"25:92:C4:AC:1C:0D:06:00:C2:7C:F6:ED:EE:2E:A0:19:ED:4B:AD:11","sha256":"C1:F4:1B:A6:AB:71:40:B8:6F:94:3F:97:01:01:19:62:82:56:AB:47:02:A6:02:5B:CC:05:CB:4E:C8:F6:09:B8"}}},"request":{"raw":"GET /logo.svg HTTP/1.1\r\nHost: kra47.bestsiter.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kra47.bestsiter.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 07 Dec 2025 00:21:37 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 2054\r\nLast-Modified: Mon, 03 Nov 2025 03:00:00 GMT\r\nConnection: keep-alive\r\nETag: \"69081ab0-806\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2054,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"32af2241a3864f4e7369bfb2b2fcfda4","sha1":"1a4aed10196429235c0d0967a31534d8ea90b812","sha256":"b028caf4a97470b1369995fc4e28d618cf3fb4be1699cf5e25abf6674cb2a51e","sha512":"49cbd3f9d1028ba4bc94e541240936b6321ce29d159f472525bdf0eccf0023ba012f3f8f92a5348e0eca2a409e2ac1d38b3de2beaac111c0b11e0b306758cdde","ssdeep":"","tlshash":"094120d94984f534b9818ffe5a29b025f237fce4f202c1e449c3250769810ad2aaddaf","first_seen":"2025-11-07T18:36:06.461068Z","last_seen":"2026-02-03T08:21:52.150038Z","times_seen":293,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":27,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-07","alert":"Phishing Block","trigger":"kra47.bestsiter.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"kra47.bestsiter.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kra47.bestsiter.ru/mail.svg","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kra47.bestsiter.ru/","date":"2025-12-07T00:21:37.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kra47.bestsiter.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 15:25:50 GMT","end":"Wed, 04 Mar 2026 15:25:49 GMT"},"fingerprint":{"sha1":"25:92:C4:AC:1C:0D:06:00:C2:7C:F6:ED:EE:2E:A0:19:ED:4B:AD:11","sha256":"C1:F4:1B:A6:AB:71:40:B8:6F:94:3F:97:01:01:19:62:82:56:AB:47:02:A6:02:5B:CC:05:CB:4E:C8:F6:09:B8"}}},"request":{"raw":"GET /mail.svg HTTP/1.1\r\nHost: kra47.bestsiter.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kra47.bestsiter.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 07 Dec 2025 00:21:38 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 809\r\nLast-Modified: Mon, 03 Nov 2025 03:00:00 GMT\r\nConnection: keep-alive\r\nETag: \"69081ab0-329\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":809,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cd832466ea589ad994e3ae72763ae896","sha1":"b107bd3afce1c7d5f07d35a421c49977dfc147c8","sha256":"b86009a5afd5d7aa26ae67c56006094d56fdd08206dbaa19f69fef614b5abf7c","sha512":"531f89f01b1e9aecb3523a986475a495ac9adf6bd8380727363300cb7ef2a9d6a7448d281a9172afa246dbc552a8593a40525b22497f3a1276d5f6aa00e39d8f","ssdeep":"","tlshash":"b901aff1e7b5b584d30a57b18df0b55f320b29a91d7389c89452ad9cd264dad0714c14","first_seen":"2025-11-07T18:36:06.462669Z","last_seen":"2026-02-03T08:21:52.154426Z","times_seen":293,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":61,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-07","alert":"Phishing Block","trigger":"kra47.bestsiter.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"kra47.bestsiter.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kra47.bestsiter.ru/bell.svg","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kra47.bestsiter.ru/","date":"2025-12-07T00:21:37.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kra47.bestsiter.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 15:25:50 GMT","end":"Wed, 04 Mar 2026 15:25:49 GMT"},"fingerprint":{"sha1":"25:92:C4:AC:1C:0D:06:00:C2:7C:F6:ED:EE:2E:A0:19:ED:4B:AD:11","sha256":"C1:F4:1B:A6:AB:71:40:B8:6F:94:3F:97:01:01:19:62:82:56:AB:47:02:A6:02:5B:CC:05:CB:4E:C8:F6:09:B8"}}},"request":{"raw":"GET /bell.svg HTTP/1.1\r\nHost: kra47.bestsiter.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kra47.bestsiter.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 07 Dec 2025 00:21:38 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 2007\r\nLast-Modified: Mon, 03 Nov 2025 02:59:56 GMT\r\nConnection: keep-alive\r\nETag: \"69081aac-7d7\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2007,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"82f8ae5b95d9804d75e342908cbb80b9","sha1":"613a041672a98c0be5c5ef8ad6fca3f9be4fc069","sha256":"16981528917d428ad33dda9d3eb796177afdd0b6667379081c5518927a1a9a03","sha512":"6c060b0efc5aaa5013ea23358b8da1bf41f4506d80b7bc35bfc3f71d89713c71c7a9be75a5845199058ec5c9adcdba36063184245f1860fd890269205d052f49","ssdeep":"","tlshash":"2a4111f5d6c9f1e0a446abd99f2a919a339e30ff3b91dac602449ac0e012038988cc14","first_seen":"2025-11-07T18:36:06.45735Z","last_seen":"2026-02-03T08:21:52.157049Z","times_seen":293,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":78,"dns":1,"connect":8,"send":0,"wait":35,"receive":0,"ssl":78},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"kra47.bestsiter.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-07","alert":"Phishing Block","trigger":"kra47.bestsiter.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kra47.bestsiter.ru/script.js?v=1765066897944","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kra47.bestsiter.ru/","date":"2025-12-07T00:21:37.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kra47.bestsiter.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 15:25:50 GMT","end":"Wed, 04 Mar 2026 15:25:49 GMT"},"fingerprint":{"sha1":"25:92:C4:AC:1C:0D:06:00:C2:7C:F6:ED:EE:2E:A0:19:ED:4B:AD:11","sha256":"C1:F4:1B:A6:AB:71:40:B8:6F:94:3F:97:01:01:19:62:82:56:AB:47:02:A6:02:5B:CC:05:CB:4E:C8:F6:09:B8"}}},"request":{"raw":"GET /script.js?v=1765066897944 HTTP/1.1\r\nHost: kra47.bestsiter.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kra47.bestsiter.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 07 Dec 2025 00:21:38 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000;\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":459,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"445697371633c79871bf78a0fdf3c370","sha1":"2927e758128fbfe0ffbe898288e8bf700c84f408","sha256":"23cb3e29ca4ecece95eaf4a5e45fc628bf2ce1d21a01da4ef33d71e8d8e4630c","sha512":"587e1db171c52e6ae7bd37ae5d8896a62f39523bd591219088067af64d6e521095bc0add46e0c1397fd112ec316c467c289e25eefaf7858a7b505532a3b471b6","ssdeep":"","tlshash":"74f02e7721347a7405a575bb36c657c8d63b00efb80510013e098d181f746e60372f9d","first_seen":"2025-12-05T14:56:02.67166Z","last_seen":"2025-12-08T00:33:51.961738Z","times_seen":64,"resource_available":true,"data":null}},"time_used":312,"timings":{"blocked":81,"dns":1,"connect":8,"send":0,"wait":148,"receive":0,"ssl":72},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"kra47.bestsiter.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-07","alert":"Phishing Block","trigger":"kra47.bestsiter.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kra47.bestsiter.ru/icon.svg","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kra47.bestsiter.ru/","date":"2025-12-07T00:21:37.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kra47.bestsiter.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 15:25:50 GMT","end":"Wed, 04 Mar 2026 15:25:49 GMT"},"fingerprint":{"sha1":"25:92:C4:AC:1C:0D:06:00:C2:7C:F6:ED:EE:2E:A0:19:ED:4B:AD:11","sha256":"C1:F4:1B:A6:AB:71:40:B8:6F:94:3F:97:01:01:19:62:82:56:AB:47:02:A6:02:5B:CC:05:CB:4E:C8:F6:09:B8"}}},"request":{"raw":"GET /icon.svg HTTP/1.1\r\nHost: kra47.bestsiter.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kra47.bestsiter.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 07 Dec 2025 00:21:38 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1682\r\nLast-Modified: Mon, 03 Nov 2025 02:59:58 GMT\r\nConnection: keep-alive\r\nETag: \"69081aae-692\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1682,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8155b5a1de4d4c47da7bba99b03120e3","sha1":"6dfa7536ce273c5b4ce580e7ddf560d0cf8e5e58","sha256":"2ff692ff73df7225162203982e4ba8f86dde13fcdabbfe6a2bb9f24b253d108e","sha512":"e41f72b8d6ed4f4f6d626f257f64e94ab706115c796bb58464f6515c1d73e54eb3bd613adb02f9a01123138e83d03e0dd7720e38fb9e729289d9da47a2564eb2","ssdeep":"","tlshash":"963166f2c5eae5e049057ff4d83780adbd672cfe7f88ca99c1846c54914847ce44d848","first_seen":"2025-11-07T18:36:06.461905Z","last_seen":"2026-02-03T08:21:52.15307Z","times_seen":293,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":80,"dns":0,"connect":9,"send":0,"wait":35,"receive":0,"ssl":75},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"kra47.bestsiter.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-07","alert":"Phishing Block","trigger":"kra47.bestsiter.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kra47.bestsiter.ru/favicon.svg","fqdn":"kra47.bestsiter.ru","domain":"bestsiter.ru","tld":"ru"},"ip":{"addr":"193.105.134.30","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kra47.bestsiter.ru/","date":"2025-12-07T00:21:38.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kra47.bestsiter.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 15:25:50 GMT","end":"Wed, 04 Mar 2026 15:25:49 GMT"},"fingerprint":{"sha1":"25:92:C4:AC:1C:0D:06:00:C2:7C:F6:ED:EE:2E:A0:19:ED:4B:AD:11","sha256":"C1:F4:1B:A6:AB:71:40:B8:6F:94:3F:97:01:01:19:62:82:56:AB:47:02:A6:02:5B:CC:05:CB:4E:C8:F6:09:B8"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: kra47.bestsiter.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kra47.bestsiter.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 07 Dec 2025 00:21:38 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 698\r\nLast-Modified: Mon, 03 Nov 2025 02:59:58 GMT\r\nConnection: keep-alive\r\nETag: \"69081aae-2ba\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":698,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2f9102020a99583a4f5c7d977389a4a7","sha1":"61bc9ff7fcfb0ecc53564282530695ed615f10d6","sha256":"c1b9aa8ba7fad00cf2042d64ccddc0a23489efa8d0f706b4ccd4cc2867ee4e97","sha512":"1e75989e2f530c63ea9c0dc33be195030005c194432979d5c62f213699bf6b10a0a4e087ff0fe9c7dae2caebeb444f186ac934d931c320b9052f92d001ffb8c9","ssdeep":"","tlshash":"f801978831a52075e2510b4047b57c84233ef04f49d1384997dc3a668d4deb62bed399","first_seen":"2025-11-13T21:28:43.09227Z","last_seen":"2026-02-03T08:21:52.159043Z","times_seen":243,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-07","alert":"Phishing Block","trigger":"kra47.bestsiter.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"kra47.bestsiter.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}