{"report_id":"92907a85-67a7-4966-bc6f-b13639f73d06","version":6,"status":"done","tags":[],"date":"2025-12-30T16:23:31Z","url":{"schema":"http","addr":"by46beo2.bracketmurmur.ru/?=check\u0026\u0026actmn=zlmmnouwlcrvnrgl/","fqdn":"by46beo2.bracketmurmur.ru","domain":"bracketmurmur.ru","tld":"ru"},"ip":{"addr":"172.67.146.137","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"by46beo2.bracketmurmur.ru/?=check\u0026\u0026actmn=zlmmnouwlcrvnrgl/","fqdn":"by46beo2.bracketmurmur.ru","domain":"bracketmurmur.ru","tld":"ru"},"title":"FASTPANEL","dom":{"size":11863,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (6573)","md5":"2937464283013ffbb081dbd204336c06","sha1":"d50b1c27d675e179f7e51d11e00906018da1f48f","sha256":"c34456715975bc1ebb24b8c1c7ab1e99cff9f3170a14904503fd7f119be1d084","sha512":"968b9b89b1117a8f1046bf90acf4195dd65c2b1efb27eee4df7b9e912f88681df3ddd0f6cc046c25abb1c98f0dbb45176a9c14231b0d7ab1ef71a9c166544837","ssdeep":"192:MO0vOM7R1YehNAKU3IEjHmaZO4Bl0F1kwcvg/4fT0Cmjz+SdLw7Jg/K:MV6KU3IEZO4Bl0F1kwcvg/Q0Cmjz7dLs","tlshash":"3c32b51d922838af11eb4299f777b3ec503a4878c050425db07b1969e257a93ea275fc","dom_hash":"domhash2a05ecb54bb943887170293c4954ae32","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"by46beo2.bracketmurmur.ru/?=check\u0026\u0026actmn=zlmmnouwlcrvnrgl/","fqdn":"by46beo2.bracketmurmur.ru","domain":"bracketmurmur.ru","tld":"ru"},"ip":{"addr":"172.67.146.137","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-03T16:23:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"by46beo2.bracketmurmur.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"by46beo2.bracketmurmur.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-28T22:14:05.525046Z","alert_count":0,"request_count":2,"received_data":81926,"sent_data":1120,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-28T22:17:10.032556Z","alert_count":0,"request_count":1,"received_data":11856,"sent_data":475,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"by46beo2.bracketmurmur.ru","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-30","domain_rank":0,"first_seen":"2025-12-30T16:23:31.765591Z","last_seen":"2025-12-30T16:23:31.765591Z","alert_count":4,"request_count":2,"received_data":24663,"sent_data":1015,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:regular,500\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://by46beo2.bracketmurmur.ru/?=check\u0026\u0026actmn=zlmmnouwlcrvnrgl/","date":"2025-12-30T16:23:08.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /css?family=Roboto:regular,500\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://by46beo2.bracketmurmur.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 30 Dec 2025 16:23:08 GMT\r\ndate: Tue, 30 Dec 2025 16:23:08 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11170,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"2f210d89d2f6796b5075cfc7162b91b8","sha1":"64cc55bd286a45a1564b67bd10990124eae9dd26","sha256":"3530523640e50d8a4298232799aa13390f31ad80c89a42ccdbda88d33cb2080b","sha512":"f8a38e115e5134273189103ff1fedb1b682a152e12feacd51b4508251e3e67583ac0c4c863394e33a0c57913948d8e712531b7d19e5dfaf9c8ba71fe180c2a0d","ssdeep":"192:2NKfmNKfNK4NKfkNK/qbNKDbqGIwV4BNKnNKuwNKkNKfNNKgNKXNKfTNK/qsNKDL:8KfMK1KWK6KyhK/qY4XKNKtKiKfDKOK+","tlshash":"af320fa1041750009b838ce223cebf35fe1f52517142d0b5abfdab6badcbc66526936d","first_seen":"2025-11-19T05:46:13.82268Z","last_seen":"2026-02-19T21:52:14.744821Z","times_seen":2612,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":107,"dns":1,"connect":27,"send":0,"wait":46,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"by46beo2.bracketmurmur.ru/favicon.ico","fqdn":"by46beo2.bracketmurmur.ru","domain":"bracketmurmur.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://by46beo2.bracketmurmur.ru/?=check\u0026\u0026actmn=zlmmnouwlcrvnrgl/","date":"2025-12-30T16:23:08.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bracketmurmur.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:26:03 GMT","end":"Mon, 30 Mar 2026 09:22:34 GMT"},"fingerprint":{"sha1":"F5:D0:8C:91:FB:18:73:E5:ED:0E:05:00:AF:95:C9:CC:93:5A:58:03","sha256":"9E:39:0D:B1:D9:71:00:8B:F3:A3:75:2D:6A:2D:2D:F5:E9:CE:0B:3D:C5:ED:E7:28:A9:89:12:51:74:EE:22:51"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: by46beo2.bracketmurmur.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://by46beo2.bracketmurmur.ru/?=check\u0026\u0026actmn=zlmmnouwlcrvnrgl/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 30 Dec 2025 16:23:08 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Dec 2025 16:50:02 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6hhiPOX3OKY840jU4BngbiIqPnZPPjtLC0iWcleefjP5%2F9NjgzvVajE2V9Oz9FJziTyOgmsYZ2cnEVzprDMAHnrC6sKcNGvuLtbJ1GRQuJNl9xiyK0FB\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9b62e147c97356ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11694,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (6573)","md5":"b7759166a0f1807b202b45f510c2172e","sha1":"ef160ebdf82a6cadd27197fb589a3786e58e3fa5","sha256":"825eb1a627f34c3d1fad85cb5904b5ac0fded65f677c5a85fa992e42c450fd99","sha512":"5085882d85f2d3ab9fa2c2b3bfbde24072ae732b02529946700df1ee92fbafb0e7d305bf21f6034b44012d310495bc7ebd4826b226685a1cc3790b429d0169ec","ssdeep":"192:OO0vOM7R1YehNAKU3IEjHmaq44BG0wK5FhYg/4fT0Cmlz+S+CVy+g/S:OV6KU3IEq44BG0wK5FhYg/Q0Cmlz7+C7","tlshash":"c632c41e9268386f11eb5195f777b3ec503a4878c060028db07f5929a257a93ea235fc","first_seen":"2024-09-09T18:15:01Z","last_seen":"2026-04-04T03:48:04.938555Z","times_seen":4097,"resource_available":true,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"by46beo2.bracketmurmur.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"by46beo2.bracketmurmur.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://by46beo2.bracketmurmur.ru/?=check\u0026\u0026actmn=zlmmnouwlcrvnrgl/","date":"2025-12-30T16:23:08.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://by46beo2.bracketmurmur.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Dec 2025 23:52:35 GMT\r\nexpires: Wed, 23 Dec 2026 23:52:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 577834\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T03:45:50.364076Z","times_seen":713688,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":124,"dns":0,"connect":17,"send":0,"wait":21,"receive":20,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://by46beo2.bracketmurmur.ru/?=check\u0026\u0026actmn=zlmmnouwlcrvnrgl/","date":"2025-12-30T16:23:08.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://by46beo2.bracketmurmur.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Dec 2025 23:52:35 GMT\r\nexpires: Wed, 23 Dec 2026 23:52:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 577834\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T03:45:50.364076Z","times_seen":713688,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":150,"dns":1,"connect":28,"send":0,"wait":16,"receive":8,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"by46beo2.bracketmurmur.ru/?=check\u0026\u0026actmn=zlmmnouwlcrvnrgl/","fqdn":"by46beo2.bracketmurmur.ru","domain":"bracketmurmur.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-30T16:23:08.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bracketmurmur.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:26:03 GMT","end":"Mon, 30 Mar 2026 09:22:34 GMT"},"fingerprint":{"sha1":"F5:D0:8C:91:FB:18:73:E5:ED:0E:05:00:AF:95:C9:CC:93:5A:58:03","sha256":"9E:39:0D:B1:D9:71:00:8B:F3:A3:75:2D:6A:2D:2D:F5:E9:CE:0B:3D:C5:ED:E7:28:A9:89:12:51:74:EE:22:51"}}},"request":{"raw":"GET /?=check\u0026\u0026actmn=zlmmnouwlcrvnrgl/ HTTP/1.1\r\nHost: by46beo2.bracketmurmur.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Dec 2025 16:23:08 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Dec 2025 16:50:02 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D21u0x%2BqLd%2B5eMS%2B7KK2ZdEAO0SFBYpPk4jb97hIbexHQqN%2FiI1vHC2isL6ifyET4S%2FuhGWiPBilGQrcmA3jqEhDgx6YzJbOTFvI22KjU6Zv%2FRwWRf1DNqg%3D\"}]}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b62e145aa551525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11694,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (6573)","md5":"b7759166a0f1807b202b45f510c2172e","sha1":"ef160ebdf82a6cadd27197fb589a3786e58e3fa5","sha256":"825eb1a627f34c3d1fad85cb5904b5ac0fded65f677c5a85fa992e42c450fd99","sha512":"5085882d85f2d3ab9fa2c2b3bfbde24072ae732b02529946700df1ee92fbafb0e7d305bf21f6034b44012d310495bc7ebd4826b226685a1cc3790b429d0169ec","ssdeep":"192:OO0vOM7R1YehNAKU3IEjHmaq44BG0wK5FhYg/4fT0Cmlz+S+CVy+g/S:OV6KU3IEq44BG0wK5FhYg/Q0Cmlz7+C7","tlshash":"c632c41e9268386f11eb5195f777b3ec503a4878c060028db07f5929a257a93ea235fc","first_seen":"2024-09-09T18:15:01Z","last_seen":"2026-04-04T03:48:04.938555Z","times_seen":4097,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":100,"dns":80,"connect":1,"send":0,"wait":78,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"by46beo2.bracketmurmur.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"by46beo2.bracketmurmur.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}