{"report_id":"83ce7382-b04f-41b1-a6c2-932fe7bccb13","version":6,"status":"done","tags":[],"date":"2026-03-02T13:20:19Z","url":{"schema":"http","addr":"storage-money.online","fqdn":"storage-money.online","domain":"storage-money.online","tld":"online"},"ip":{"addr":"146.103.103.51","port":0,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"final":{"url":{"schema":"https","addr":"storage-money.online/","fqdn":"storage-money.online","domain":"storage-money.online","tld":"online"},"title":"Money Storage","dom":{"size":9415,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (347)","md5":"372df7bcb6ed263433520c2940d1d86c","sha1":"78e6491069834f3f041b6040cee13b939368e8d3","sha256":"fe2f50abce392817bc7d97ff302d7b82e63e2d121522b15f3792c40b0b011ce2","sha512":"899380cb13f86fd92afed4d6944a79fa2f28db6b101b826efd3d4206d0085496141f6bafaeb7115a1beffcb5ed43ff17c4db74c273e6fd4f0df5acc8da8a074d","ssdeep":"192:42FFTpeWLPQu+lCSW9/WM1s+Z95XtizrpRGwgmJtf6dZQs2MHDoTQdt5g:42F5peWTnatMb1P7dU/6wVSdzjgkt5g","tlshash":"221296b285a07c2a050b618afd11230e98b3446fff5e699535dc440effc6e618673b5b","dom_hash":"domhash85b6e95397e5af2b738a2edf8a7d5cc6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"storage-money.online","fqdn":"storage-money.online","domain":"storage-money.online","tld":"online"},"ip":{"addr":"146.103.103.51","port":0,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-06T13:20:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"storage-money.online","ip":{"addr":"146.103.103.51","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":16,"request_count":8,"received_data":779959,"sent_data":3604,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"storage-money.online/buratino.css","fqdn":"storage-money.online","domain":"storage-money.online","tld":"online"},"ip":{"addr":"146.103.103.51","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://storage-money.online/","date":"2026-03-02T13:19:58.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"storage-money.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:06:06 GMT","end":"Sat, 23 May 2026 22:06:05 GMT"},"fingerprint":{"sha1":"69:D7:50:80:A1:8F:FA:80:6D:A7:A7:F1:94:67:CF:73:02:65:68:E8","sha256":"D9:72:69:AB:F8:07:F1:A1:98:C1:0A:53:67:D5:3F:97:C6:13:1E:EC:5F:BA:9C:88:10:7D:24:CA:74:6B:F9:98"}}},"request":{"raw":"GET /buratino.css HTTP/1.1\r\nHost: storage-money.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://storage-money.online/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 02 Mar 2026 13:19:58 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sun, 22 Feb 2026 22:50:18 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b882a-1e29\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7721,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"f0c15eb5457d1fd559a06b3c9795262c","sha1":"8d20bc86135ddb9ca4940bee3ad2a06515ea8495","sha256":"534c5055293662aaa8c742d05a8423a75bfd0edce8f58008e7cb86ed3917def5","sha512":"a931890abdda82f5c2e2c2f019deafd44e6d835bcf609885cee11da091887f445fe649c64348b1b42edb60c779acc4fb85806fb3f31a4237e6d61bbbdeda4d95","ssdeep":"96:nHWkOZGjYZPGE+KrCKfXkPxSt2wdGxgDGA0bZia8caZ3FMbR0DedO1d6HbyMP:nHWkOZGqPGEHI4UK3D/018FMG2HbyMP","tlshash":"abf178a6d9ab18867702c0912f367b04971cf007998add7eb6ab74dcdfe518081e33d8","first_seen":"2026-03-02T13:20:24.557669Z","last_seen":"2026-03-02T13:20:24.557669Z","times_seen":1,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"storage-money.online/alert.css","fqdn":"storage-money.online","domain":"storage-money.online","tld":"online"},"ip":{"addr":"146.103.103.51","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://storage-money.online/","date":"2026-03-02T13:19:58.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"storage-money.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:06:06 GMT","end":"Sat, 23 May 2026 22:06:05 GMT"},"fingerprint":{"sha1":"69:D7:50:80:A1:8F:FA:80:6D:A7:A7:F1:94:67:CF:73:02:65:68:E8","sha256":"D9:72:69:AB:F8:07:F1:A1:98:C1:0A:53:67:D5:3F:97:C6:13:1E:EC:5F:BA:9C:88:10:7D:24:CA:74:6B:F9:98"}}},"request":{"raw":"GET /alert.css HTTP/1.1\r\nHost: storage-money.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://storage-money.online/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 02 Mar 2026 13:19:58 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sun, 22 Feb 2026 22:50:18 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b882a-bae\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2990,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"9eb8911cc7ea3aee4e0b35d435991f08","sha1":"55b018de4fd589a8ebe26622c9d1fe1011647a7c","sha256":"3b0cb2071579f2a33f9df68930d5fce2487aa040e4ebb9b5fdccbaf04c2ab430","sha512":"448c781ba8076c2382fa2cead1cb57feaec420ca69a2d78a2518ad0d70637e2a5ef0029cfc0c0b0520eebfbf8d766b79568a0a3f81fcc1fcbd2f9acab7a37fd9","ssdeep":"","tlshash":"7a516f979a7f1501795fa0697ffe5f722b2444a3850ec8787ebd728c4f800e99486389","first_seen":"2026-03-02T13:20:24.558688Z","last_seen":"2026-03-02T13:20:24.558688Z","times_seen":1,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"storage-money.online/style.css","fqdn":"storage-money.online","domain":"storage-money.online","tld":"online"},"ip":{"addr":"146.103.103.51","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://storage-money.online/","date":"2026-03-02T13:19:58.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"storage-money.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:06:06 GMT","end":"Sat, 23 May 2026 22:06:05 GMT"},"fingerprint":{"sha1":"69:D7:50:80:A1:8F:FA:80:6D:A7:A7:F1:94:67:CF:73:02:65:68:E8","sha256":"D9:72:69:AB:F8:07:F1:A1:98:C1:0A:53:67:D5:3F:97:C6:13:1E:EC:5F:BA:9C:88:10:7D:24:CA:74:6B:F9:98"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: storage-money.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://storage-money.online/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 02 Mar 2026 13:19:58 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sun, 22 Feb 2026 22:50:18 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b882a-19139\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102713,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"aae6c8120a05b3e89972fc6e5b0d8352","sha1":"2b3ccae143f8cdbfa264dda20ae6a1cf4475457d","sha256":"8f679ed902100b194893e999fd50d8bf64148e5f0fa04127507189c6f75bfce4","sha512":"53d0f9ecaf18d85842f02fc79d5331d8c11a2a035b71851e4b27e1eecfe71226da259ad62c7d0191dd9842077a687673ea0c172a48f090e3f1199141d85d639a","ssdeep":"3072:yi769b/wlA+UkH+k4ffWb3yXhxHxZgJon8ly2O2avc888wpohrfXCU:yi769jwlA+UkH+k4ffWbiXhxHxZgJonz","tlshash":"aea36586a6731845b81ba16c6ffa9706722d8043c50ecc7d7fdd324c8f892e99563b8d","first_seen":"2026-03-02T13:20:24.559506Z","last_seen":"2026-03-02T13:20:24.559506Z","times_seen":1,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":46,"dns":0,"connect":0,"send":0,"wait":38,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"storage-money.online/logo.svg","fqdn":"storage-money.online","domain":"storage-money.online","tld":"online"},"ip":{"addr":"146.103.103.51","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://storage-money.online/","date":"2026-03-02T13:19:58.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"storage-money.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:06:06 GMT","end":"Sat, 23 May 2026 22:06:05 GMT"},"fingerprint":{"sha1":"69:D7:50:80:A1:8F:FA:80:6D:A7:A7:F1:94:67:CF:73:02:65:68:E8","sha256":"D9:72:69:AB:F8:07:F1:A1:98:C1:0A:53:67:D5:3F:97:C6:13:1E:EC:5F:BA:9C:88:10:7D:24:CA:74:6B:F9:98"}}},"request":{"raw":"GET /logo.svg HTTP/1.1\r\nHost: storage-money.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://storage-money.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 02 Mar 2026 13:19:58 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 24794\r\nLast-Modified: Sun, 22 Feb 2026 22:50:18 GMT\r\nConnection: keep-alive\r\nETag: \"699b882a-60da\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24794,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"71734a509058b338028c12faf59a123e","sha1":"cdbf3723a079362b24d2a411c192a9da902151be","sha256":"8f28968d48fcda3363e8e25b6da245cd81ba31767b5e2bae06e38cb343872daa","sha512":"60114dc7ef6eb47c98d088ab26c0260ccceca7ea198ff18cb79e1ea9679c20888b91f85a0fdcfed1a133c18cd1cc9734b56440aaa8fcc1c30b4650ea58ea78fe","ssdeep":"384:HFqG8NYFY0Q9P25g1e6cLSQiricN0/QIOc9cHdYEtv+zcQiAkWZduVJO1NbvlPNl:UGgsQ9P25t6AfQIOcidYEA8PuLQjRA","tlshash":"26b22bca23bc8afcb546c39c992104627d8534ff7f618368f1ad9d697b120e4841cdab","first_seen":"2026-03-02T13:20:24.560944Z","last_seen":"2026-03-11T04:50:00.768181Z","times_seen":3,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":89,"dns":29,"connect":28,"send":0,"wait":56,"receive":5,"ssl":36},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"storage-money.online/phone-bg-left.png","fqdn":"storage-money.online","domain":"storage-money.online","tld":"online"},"ip":{"addr":"146.103.103.51","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://storage-money.online/","date":"2026-03-02T13:19:58.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"storage-money.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:06:06 GMT","end":"Sat, 23 May 2026 22:06:05 GMT"},"fingerprint":{"sha1":"69:D7:50:80:A1:8F:FA:80:6D:A7:A7:F1:94:67:CF:73:02:65:68:E8","sha256":"D9:72:69:AB:F8:07:F1:A1:98:C1:0A:53:67:D5:3F:97:C6:13:1E:EC:5F:BA:9C:88:10:7D:24:CA:74:6B:F9:98"}}},"request":{"raw":"GET /phone-bg-left.png HTTP/1.1\r\nHost: storage-money.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://storage-money.online/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 02 Mar 2026 13:19:58 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 22 Feb 2026 22:50:18 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b882a-9803f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":622655,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2028 x 1700, 8-bit colormap, non-interlaced","md5":"23d0d95ead7dedf135c47bcd736c871c","sha1":"5f69b5456345ac9e022491fa7928cb2a61ff43c7","sha256":"f89cb8930d2361d8a0b5e649d12700a9ee302928c9f7e5308ea71c63b3f703e9","sha512":"1d55131d7c3822567338f742e1b02bb664b6dcb34bbfc31a820d15462a5ad863ace5fdb82cfd3105176bc224580f111c43e431dab25637248ee83d81f8c926d5","ssdeep":"12288:xGGecxP2Zo8a1pnMQW1UHBfhsu6Y3iA3rSSeGSs7JXPS:QGecN2ihIosu6YSsTeu7Zq","tlshash":"d0d42319d5fee010a9673b3d87d0eeb9c6ad2aca47ad203743c4255deff862c81a11d1","first_seen":"2026-03-02T13:20:24.561915Z","last_seen":"2026-03-11T04:50:00.772587Z","times_seen":3,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":135,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"storage-money.online/192x192.png","fqdn":"storage-money.online","domain":"storage-money.online","tld":"online"},"ip":{"addr":"146.103.103.51","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://storage-money.online/","date":"2026-03-02T13:19:58.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"storage-money.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:06:06 GMT","end":"Sat, 23 May 2026 22:06:05 GMT"},"fingerprint":{"sha1":"69:D7:50:80:A1:8F:FA:80:6D:A7:A7:F1:94:67:CF:73:02:65:68:E8","sha256":"D9:72:69:AB:F8:07:F1:A1:98:C1:0A:53:67:D5:3F:97:C6:13:1E:EC:5F:BA:9C:88:10:7D:24:CA:74:6B:F9:98"}}},"request":{"raw":"GET /192x192.png HTTP/1.1\r\nHost: storage-money.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://storage-money.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 02 Mar 2026 13:19:58 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 22 Feb 2026 22:50:18 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b882a-1700\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5888,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"488ac793b7bf292c59e33f9855e89179","sha1":"8066a81ceba056e939f90ceec01344efd3c1fba9","sha256":"efad46f14bde7956e63315aa509e3535117f8fcd2f6e4c3ab9aa2f7205db760e","sha512":"3187fcd6fa844faf2a1279964410677289b57d66c8d8cf3ed9466be3e934065cc79060064fa36d9ea0b3ef4d15d2cfdee4851f002a942ce5f72186037b58654f","ssdeep":"96:wSPsJJeOkraTsB3awXWOxPnromyJ8wGgqTfs+LR/HqLo2DgdBf9EReBa:wSPsJ+axwX5Pr2TGgWkWHu/gLfiYBa","tlshash":"55c1af5e386954e9772fa890627f695d002a3da74047645cc77c3b8a3d03dd10b50bbe","first_seen":"2026-03-02T13:20:24.563273Z","last_seen":"2026-03-11T04:50:00.758133Z","times_seen":3,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"storage-money.online/64x64.png","fqdn":"storage-money.online","domain":"storage-money.online","tld":"online"},"ip":{"addr":"146.103.103.51","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://storage-money.online/","date":"2026-03-02T13:19:58.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"storage-money.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:06:06 GMT","end":"Sat, 23 May 2026 22:06:05 GMT"},"fingerprint":{"sha1":"69:D7:50:80:A1:8F:FA:80:6D:A7:A7:F1:94:67:CF:73:02:65:68:E8","sha256":"D9:72:69:AB:F8:07:F1:A1:98:C1:0A:53:67:D5:3F:97:C6:13:1E:EC:5F:BA:9C:88:10:7D:24:CA:74:6B:F9:98"}}},"request":{"raw":"GET /64x64.png HTTP/1.1\r\nHost: storage-money.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://storage-money.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 02 Mar 2026 13:19:58 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 22 Feb 2026 22:50:18 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b882a-6b1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"6ad3e3dd35e1308a851339579b688b49","sha1":"cbffd8a340648c44f6a252e3ac525e3f7cda0376","sha256":"092fda92839daf5251f62544f6ceb4ddb650554a098769dc01af2b65bc3af713","sha512":"677cad54afd17489c9c910aeef59fdcddff4b84969b31a9b10b70afffad7891e823c03731a3a51093be2a2fd58e692b2f5e6691b9c7a24adfc75f2f57164da30","ssdeep":"","tlshash":"b0312bc2362b68c6636c8d2096b183ba5de34b801057ba3fd4b515fad42dc481368176","first_seen":"2026-03-02T13:20:24.564185Z","last_seen":"2026-03-11T04:50:00.773386Z","times_seen":3,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"storage-money.online/","fqdn":"storage-money.online","domain":"storage-money.online","tld":"online"},"ip":{"addr":"146.103.103.51","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-02T13:19:57.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"storage-money.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:06:06 GMT","end":"Sat, 23 May 2026 22:06:05 GMT"},"fingerprint":{"sha1":"69:D7:50:80:A1:8F:FA:80:6D:A7:A7:F1:94:67:CF:73:02:65:68:E8","sha256":"D9:72:69:AB:F8:07:F1:A1:98:C1:0A:53:67:D5:3F:97:C6:13:1E:EC:5F:BA:9C:88:10:7D:24:CA:74:6B:F9:98"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: storage-money.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 02 Mar 2026 13:19:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 2946\r\nConnection: keep-alive\r\nLast-Modified: Sun, 22 Feb 2026 23:11:50 GMT\r\nETag: \"24d7-64b71c77c3777-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9431,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (347)","md5":"98a8f886985440b3cb3e9a43effa999c","sha1":"2b63f8f436edbead61f8b5cacd145a631139402b","sha256":"28701ec7327b300f94da8cc5a215b4edcfc8258487b4acb9357921279a4d19da","sha512":"34db5645fe0eab1a96895b02b6bc6c4fb2543dce38f03691508dd898ba207b6caa37f4d35030e902f9fcbba2da7f30414223c44518599c21e73723198ea025ee","ssdeep":"192:k2FFTpeWLPQu+lCSW9/WM1s+Z95XtizrpRGwgmJtf6dZQs2MHDoTQdt5g:k2F5peWTnatMb1P7dU/6wVSdzjgkt5g","tlshash":"e41296b289a07c2a050b718afd11220e98b3446fff5e699535dc440effc6e618673b5b","first_seen":"2026-03-02T13:20:24.565068Z","last_seen":"2026-03-02T13:20:24.565068Z","times_seen":1,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":129,"dns":67,"connect":28,"send":0,"wait":33,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"storage-money.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}