{"report_id":"92a97f9b-d2bb-44cb-81d9-bb774f419a86","version":6,"status":"done","tags":[],"date":"2025-10-08T14:49:24Z","url":{"schema":"http","addr":"lordfilm-paris-street.store/","fqdn":"lordfilm-paris-street.store","domain":"lordfilm-paris-street.store","tld":"store"},"ip":{"addr":"87.236.16.48","port":0,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"title":"lordfilm -"},"submit":{"url":{"schema":"http","addr":"lordfilm-paris-street.store/","fqdn":"lordfilm-paris-street.store","domain":"lordfilm-paris-street.store","tld":"store"},"ip":{"addr":"87.236.16.48","port":0,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-12T14:49:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lordfilm-paris-street.store","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"lord-orange-fox.ru","ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"domain_registered":"2025-09-10","domain_rank":0,"first_seen":"2025-10-08T14:49:25.259889Z","last_seen":"2025-10-08T14:49:25.259889Z","alert_count":68,"request_count":68,"received_data":5259102,"sent_data":32539,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-05T22:12:07.524768Z","alert_count":0,"request_count":2,"received_data":21053,"sent_data":1104,"comment":"","tags":null,"fingerprints":null},{"fqdn":"lordfilm-paris-street.store","ip":{"addr":"87.236.16.48","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"domain_registered":"2025-06-24","domain_rank":0,"first_seen":"2025-10-08T14:49:25.261935Z","last_seen":"2025-10-08T14:49:25.261935Z","alert_count":1,"request_count":1,"received_data":112152,"sent_data":496,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"835c62bf9a1b5849f3f219d88b76b499","sha1":"887eb45cc64c03c5cfb506c3c5c3a35bed55cd9f","sha256":"51a11a44d34aa4c21fa49b90e4fdbc5d77abde3d41bd0a8584d23fa7923567c7","sha512":"583f92a3d39342a680902b4bd849453c4cf5cfac5315cd711838c511600df2684da74a184539da9941038a959f14808af2573ec3cc8aeaa0b2e075a939b50efe","ssdeep":"","tlshash":"99a002ae3914c21e67fb310d9af637d0288885f08ce1ad5904c8f0543196c07e9c4ddb","size":70,"data":"","first_seen":"2025-10-08T14:49:36.700732Z","last_seen":"2025-11-26T10:10:55.2803Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"303b7913b20befb9eef6aefe050b6cf2","sha1":"0a6404f26d398381c530977e54ada60aa05aa7e2","sha256":"ee66dfcc6976ec3cc971edd09ceddeb680e61889e90cc203219212d35159dda0","sha512":"9f1965223ad8bfcdf62899bdfb644b17aab3dcf5d03371d97a8f37d1b18bea5a43d51ad3fe5646e0e82d6703e3e5ef7cd2ecc07dfb07f5a0559a3f2d46dc4c2d","ssdeep":"","tlshash":"27f020e4f0900cde07fc61e88571b5bb65c31013c0949e00eebcc6970c0138c80e0917","size":565,"data":"","first_seen":"2025-10-08T14:49:36.701803Z","last_seen":"2025-10-08T14:49:36.701803Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"847a18dc0eb2de3b49fd37cd2d81017a","sha1":"fe3bd35ad58e8cf60ae5220e90a26b0d08a55bbd","sha256":"ff3cda3c503fb0689c6df084b255f811bbb0164e6cb5456ecb9633db29a38dff","sha512":"df7f229b4c3396c47bd20b6bb8e8862edab5f0f8bc3028e1ac46c33c9c4aec773e3f1682bb567c899c28a3b513d63940fc7fd7ba209af613ddb845a000588e0d","ssdeep":"768:jPYS2diir5MPWKHIpPUnU9hNYP0EnSm2OMhtLw0W2hA7UJuodRLcEn+NCPNm+efR:jAS65UDE1JqYhnJT3u","tlshash":"1f231898b22c38f261db27fa91efb744b1751b1498474004353dd8bd2ca8d87c59beea","size":47014,"data":"","first_seen":"2025-02-01T19:19:32.375356Z","last_seen":"2026-04-21T09:37:57.273397Z","times_seen":328,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"26edc9aebd50cf3d3ad0f23a53e5f684","sha1":"c4cd0948fbd8d7f43d878e86ba8444f56e2e0ed2","sha256":"cbe3afce70db4ee624eaded40068b2e81d24822ebe80355b843c5e11d669f438","sha512":"93c0fdbfaaa70369692d9f1b4b1049a660bb03a4682d6e868b15603ee22d888819674a88c075a287a8978c77c35d83287681745b48fbace4f77cae93c6271fff","ssdeep":"","tlshash":"0701d5108064545c80bb52d5bd2db886b58d7217c7fc4c88eee5de2c6949336db122a7","size":784,"data":"","first_seen":"2025-10-08T14:49:36.703519Z","last_seen":"2025-10-08T14:49:36.703519Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"7e14a584268881acd6b5c34fa90963f0","sha1":"53819c4f6ceba5921a1c6f2258c79f1ec7e0c463","sha256":"f9d32cff5759cc7e06f6dd51109ed48df7273d0340c040c565ce44d0c58bc942","sha512":"f66289a5814d0cc8f44ccafb1952a3f024460a72472db8de1bccc3b138aa58cd412e85611d6c3aefe1771d8a6d9a505d6c77c9466d961b79a4e6a6563734b7ab","ssdeep":"","tlshash":"82f04c94f7863eb17da5717922aff3753a362085a40714a06c3ed8d40e6dc8858cbd1e","size":592,"data":"","first_seen":"2024-08-19T19:42:25.875296Z","last_seen":"2026-04-19T14:51:10.882257Z","times_seen":83,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"6ca9e221149d0339f560c393c8bed325","sha1":"dfa9fcbf802fe1b7c9abdcb0c385099552345fa4","sha256":"dfc82cfd9685bcc0fefb8523ba210290d7cfa3d8d6d8ca07a520bfe19cf1a410","sha512":"76fe92beb75da43f4905031153ae79b8abe331f67278c14ab836c977fb90770ab66d430fd04b90d34f4f06ead67ec6ab2f1c95f7755098d8fc34f0df74a51a98","ssdeep":"","tlshash":"d4c08c79090201a338310efaa186db78bf3b2523a1702163fea8c734a885c1f40539ea","size":167,"data":"","first_seen":"2025-03-19T02:34:58.564114Z","last_seen":"2026-04-05T21:15:43.621986Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"cfe1e9715143c1d9828fffabc601bbb4","sha1":"bebb382698412f375265a5e217573abb26b76cac","sha256":"a858a8027710205a34cb327b262dadaac515d1157140540cdc3b821abc73366c","sha512":"393c479818a874e1ea35e5ee07c02a24c777df270e1adcd940478ca28fd12896e5c36672e87b00f669b657bcd02d81d89ac7df365a46fe60b6cdb816607d60aa","ssdeep":"","tlshash":"94115b82cb3d0231849b02aaa1688bfab4bd88782d11515abd5cdd6d18d5c4b4b97eb0","size":1042,"data":"","first_seen":"2025-03-19T02:34:58.566012Z","last_seen":"2026-04-05T21:15:43.630411Z","times_seen":79,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"1781020c1d0b6cfa19edd5a4437a60ac","sha1":"a8e82e998b84bde0f1682f26aa46e171c00e909e","sha256":"8efe13e62aa0903fa2221bfae9626422fd09feb30a1f77c9191bbcbc8c2566e3","sha512":"3f13db9cf9315aa20cb1fba08549a9bd0a74ab25d1f24b5a4a317221da60f944a7765967954832473525fa202f7cae750cb4712b1e697df38ac13e79306bf291","ssdeep":"","tlshash":"3d7000c0c0000c303ccc00003ccc330c0030000300000003330c0cf0fc000003cc000f","size":20,"data":"","first_seen":"2023-06-06T09:36:41Z","last_seen":"2026-04-14T12:05:57.757794Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"315f38981a7656ce268b5bc2ad0dc4d3","sha1":"b4782a949ae5d5481d8248e66feec6e6509efb7b","sha256":"3b723f53aacee6b99bda60d7f51a84f30cd7e01b03c0b7ff4091e1fbeae7120c","sha512":"e70ce37ad64ffacd9f7d49eceba969484a70b023bb1cfa5de48eb08e66e2624afda57de4913430071830734f81e910f6ad4254d042d52f530ed9cdfb98de883a","ssdeep":"","tlshash":"c411a0eae92df27a46762065c23a99f0f52c2034a40598337f1cc0be1898fd51fd1c14","size":1096,"data":"","first_seen":"2025-10-08T14:49:36.707362Z","last_seen":"2025-10-08T14:49:36.707362Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"087227cb2d780b4e581e9ea96fb18c82","sha1":"8e570872fc2a8af1bd6c63a03dff9356db2a94f1","sha256":"54898a11aad39a233a9c93dcb7a5d99c343b522dcd5c22dde6ec72f1beede23a","sha512":"a7b2f3cedaa111b17af0252bb7869e8586807d44c3ce88c966c4f3e4ec50bca2f7a8a381011fe31e92af1260fdaa247cf1d5eacfcd6acccf2abf90aa9f17965f","ssdeep":"","tlshash":"6351dcc973aec017b8673002926f11ce783c747b2e00b8bafca4849745b4d2b1756bac","size":2691,"data":"","first_seen":"2024-08-20T16:41:52.236918Z","last_seen":"2026-04-14T12:05:57.764625Z","times_seen":117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"a796d3da67363f9f4b7f80f70079b0ec","sha1":"8fef3f7ffa41b403abbbe1d7ae4b91377c492992","sha256":"89d5258598a7d5c8d5047f4bcbae44e12bf780d6a3b103f2d32ef3f9371d3332","sha512":"16684e7d3d519c6020f1dfe63fa4fb4e6d90592cf6ba7e9e1a6a274554106254dc91ec8d2fe8a972ee0975840746f72f32114f0b5deb02ce1de4c59c2b49c56c","ssdeep":"192:h5VULssA1mFi+S7JBexMDQf5/sbAlle0eoE:h3UYcvSyOG/lW","tlshash":"08e15249791a707a3a377475c29f220a733a3417a8474410aaecfbd4b97887a1b63d6c","size":7410,"data":"","first_seen":"2024-08-20T16:41:52.23369Z","last_seen":"2026-04-21T13:51:45.131609Z","times_seen":139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"32e45ea631b16d085851ef35bd3c5d3e","sha1":"e93ce525e6ba984a1a5547b8aaf6c201d43c1aca","sha256":"44ca3c9bf4c1688b6c5194d6fc568117cb05a88fc113f117c008be0da08bbbd8","sha512":"bf1be04c0bf07ef7d0f6831b868e560b61656e5266a78ed21f130069de476cf6ebb782a6ef0fec9f75d44f8cff4b115659dacd4fc00c7dc6a5e4cee46f79abd0","ssdeep":"","tlshash":"b011c0f23714aa728ea200ce98bce6d817313b176a83e468a40cdde1565cd9129f65ed","size":1063,"data":"","first_seen":"2024-08-20T16:41:52.23772Z","last_seen":"2026-04-14T12:05:57.765935Z","times_seen":112,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"e395d83831dcc82d2029121749739710","sha1":"83e60860eba79b0e1791343a9e351e7e9ca58305","sha256":"a0324e1b58584ecec576cd254dc9432f6b6b0340f280c4e16516d733fa3aeef6","sha512":"6169716d6a8cc2def788a7ca5ac224d5b0459aa06c798e761ba5c9b63541be0d728a0a3e429d4cdb069dd4c080fab83691eadcdc11d24a48ab39af6ee3b6a81c","ssdeep":"","tlshash":"3590020da1456c3e9b20650bb8152c4140905765281a2a11805855172a55640801d815","size":51,"data":"","first_seen":"2024-08-20T16:41:52.238487Z","last_seen":"2026-04-05T21:15:43.66975Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"c7fff88e85a496f6f73392c423d1f6cf","sha1":"044834603231d834766f8e5bf0be6fc9e17d12ca","sha256":"da115ed0436d43fc92c13f50820564309a4476e7a0900e0e861dae799630647d","sha512":"09ac37fd6c0f6addd5210f0f68c7d71e24c32611f80113d634c2d15e44aecd38e8e0462a3c71c53a9bbfdf16c9b0a443ea154f8c20c6ab50cd8fb9e99e5929d9","ssdeep":"","tlshash":"af110c25ef7cda3852b5815a337bf3943b3950d7e801b885dc9d9ca86818ee61554cc8","size":875,"data":"","first_seen":"2025-10-08T14:49:36.710898Z","last_seen":"2025-10-08T14:49:36.710898Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/1389553.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/1389553.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74698\r\nlast-modified: Tue, 05 Nov 2024 12:37:28 GMT\r\netag: \"672a1188-123ca\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74698,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"d539286760e1e687d1b7f9474818902f","sha1":"43b7fc305395d19be7902f670443aae0da6be922","sha256":"8b0f29656164fdc8ffec8d02069d35d647cc73a43507c0041c4760a1b6c0fc84","sha512":"22763abf816cd5a4236462587a9774db298242bfd9b5353055b861c11cf95c5ae56f8587b37095bea480d6dea59a0cc0fb192bcb4578d46f21ec7d2b31a8e1da","ssdeep":"1536:BV7gXCYeCKCqtciRP/Hc7YSlfnivquAIaiGkFQn:j7gXC70qtconcsmfivquX9RG","tlshash":"697312c1c78f21845ebd094b8b47b0a17173b6fca2ae507591911e792b74e74f2bcd28","first_seen":"2025-10-08T14:49:36.624206Z","last_seen":"2025-10-08T14:49:36.624206Z","times_seen":1,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/themes/lordfilm/assets/images/sprite.svg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/themes/lordfilm/assets/images/sprite.svg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nCookie: fpm_visit=1; fpm_referer=%2F%2F%2F%3Adirect\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 18 Feb 2024 14:09:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65d20f9f-25f9\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9721,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"eb624b31632d2e34209cbc20b82d4491","sha1":"80e49f438e1546e1ac5e83c4f7076133c50ecde6","sha256":"8efde7a06473688b43a39438b8da750fce38382ef869a80f18af3575022eb48f","sha512":"37052af10448e40e44e77021fcc9611454b82ad6b91b757a060ff4d4fc89fbf0ab680493aa9d4e332c7117c86e7160f33e5c59a31d49b5a715dd62397168c85b","ssdeep":"192:pwTgasRGozfwrQciVYSsGGWsIfaF+25pGwefaF+2OfaF+2tpGwY:mTgasLLwrQc43GWsIfaM25GfaM2OfaMH","tlshash":"e71292f5b229dae949874ac5ec3734a6511e0cfa7fe4c9a4b10a88f3d27b5c8dd48c41","first_seen":"2025-07-21T01:38:45.711944Z","last_seen":"2026-04-05T21:15:43.539881Z","times_seen":78,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/8114325.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/8114325.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:00 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 53521\r\nlast-modified: Mon, 08 Sep 2025 11:41:26 GMT\r\netag: \"68bec0e6-d111\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53521,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"d2f45f46e509291dde329e269daa4934","sha1":"8dd15ed1bcc9ef40473df5541f058f9349474e06","sha256":"ffe5957c2bc4b098dabb008a81e4e9653d0ba2fa972663536981ca1fea26bb2e","sha512":"15e48fd9061ac1e858362bd93c3fd0d5ba4811e4ec1a54da448a4c107dbe3513979685b7cb06f6dd607e38d94848e18fa98788a818b9f9aa9e043b2f7a0e084f","ssdeep":"768:GmfdPljrTBwRps2sQjTOm3KxeVQt8Tg9hCqCliqm7hMzd7kQWIqN32lmxWHWJYlh:BfdFBsXtHQmTwhCN2mqN32vHh3rFlj86","tlshash":"ad3301f72467e1a1c9f6c6c2d50d896a12ff02952240d8f38c2f88ae1359db42ef858d","first_seen":"2025-10-08T14:49:36.625918Z","last_seen":"2025-11-26T10:10:55.276556Z","times_seen":7,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/5455285.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/5455285.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 54757\r\nlast-modified: Tue, 16 Sep 2025 16:20:00 GMT\r\netag: \"68c98e30-d5e5\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54757,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"57b8ea1f9bf35722a4ccefca7fe3a5e0","sha1":"def6cfec97762b31d2f38589ab8ec7b8b41417d1","sha256":"a90fcdefce8d14b2bc0fc539e7983e624b1ae417c9d6df033030fcdebecae5a9","sha512":"39dc6a6f9697f3a7ea1fdd053a68dc3cbaba754b7a0d470c4a7687f75595201f25583c72eafa14445b8eda83c97765ad8549990e5103194e77cd09a2957e27b2","ssdeep":"1536:B/JSJSJSJSZr3/f9P78QGBmR7Xya+RYFZN4GAzvgj177llW:RJSJSJSJSZTfJYBu7Xynup4hzwrW","tlshash":"f0339e235c5d4a93647c82d5bd034fac2b097f8ce8a125ff85621ecb7a306725cae159","first_seen":"2025-10-08T14:49:36.627264Z","last_seen":"2025-11-26T10:10:55.21551Z","times_seen":5,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/6570857.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/6570857.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 135046\r\nlast-modified: Tue, 16 Sep 2025 16:19:58 GMT\r\netag: \"68c98e2e-20f86\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":135046,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"afa80beb40d283a4cb76ee79a436fd15","sha1":"011bf12bebb14c2a63f1a88f268971a802fa3416","sha256":"e275e9b2870bd7d4566372c7153bdeab28ab97abf6dd9774150527cee7ad7bb6","sha512":"ce999edc0b67e0403761d15c30e8daacf35c796d6cba92046df3132056544dc76f0d914a68246a6772a4281182cf5dc66e4684b043ab232bb8856c3cc69a99e1","ssdeep":"3072:Ho0jLJe5xUypp4gP48/+9B3PvzwoW3+bW5B:Ho0vk5xrT4c4/Vrwo0+bWP","tlshash":"bfd312f3f60aa15543e662c33477604ba84ac19b6b447d602f313c3bae21a62dc64f1b","first_seen":"2025-10-08T14:49:36.628369Z","last_seen":"2025-11-01T16:46:53.322756Z","times_seen":4,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":192,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/6212155.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/6212155.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 71070\r\nlast-modified: Tue, 16 Sep 2025 16:18:17 GMT\r\netag: \"68c98dc9-1159e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71070,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"1065ce25ee6b44c3c01b805e2f855112","sha1":"3116c70723bcf03dda9abfb8c5dc6e27a73f5667","sha256":"7bad7a12ff611637958a7537dbe841c630baadb076842dfd2f4a581abeb04e3a","sha512":"7f5e89c9aa3ffd590210131ef947c1d3017c99dc8c041137076509c3b6dd290a7f9f8731513ccc64a1a2404c0b400e00d6d764819a789b29be196cc85541f85d","ssdeep":"1536:BcAXww1/V+wuXiOKTniMOF4Y0bxrIsUPNKt5aR:F51/V+wuS92KBxSN/","tlshash":"7f63024e910ee2fc7b5ee8708c5793e972a7f2511ce865a21b809d0dc752e62e47235c","first_seen":"2025-10-08T14:49:36.629411Z","last_seen":"2025-11-26T10:10:55.206226Z","times_seen":5,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":145,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/682046.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/682046.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 104856\r\nlast-modified: Tue, 05 Nov 2024 03:36:29 GMT\r\netag: \"672992bd-19998\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104856,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"f03f95e773b04876c5300ffb8cdd4c9f","sha1":"bf8b146e47b67e121ca7431fc5f7f8fba819ed92","sha256":"445e46a3ca3ccc4ac87c988a769141776a2c1b978fc92868cf22ac497e6abba0","sha512":"ce77065e2321d431583fb8004a152d513c858cc69637dba27c0df8ae23b92051fbb7fdf7ffc63e11f552aab322d792791e5de8fc6e05d667a9773b4b6f1419c1","ssdeep":"1536:yWNCY7eUEhBv8/9KDJooECVLOWsvFMbVrTYk1cRVWesVm97yctsyB4:DN+j7v09KDREC0WkMbAYwptsy6","tlshash":"e7a3125ab4508de76c10e05ca2f2a034d158ddb0768e83fe799dda1ecf62e60d0ee725","first_seen":"2025-10-08T14:49:36.630706Z","last_seen":"2025-10-08T14:49:36.630706Z","times_seen":1,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/themes/lordfilm/assets/images/default-images/logo-header-light.png","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/themes/lordfilm/assets/images/default-images/logo-header-light.png HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nCookie: fpm_visit=1; fpm_referer=%2F%2F%2F%3Adirect\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 2066\r\nlast-modified: Sun, 18 Feb 2024 14:09:35 GMT\r\netag: \"65d20f9f-812\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2066,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 70, 8-bit colormap, non-interlaced","md5":"0f8df1c44cdecb84c80881aa93b84cc4","sha1":"4668280c0151098e2c4b656567b9eae03e7b3ce5","sha256":"8522ba27060d3b6dc324facb50bbd5c8c15afcec195e0ef7e3920824c277cae5","sha512":"4b23f4b9315f704e69f21b85a6f53c2a518c0ffb61a69bc944057dae591a0a590ca38a67fd5d7ffa738cd1dafaea92b26885aee9b296b1eace764585bf0d249c","ssdeep":"","tlshash":"67411a6da1e5bcb0ea4dd5933df870a6c81f0480cd48f152aadbc04f3464aae4885ed3","first_seen":"2023-12-05T13:34:20Z","last_seen":"2026-04-05T21:15:43.582956Z","times_seen":58,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/6359318.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/6359318.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:00 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 116041\r\nlast-modified: Mon, 08 Sep 2025 11:47:14 GMT\r\netag: \"68bec242-1c549\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":116041,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"12897d5a2b31e6064b28b16c7835f7c9","sha1":"c7b9fc34ae5c451bb8c76e5d59d81b4600b7286a","sha256":"d0c3b7625ccdd2c8983548ebbe36901ac227351a89cf2e17e7c9b0f68bda964a","sha512":"3608a992c1e55005bb87c00e951e4915a5ebd1aef75a01e819f59ad540255695dec5b3057fdc76eb8d610417b89583e9d82e60df22d210cc1e330cef5d79984a","ssdeep":"1536:Bj5DnoQ5xBcql0Cn447PG6Xq9XzcaJpWvs+lo2V0CbyZzcbyenp1/bnrP3izP:/V/vztX2JpmR2264yZIbygHTrfiT","tlshash":"9cb3127e61c0091a9f6a78f81bdd8cd27f630a1555fa8370024e9858e07bd74aa9ef70","first_seen":"2025-10-03T09:11:30.339409Z","last_seen":"2025-11-26T10:10:55.22443Z","times_seen":8,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":88,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/8795759.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/8795759.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:00 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81354\r\nlast-modified: Mon, 08 Sep 2025 11:33:47 GMT\r\netag: \"68bebf1b-13dca\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81354,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"d0ab22c3b8f4128ded41c805a0cf27a7","sha1":"7d0b65a6212920fcece353d58369dd03479a6079","sha256":"1881cdfdd1c18b03c0c0a2064f001de40762a155651c5c0ee3560f2e38ce5ec8","sha512":"384c0f89e473f4fc235ef04ada805d10067d4b6a90639460d874e883aa80f1d87a629e7f881a06c17660777ae88aef49cfef8930d07ed65624f1431888dd03ae","ssdeep":"1536:BS6kE6P1H+ivv4uyQU4mDYeoT0Y3rEsCvQFF5iai9odR0/14G/8kaTZ:06kvNHZ4uygbb34sCvQf0a8pz/8ka9","tlshash":"04830264e6232499d3e30f7f09796829d26c4219fc90b23977653b21e8a4f7006d6a5f","first_seen":"2025-10-08T14:49:36.633569Z","last_seen":"2025-11-26T10:10:55.236733Z","times_seen":8,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/1379512.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/1379512.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 45793\r\nlast-modified: Tue, 05 Nov 2024 12:29:01 GMT\r\netag: \"672a0f8d-b2e1\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45793,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"d4eb226890239f91b302fbb2f361cdb1","sha1":"340a45dc435091d7ab028d0db1453a7b4eb806b1","sha256":"799cbb46a53823bb05156605728228542253054af0e6be53bd99ba1847d1b7a4","sha512":"407863ac3a2cd67c613c5117c27c25d56343a2413e26ca2049da11295386cd0e888a16962901559f79267f67437cb14033b1e4757dd4116d9f2455dca8505f48","ssdeep":"768:GmubSMHj3XGepc5BLkW8/3wvVYT29HBKXuD3gkjC6p/1xJJ+A1q362/FN54jkYVH:BubSMHjGb/kdPqVGAHBtTgErjxJJ31qc","tlshash":"b923e113cc1b44d2e34202acfe412e9ed88b1369a7db37b628f29dc93730665dd67944","first_seen":"2025-10-08T14:49:36.634646Z","last_seen":"2025-11-03T03:30:15.424927Z","times_seen":2,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/43945.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/43945.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 83702\r\nlast-modified: Tue, 16 Sep 2025 16:12:46 GMT\r\netag: \"68c98c7e-146f6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":83702,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"8ade3861a254cba117befbc1e5cac6e0","sha1":"534feee1a552a1a0bc8ff5639d04216ab5c81830","sha256":"a076dc80db2daa44aa75d1590a45481478403521a8349fa6c466f6a60fac1161","sha512":"981531ca28d5412e55fe5eef4f939b2d8780f4f1ace2f0322bf2cfc9ee14ea4673bcfd7fb9f9d18454a78d7c75e2ae4b481ecd4c56e297fec167b96e15476eb3","ssdeep":"1536:BEAaKzXq/hBaNviV58fP0b9ruZMp5T1zv7AbsPpuF5jtNG222FgjShvJ:OAaDBuQ9bgZy5hzv8bup222CjShR","tlshash":"bb8302a295e231859fdeb79ff0190337cb485e28e752ca7d7022a8fc2646d49631471b","first_seen":"2025-10-08T14:49:36.635929Z","last_seen":"2025-11-01T16:46:53.243417Z","times_seen":4,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":139,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/4673057.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/4673057.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 67511\r\nlast-modified: Tue, 16 Sep 2025 16:12:46 GMT\r\netag: \"68c98c7e-107b7\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67511,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"0a64e19a8e159f3671214929b1f16a85","sha1":"29e37323df3459a75ffa6ee870ad8304560f5e0d","sha256":"7566f88ee2659ef9363970a0d634fd9eae2f796ee874ee0dde5d5e69f60df1b8","sha512":"927e974a562f27187a7e4c77feafe30c4e6c158cf79b132e44f4fc22f38073023c0664d3fddad07fa7f7d185223433fb0ca89205895ae64aeaf6e875da94ca8e","ssdeep":"1536:BtBDdVLp7HxKKRn9Ll/JAcR1vy6C6jo49IAZoPw75OG:v9t7AaLl/JA4y6Ci2A+o7R","tlshash":"fe6302f3cf11d617be9dfaa91393c2272ea764d2f7a006f99715739821c0eb1d60211a","first_seen":"2025-10-08T14:49:36.636975Z","last_seen":"2025-11-01T16:46:53.303609Z","times_seen":4,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":144,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/1281929.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/1281929.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 50548\r\nlast-modified: Tue, 05 Nov 2024 10:04:46 GMT\r\netag: \"6729edbe-c574\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50548,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"1f971add63e6a565745c48a9c5d6509a","sha1":"6867c1e3a838c78ad68c5487f9da65ca7ca05c5e","sha256":"a18f803b77d06d9324ffc117fd9ef8b36c67c698dd16f380c790dd149d8e56f5","sha512":"a115eab8f669b9eb5ef96175c998bbccc991daea51dba7a76bd0739b8bbfdb4e7bc3657068823c9ed0d2232b6d298cedee90d67dc41250aecf5fbdb6bf591b9c","ssdeep":"1536:B/hbkUCxAMOYJSiUpnbgZkR/NKlIv8kT2:Rh4UCq7uSiUpEZA/NKukm2","tlshash":"4633f13afe0668c7eba8505cbb573947924b1e811721ba342b15ba259b91ff7818f1c0","first_seen":"2025-10-08T14:49:36.638104Z","last_seen":"2025-10-08T14:49:36.638104Z","times_seen":1,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":84,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/75871.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/75871.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 60574\r\nlast-modified: Tue, 05 Nov 2024 00:52:09 GMT\r\netag: \"67296c39-ec9e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60574,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"1fafed79a02735cfdad6a136713b324f","sha1":"a9f51b6c9c6b219f7ce9cec778d461a1977cbf3e","sha256":"f5229794b34ac4d68721ab0f7ea12b8b2fac4b2357a950391d572cb9c7c9efa1","sha512":"61ba1850691071ac5783a2fc6147ff1f3224e5a2a3ae414f848d92a2fc26e7fe2a185b8d291509bb2c19974ea7ecb36a940e4b7085b8f5aa34588316d644c7d0","ssdeep":"1536:7BQlkAsJEji7fTERpxghsTPAJ+YJ8deASSwH2Xhn/c:dQlkAjjgTERPAJTJqeASxHYn0","tlshash":"7443f16bbe8117c2d2a1cbeddd53c5c8e340525d7686b27a4a039deffc70a24992058b","first_seen":"2025-10-08T14:49:36.639192Z","last_seen":"2025-10-08T14:49:36.639192Z","times_seen":1,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/648932.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/648932.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 104438\r\nlast-modified: Tue, 05 Nov 2024 03:24:23 GMT\r\netag: \"67298fe7-197f6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104438,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"da644bc049628f0cb22c73be5c580bd6","sha1":"c08a6c271d0000bb0ee2710982b2f1e50e69233b","sha256":"6a9aebe11f2bbb36177bbc98e9806f291c3ea7fdc8d2e733a3b4b366734678b9","sha512":"fe253d2c0718f55958ca0db084763e494d521a176250440432b34487d6a47d34dcbf335ab415e0efd89f9f252f13b08aeb216033437303662bb8ead6451456bf","ssdeep":"1536:BsOlmQ0qfh0ZrDhKn+5pOy/PgtzFQJQzxYyXY/VsId+v86Yvgmy58yq4gAd:rmzqeVDhqepH/PKFNz7XY/czt8yqzi","tlshash":"5ba31247d6e15b4d5abf4a2223ca9a7a210df68ca0a5767c1785b333eed8d76230c14c","first_seen":"2025-10-08T14:49:36.640201Z","last_seen":"2025-10-08T14:49:36.640201Z","times_seen":1,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/401449.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/401449.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 56944\r\nlast-modified: Tue, 05 Nov 2024 02:06:51 GMT\r\netag: \"67297dbb-de70\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56944,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"48662cfa26de5e4770aacafbbc72595d","sha1":"8885e654e018e6e097e1917871d4e1b17a0052f2","sha256":"074a6ad93f95f51dafb655933d24d5e335372293fb61c33e75fd3dbe028533fe","sha512":"192c87cf7643d2d53bdc6e8ba07f5a6769cbd57037dc803dcc2fe6c2e545282e82c6854f94bc979905faff67a3f0e29578c776b9e8b8721b8daf2add4a03166d","ssdeep":"1536:Byjwysz7zjRpNv1Bi5gw2fMDSCCF2VkMAVe1ZRg:vz7nvBiYAVkMAig","tlshash":"1343be13ec0c8a53f42653bcfd425cbd256d2a5cf8973bfe84711ee96c4096a5c8a13a","first_seen":"2025-10-08T14:49:36.641255Z","last_seen":"2025-10-08T14:49:36.641255Z","times_seen":1,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://lord-orange-fox.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 12648\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 19:48:17 GMT\r\nexpires: Fri, 02 Oct 2026 19:48:17 GMT\r\ncache-control: public, max-age=31536000\r\nage: 500444\r\nlast-modified: Tue, 15 Aug 2023 18:38:40 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12648,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 12648, version 1.0","md5":"5e79fc3b5fbdec47c02942523ae2bdbd","sha1":"fdb96db25dc07b7c0573bf5a66966d12dfbb41bd","sha256":"6ecd2a103a7260474c3239da5f32a2f7cb999765d9ab12161f3e4abe3906316f","sha512":"f931bca7bb98f04efa05d96f3f6a8a329df116aa3da7105730a4d554d530bbd2814779e8f10568757375c383f9ef160c38a50081c4454653da8f1b102612ac30","ssdeep":"384:y8qm8Wv2C0qasQ6eIbf0nRrxTlesiTKRGqJZR0:y8qlq3lbkRrFssikjr0","tlshash":"f142d096c0a27b0bdaa513d9b55410f3f4c42431b8be63e472379773e84c98117ae7b8","first_seen":"2023-08-22T01:38:54Z","last_seen":"2026-04-15T22:46:57.693321Z","times_seen":1028,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":87,"dns":1,"connect":15,"send":0,"wait":16,"receive":3,"ssl":96},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/favicon/default/favicon-32x32.png","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /favicon/default/favicon-32x32.png HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nCookie: fpm_visit=1; fpm_referer=%2F%2F%2F%3Adirect\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 2109\r\nlast-modified: Mon, 06 Nov 2023 10:40:34 GMT\r\netag: \"6548c2a2-83d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2109,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"bff46f6a82571809c786c1953b52b869","sha1":"933779980fedcb870539f8b38644338a04df6219","sha256":"4f9fd7904871b6c44ed9d72f6bdaabc1608a664dee4ba6d6b7a70e43ea422e50","sha512":"ba0ca6359d0c090ff0804a9307264e9a75f1d4c1a4fa7f2ec1bc008fb79b3f78cbb090372c1e3174091c381272327f6e7a6f65110a44e1f87e4c8789a32774ec","ssdeep":"","tlshash":"4a4188c19312dbbaf4ab962550122b081f3fc42fd5c1b39df506c2785869384c0b5f63","first_seen":"2025-03-03T02:31:56.57394Z","last_seen":"2026-04-14T12:05:57.730083Z","times_seen":83,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/5451337.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/5451337.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 105879\r\nlast-modified: Tue, 05 Nov 2024 17:57:16 GMT\r\netag: \"672a5c7c-19d97\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105879,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"de3eb9583ecb9c7e01d68d5a20a7b2c4","sha1":"55e508933af7efe435946ccdd6cddb3a9af1c47e","sha256":"ce7f15ebf34b0c619c5d88e410e77b242c31797b8bb5eb882b20d0848b2c5850","sha512":"d69a439b16f6f96bffe357c10f7cd2149dbcfff12be3e976f5730f07e40be790221b9b6776b6c58297e0fdc5be9128efc453459775e8f37f603ed0e912ccbe54","ssdeep":"3072:VBKS5u4RPwVDG+Udt2fp8RetW9D43LPS/uzxRTIKvw6VP:VcS53VwVS+UCOVDQbvUGVP","tlshash":"92a31249fbfd67da62a0413af80531edf6cd321329da751fa6d56c8c49e1823220716e","first_seen":"2025-08-19T22:03:42.663266Z","last_seen":"2025-10-08T14:49:36.643492Z","times_seen":2,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":143,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/1355050.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/1355050.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 49366\r\nlast-modified: Tue, 05 Nov 2024 12:13:11 GMT\r\netag: \"672a0bd7-c0d6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49366,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"5376d280c04a4bdc3f0fe242ca779310","sha1":"d0d8925617f808b4e542d0d6fbf11b33aee98741","sha256":"c7b3d1d1b9bb67a246bf54d66a0efa29a4bc0f905545ff49af09b6f22ab59dea","sha512":"e8e928f7867d1fc634d98a70e929198494e7b137edff1a89364da25c3cdf2da3c55acc249160feef1d9b60e0dc3aa96f366a3a8cb955589e50f2d206db51122b","ssdeep":"1536:B39v9hhonvPBhYxwf+VwxeBkiCJ8fn8KQWJtrWGI5bbCK:J2vPgwxwoUCWJtrWT5HCK","tlshash":"8d230203640dd5d6cb29e5b42ae2a0fc37a077b02f8918625b23e7dbb555bb1ec4c2c5","first_seen":"2025-07-21T01:38:45.689037Z","last_seen":"2025-10-08T14:49:36.644584Z","times_seen":2,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/437410.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/437410.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 98064\r\nlast-modified: Tue, 05 Nov 2024 02:24:18 GMT\r\netag: \"672981d2-17f10\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98064,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"a5979d0f16b0a2c1244581d7ecedb7bd","sha1":"e1bdd300ced4772b32a9d1cc278f5cb4a58b29e0","sha256":"4c9a40744477b5a87c785f38ece0b3058c71a5dcb407511b72ad8b69de466c23","sha512":"636be4662c7dac78206f14088f282800f0a9569c395ea943694f2137e935924a8064c8c543aaf2c0a2539a08dfeb979414de26e03041d75631469434615a0b5d","ssdeep":"1536:7Apj2F3JK+hlkm3OOJfjYrFLcN+h7NMyp/f68ungMAS5nL77VRWQBFHBoe0H5i:zbl2eMxcQHMypK85MZv7VR7VBoe0H5i","tlshash":"e2a30213ac02e342eb76ca957eab091527043a2fe8e3bdf555180e87763ca35485d47d","first_seen":"2025-10-08T14:49:36.645914Z","last_seen":"2025-11-26T05:57:26.599008Z","times_seen":2,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":147,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/412572.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/412572.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 75234\r\nlast-modified: Tue, 05 Nov 2024 02:13:00 GMT\r\netag: \"67297f2c-125e2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75234,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"207824077c446f7ba3185a3ef26342a2","sha1":"9addb170848627a284c7d180c9625b6da4198141","sha256":"a69aae2e34e41f2025dd64f20bab567f140b2946ebc0e847e47a668521aa4c6d","sha512":"c0f0a144ede18c834c7b431b83f34145e9a08878bcf7e0f8698a03614771dc9bdd185cd72c2b97d3507060422533cc4f2230cb2bea541abbce1abd191a15252f","ssdeep":"1536:ylRSgZ/YtPC9flPgSmvP3SElzgxeL+KIrKGfunFC0VhdcPWxxfg6E7waQ:WRSgZ/SPC9C+eL+K6funFi+HgB8aQ","tlshash":"1273028bd368799c8d20225cf07586ae76bad9bc4df2946d3680001734fddf0aad77a1","first_seen":"2025-10-08T14:49:36.647234Z","last_seen":"2025-10-08T14:49:36.647234Z","times_seen":1,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":143,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/406347.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/406347.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 72203\r\nlast-modified: Tue, 05 Nov 2024 02:09:53 GMT\r\netag: \"67297e71-11a0b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72203,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 512x753, components 3","md5":"a000eda40935480bb05ff8af025160d2","sha1":"2a56dd00b4d833e90fe7728090f3115517d7b6f0","sha256":"7b6e32e0b2080107ddbc552b3f9f3b7585f0943f9772c205c6209ae7fa2d9489","sha512":"a926c6df7b7bb63669f05752211722aaec013312f59e4cb263d7894e8aa09f8d48d7fb3904299b2d6e91aa2aa759a0b988af7865c93746c7e95574db36f9b59f","ssdeep":"1536:bHwQ/1WLuRYJq3csJO82qkX50LDvmCIH6EdwLA8WphylojBpJ7rX:kQ/1WLuqJq3FJO82qkp0LrN86EdwLAb7","tlshash":"756302bf5f04627183cf50b51dedabab6bcf251226cc72b1938b28c45a15fb60506e17","first_seen":"2025-10-08T14:49:36.648567Z","last_seen":"2025-10-08T14:49:36.648567Z","times_seen":1,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/4965334.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/4965334.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 69984\r\nlast-modified: Tue, 05 Nov 2024 16:06:41 GMT\r\netag: \"672a4291-11160\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69984,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"16d801b90e26b4297f9d4651d5b69942","sha1":"2e6da6b9a71f0e58aa10626ec90a83f115824710","sha256":"f5d43f27527f78d66762add5bee6d1398f57f99f7e55c2b1bcf62863ffee3fa8","sha512":"e404ba800549e4ad357429707e8118f3fb0d1025a718145bcba8259232c8e3ac7b91b8901d8916f13584b8e96c2051bcbe586acfc40ec429f29dbd6995500af6","ssdeep":"1536:BF8bBoSS3wdw8m86urI64yeaYiCgz8p7z8G6JvXR9WZXo4RE/1FKf3:bqB1l1Dzwpn8Th+3","tlshash":"7663f11e6c0fec4641dac2a93b03a834f639a91c3d705a3d6f07ee9538681b61d6e176","first_seen":"2025-07-21T01:38:45.725122Z","last_seen":"2025-10-08T14:49:36.649724Z","times_seen":2,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/4825582.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/4825582.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 49046\r\nlast-modified: Tue, 05 Nov 2024 15:40:47 GMT\r\netag: \"672a3c7f-bf96\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49046,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"e66a1b0913848dae0db3fc09614311ac","sha1":"6ef79e26cccd91d9dd2faaa6936c53f8cb284461","sha256":"ea9535da0f833b90f5be8a727db8d80463f008ee6e2a71a19ed0cc11f9b43003","sha512":"c34bcab40783362815a03daedbe0cd071a5e63ed487b8b4e6a189077db2d5ba9605e278ee1ebb8bc76dcf612f2653e11392464bef9489d135595dd83f18c5ea9","ssdeep":"768:GmWs05G69rrBG/pzeR/ZkgG+WrZGmGHaHfEEajPSqzrpCU0SA+UJ3zkIwssCh/oN:BMI69n8hqR/wjrZGmvKpo3ScDkIws1/+","tlshash":"82237c038c549b42f65992e8fd075d582f4b2b18f5533afa14769eef3e608a60c8b13d","first_seen":"2025-10-08T14:49:36.650841Z","last_seen":"2025-10-08T14:49:36.650841Z","times_seen":1,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/597687.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/597687.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 95525\r\nlast-modified: Tue, 05 Nov 2024 03:14:06 GMT\r\netag: \"67298d7e-17525\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":95525,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"d63fd70748f43ec4ae96d77a83c19d44","sha1":"d85c1ed0447f5f284612f848842b8106bf6d7587","sha256":"2818a682dd9436fc69f2875e5a602a86cf015a67c85d9d9bcece4a1a8df02816","sha512":"606cd96c4c9e8a7111dcbc256b67a961114d52b9e2e2858791b1a601f60ed69fa8f450ae605afb5d38d7e13b7caa12ea1986809ca087f6fe041f48462ebd550d","ssdeep":"1536:7yIADEgQjjpDqphgKDM1EoYCQgFtcyoerhmKs3U+2PXviqPjZc4XqB8QdX1Sr2wB:+IADEVjJqppDM1fHTcyoerhFcO/iqPjD","tlshash":"7093123375da0aac3e4797e6eac98992f344ca5b034518f30993ebb76d8617c34a430d","first_seen":"2025-10-08T14:49:36.651983Z","last_seen":"2025-10-08T14:49:36.651983Z","times_seen":1,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":132,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/826373.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/826373.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 85007\r\nlast-modified: Tue, 05 Nov 2024 04:27:19 GMT\r\netag: \"67299ea7-14c0f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85007,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"988a931688e580d10dbe76769aa0cc6f","sha1":"ed17a48000cab5c3678959e1d4a51bf4604b0f2c","sha256":"45d69faab75f26fd72e63d19e7b5ccc69948dacc6197cdc9fbcefff836cfb285","sha512":"4400d8543a78f7927f3bdcbeba4b22a23671c212e0a0ece09b5d9b856d2660bc39f41cbb2dc02fa08f2864699f023cc16b2c5954270ff74c541d136266ecc62d","ssdeep":"1536:7lTNfFSGneozNmDgQYnM4wtYZ5D0G3I/b4PL58GRY8ZWxJHs5o6MRP6y2L2NY:t5oOeA8sQYnM4L0G3I/45DWx5F2L2K","tlshash":"cc830243d96d16195ead2369ae0fbc3c79b0226dad95f37c56285cdb8c81eb31c0818b","first_seen":"2025-10-04T08:43:41.887683Z","last_seen":"2025-10-08T14:49:36.653144Z","times_seen":2,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/686579.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/686579.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:00 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 67112\r\nlast-modified: Mon, 08 Sep 2025 11:36:15 GMT\r\netag: \"68bebfaf-10628\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67112,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"e0893be921da36e8e1852f733b52474c","sha1":"8b5eada001ffe5f2532635f1484534d5b7579c41","sha256":"18282459b5e9497a87cc5deba8acc6fc1299ff1997cb7f1a46e3c5878db58fba","sha512":"546fbb3d2cd7dde9d212767b6ac65d007fb75a9db2be6d4fa37408d979c80b836bdb2844b1383518eb321a8f4e4212de6d4ebcd391e4b71e69e4ecbd1b0c5607","ssdeep":"1536:BIrxbZSzh8hcIUGvsDk0xdNj7njJkUWxtvhBKb0qzFNxq1BU:shUGTQdNj7naxtvjKAAF5","tlshash":"b363015c1932a2a1bf4ffe32cd575cd6933743123898bd871e541fb8bba19b1518b218","first_seen":"2025-10-08T14:49:36.65434Z","last_seen":"2025-11-26T10:10:55.229424Z","times_seen":6,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":83,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/7389262.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/7389262.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:00 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 100831\r\nlast-modified: Tue, 16 Sep 2025 16:13:27 GMT\r\netag: \"68c98ca7-189df\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100831,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"58d30ee81e6e6e440b73d73f836a41b8","sha1":"0bbf03ac78396bddb24d816d4f76cdacd5e60cab","sha256":"dcd4b5b8147d97ba796d26529ae3d274fa0feab1ad8e0ef0a00433c190ec75fa","sha512":"78626b3c44e6c026c6aa661bcd9ab4fcba23734a26de6588055049e5dba07b40904139143198088d85c8515e0a76d6ca1f667a88d8e45c62304b7001faf0939a","ssdeep":"3072:tcrhSFUj/xz67T+foEmxbrQWwLOQ9j4sC0dUaSZzYh7zE:tMAez6hEmVZwLQZza4","tlshash":"e3a3128e912395682735aa69b4077ac830762d40233db92bc7538bf1d37dfea174d4d2","first_seen":"2025-10-08T14:49:36.655708Z","last_seen":"2025-11-01T16:46:53.261809Z","times_seen":4,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":127,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Tue, 31 Oct 2023 21:35:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65417320-1cf2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7410,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (7410), with no line terminators","md5":"a796d3da67363f9f4b7f80f70079b0ec","sha1":"8fef3f7ffa41b403abbbe1d7ae4b91377c492992","sha256":"89d5258598a7d5c8d5047f4bcbae44e12bf780d6a3b103f2d32ef3f9371d3332","sha512":"16684e7d3d519c6020f1dfe63fa4fb4e6d90592cf6ba7e9e1a6a274554106254dc91ec8d2fe8a972ee0975840746f72f32114f0b5deb02ce1de4c59c2b49c56c","ssdeep":"192:h5VULssA1mFi+S7JBexMDQf5/sbAlle0eoE:h3UYcvSyOG/lW","tlshash":"08e15249791a707a3a377475c29f220a733a3417a8474410aaecfbd4b97887a1b63d6c","first_seen":"2024-08-20T16:41:52.23369Z","last_seen":"2026-04-21T13:51:45.131609Z","times_seen":139,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUJiZTaR.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUJiZTaR.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://lord-orange-fox.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 6736\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 21:20:43 GMT\r\nexpires: Fri, 02 Oct 2026 21:20:43 GMT\r\ncache-control: public, max-age=31536000\r\nage: 494898\r\nlast-modified: Tue, 15 Aug 2023 18:39:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6736,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 6736, version 1.0","md5":"2fe2bd8e70cf6542717a6589df6f581e","sha1":"d6edccbe0e5d83ab0ca3dac7befefb1218fd2991","sha256":"5c8f202d4a7e30d4345ec3b768e8b5076933d3c8abcac956b3fa6c6ee4b994bf","sha512":"495253932145846ea01c8af51b07733702f4e0881b2a0b9bde41a79c039d9f41613297b93792fe02df029c5bebaa93fa05f640f01c8fef58b9afa268c36c9aad","ssdeep":"96:ehIILaVv23HBe3z4qWqxUY+yVTVgqgotChUtuHLWmgGzQpyZPP5Q5QHrknOO:ehGVv2X03zU9yTDgktuHLzDZPjwOO","tlshash":"2ad1ad928eb1ac24c275e8f4c942829f83a88ee46f3df45c7af067b77081d85705a146","first_seen":"2023-08-25T18:19:31Z","last_seen":"2026-04-05T21:15:43.56785Z","times_seen":406,"resource_available":false,"data":null}},"time_used":361,"timings":{"blocked":158,"dns":0,"connect":17,"send":0,"wait":15,"receive":2,"ssl":166},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/13177.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/13177.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 72336\r\nlast-modified: Tue, 16 Sep 2025 16:19:56 GMT\r\netag: \"68c98e2c-11a90\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72336,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"6adb52f91ce90844d01562575e627541","sha1":"3c184f4efb37db23962e993b4c2a443aa1d4b071","sha256":"01836d331a783c79f206ce5283b62dcdc01752981583f44f567e7995663d712e","sha512":"f9f7efd180fb7246b3f2c46cc5127c4aadc361e78b65ce9d00345c2484d5610dfba7dae4fec2029fd4faf89936076b46db2e2bc6c0e455d246f3437794fec927","ssdeep":"1536:BUykvFEANWxTIJDplyYw7SdEHWGqvh4Wjrq4ueyYkGjN8E:iD3N8I9pwYZE/wnj+4u3YkGjNv","tlshash":"9a63f153a40a968273170ffcfc4209af480b3fadf55abdba14231e1739e5c916ea9435","first_seen":"2025-10-08T14:49:36.657863Z","last_seen":"2025-11-01T16:46:53.25574Z","times_seen":4,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":142,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/467166.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/467166.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 103241\r\nlast-modified: Tue, 05 Nov 2024 02:34:03 GMT\r\netag: \"6729841b-19349\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103241,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"5f3707d53f64e5081cd148b4500e1090","sha1":"ab20fa689d82669e9fe2756163c828990ca61d7c","sha256":"445ff0a249167f33398f03bb282a9c44d08cc487454a5beda8df1f78ddd8e9af","sha512":"8b7082e44f6f321a827ac5d02f6d38feff0a34154530d5107e1716b86ef533cf61993fcb396355423567cf48c30bd7f9ff9e3a7b9cac7ee36923514aa63a5336","ssdeep":"1536:y4iFxiyvrESmBW5H3xq/8CJc59IyR/w0Fac6YH9ljNiibxn3ZE5fixkUpu6PGvnr:m+y1H348CJc59I04rqL0iN3TiEI5Nnf","tlshash":"f7a302639f59ebf3695c5be09e436e6ca7b443480913efef211b481fa265ab15c2c084","first_seen":"2025-10-08T14:49:36.659082Z","last_seen":"2025-10-08T14:49:36.659082Z","times_seen":1,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":154,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/4502145.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/4502145.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 68462\r\nlast-modified: Tue, 05 Nov 2024 14:28:58 GMT\r\netag: \"672a2baa-10b6e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68462,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"ffcccec7603a89d050ceb09845caef54","sha1":"dba41409964a1f3a48b0028caec974b52ba0a477","sha256":"6cf002c55d9869137119c1e910ffddd161c441cbc1b961dab2016dcd1517e670","sha512":"ae032bc33778416a8048b56c590b721608b80adad158abd1e6309c42c82d1c05d13c8f9dc100fb97b8bcea63ff7895d1ef87e4145591b0c0a8b63129c1c513e2","ssdeep":"1536:BC6kTxCVgXKmw88oycQfqqCxmcGxAEJR5ax:mTxCVmwEyzCxzyRQ","tlshash":"7b63028386069f04f78ff694be116d66d11d1b14907c5e7fcf2c30667a58c66ec0aa36","first_seen":"2025-10-08T14:49:36.660237Z","last_seen":"2025-10-08T14:49:36.660237Z","times_seen":1,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/736182.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/736182.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 63880\r\nlast-modified: Tue, 05 Nov 2024 03:55:53 GMT\r\netag: \"67299749-f988\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63880,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"099c7c27904a15ab3c8423e586e85a35","sha1":"16be5d6ff3a59d3f2c43d2045f46e62f9c03953c","sha256":"67b5d89b65cb7bc076848f8573f7dcb5be0e33b9e6689c644fdff3c5a8cf10d1","sha512":"e69f385579b8575fdb8621573085ba28738573ad82fecaaa36ce2401165aff9d1e56a703e904919c63a666501839a935cddb9957ab6ae85022d8be601dad8305","ssdeep":"1536:7oxjyfosEJwX/1juA7ODqSwzxDnA1we6Ss2w5xYCq:s8SwX/NuA7AqSwlDawe6Ss2Qxvq","tlshash":"595301214302d816cf6b42885a2f62489f9f1a36983c5fd876cd683d2151f9fb23a5dd","first_seen":"2025-10-08T14:49:36.661232Z","last_seen":"2025-10-08T14:49:36.661232Z","times_seen":1,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/cache/autoptimize/css/autoptimize_dc741c2738830496a660b614628f508a.css","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/cache/autoptimize/css/autoptimize_dc741c2738830496a660b614628f508a.css HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:00 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 07 Oct 2025 18:13:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68e5585c-1674b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91979,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (44871)","md5":"cb1d7d91cab9991befc2c8a07758937f","sha1":"8979b6698127c3c077fa15c94f3ef2f65c256275","sha256":"78ea50316da1bade03d98ff23b05fb9f9520ea5b2d43cbe8203026536c505c5a","sha512":"d8cea74ea59d3d56aa25dfb15ef81da3f3477f36c2f930f873b72fda0a63e60f99a46e2ae6f80bb0dec4da292778621b72e1e50e1689213b7be7666581126486","ssdeep":"1536:UkEn+pCN6ZEVp9K4XrkAlneSzw99zD2FgrKB1aPQdY:ULN6ZEbQ4u","tlshash":"5493f830d290242da76be6391d9497ad616c9502da1387cdf0d5ba68c2dbef3027b3cc","first_seen":"2025-07-21T01:38:45.712874Z","last_seen":"2025-10-11T15:35:48.595064Z","times_seen":4,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/843958.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/843958.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:00 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 60515\r\nlast-modified: Tue, 05 Nov 2024 04:40:05 GMT\r\netag: \"6729a1a5-ec63\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60515,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"91dcafa242970894988e53bd84db2de1","sha1":"7ba3d71a34888981783fa770e127a7153ac4b0d3","sha256":"a3d2c8d219f503e1c7caa67c9bd4aba5196da73b52410baac3c62c6808870e70","sha512":"5b8efee9f7080e5f46d92b743e54b060982d89fcd5c2c2d7896bc76c1ecb28e2942b8217f07498599373587f5ca8a2b03c07d91bddcd9010c2752533718e16f3","ssdeep":"1536:7QtGGJjLDg5V42NdCTS9CNWpRtIZFh2w5H+iY:UtXRQ5Fd9vpRtwr5HS","tlshash":"e443e1035e0487824f7c13ecaf031e6c5b82696dba12b2f721759e5b55a0993bccf41e","first_seen":"2025-10-08T14:49:36.663971Z","last_seen":"2025-10-08T14:49:36.663971Z","times_seen":1,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/5276677.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/5276677.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:00 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 77157\r\nlast-modified: Tue, 05 Nov 2024 17:26:09 GMT\r\netag: \"672a5531-12d65\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77157,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"f6fe68d80af668cbdb6c7680ecfcef84","sha1":"59aa5a35ab13a9b5ea12e90b5f20f19dca45854d","sha256":"30a3b1a2885542d483ae2efb824d37de9c24fa802c5ce6d1260dd67076181c22","sha512":"fd8bac20a8ce868f73a5d8e4539a5307176864624baf397546938c4acf151eb91811135a8e75f0c166da0e2b1be9b9ff6602bc1e200bd3d215e859770c167463","ssdeep":"1536:B9J3gQOz4482xoDh2pTy9yo+nqq/ZhdRauPChU8GZMIX4JnDq:fyQOze2xoF2pTygFqq/Z5auPChU8m4U","tlshash":"fa7312f88a02b28fa7c6ca67d1cc3de9453cedd03d9d45b8d45c1a794888e76c42978d","first_seen":"2025-10-08T14:49:36.665108Z","last_seen":"2025-11-26T05:11:49.278632Z","times_seen":2,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/5020948.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/5020948.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 65504\r\nlast-modified: Tue, 16 Sep 2025 16:14:54 GMT\r\netag: \"68c98cfe-ffe0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65504,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"3472ca779b858d0d164a1e89a00ba850","sha1":"6fc27c95b86f841bab27a7210453e204866ca56f","sha256":"51a24a8682328c13535517263b70f2e4e240bf479f4aab4ba807bacd22b72202","sha512":"44165fea91371ad96038433def4d31c2c43409d4cdd426c7191a963e57ed5e6a04b29f7b0d34b85006063eecc4404df580248a5dccccdbac9ca22d5bdce6bc02","ssdeep":"1536:BUpL0J6mPqJUUp7JC7nHz63KBdypAnVu8CNiy6oFX8:EoJ3yUsmW6Hyp04XNioFs","tlshash":"8f53f103efd184467623d9abac1d15d4accb16e6dbd933c976202c2ad526e328853f73","first_seen":"2025-10-08T14:49:36.666149Z","last_seen":"2025-11-26T10:10:55.235968Z","times_seen":5,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/463684.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/463684.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 49873\r\nlast-modified: Tue, 05 Nov 2024 02:31:59 GMT\r\netag: \"6729839f-c2d1\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49873,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"a8587806ddb36c65a34a7f2eed952247","sha1":"c6dbf83c6f927b8598301c8251af1219fdd23224","sha256":"8ca159ccb719e3e6828576aed125f218abb47cc32588d149de16c238aa6e3497","sha512":"8230ec3b1020f12b23402878f1fc7fbc2d9ff9fe2dbfb6921b57a65190a96f049bfd69d89c51017ba5ddfd207e223595b35774b56b311dbcf0923420bda71efc","ssdeep":"768:76S+p7y1g9mfJEBCbyJXiC3KIxt8XLR49feaMnAIfgkkUDYf1Gg15nvYQ5RvMEmr:7e7NmQogiiKIjiseLgNU8f8gHgWdmZd","tlshash":"6223f118db1c354a060a51d8099becbdbaab1b8d1db3d9fe90f0fe266fd19316c11349","first_seen":"2025-10-08T14:49:36.667288Z","last_seen":"2025-10-08T14:49:36.667288Z","times_seen":1,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lordfilm-paris-street.store/","fqdn":"lordfilm-paris-street.store","domain":"lordfilm-paris-street.store","tld":"store"},"ip":{"addr":"87.236.16.48","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-08T14:49:00.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lordfilm-paris-street.store","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Sep 2025 04:02:38 GMT","end":"Mon, 15 Dec 2025 04:02:37 GMT"},"fingerprint":{"sha1":"CA:72:2C:49:72:85:E6:5D:3B:21:86:A9:92:CD:2D:AC:C2:57:AD:FE","sha256":"F7:3C:39:5B:7D:29:DF:1C:4D:E3:11:73:25:02:40:F4:89:A1:28:52:67:11:6A:D4:E6:A7:50:B9:33:CF:C6:AA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: lordfilm-paris-street.store\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx-reuseport/1.21.1\r\ndate: Wed, 08 Oct 2025 14:49:00 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\ncontent-length: 326\r\nlocation: https://lord-orange-fox.ru/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111926,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T15:33:44.540891Z","times_seen":14021215,"resource_available":true,"data":null}},"time_used":585,"timings":{"blocked":262,"dns":172,"connect":38,"send":0,"wait":60,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lordfilm-paris-street.store","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-08T14:49:00.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 24508\r\nvary: Accept-Encoding,Cookie\r\nlast-modified: Wed, 08 Oct 2025 08:04:57 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=3, must-revalidate\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":111926,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (46986), with CRLF, LF line terminators","md5":"6bb050c3e3713fb44d0aa84a0ae787c8","sha1":"0e8f0aca0391a79bd96112c8f378b6e46a100d0c","sha256":"910c5232808b122b022338ef32e808374f124ff0281fe1e4524ffb8095bbdbb9","sha512":"5540c473e675f2d9e9499e8a63c2901cc274c3b3cc7bbd81f8c313149b3e0e1118c3873932ead2e8abab3c998ea307a515aa97f3abd11ef69fdf9c9865d61d39","ssdeep":"1536:/Cr/LkDbAS65UDE1JqYhnJT3j9xaB7Py44hO2ES+pFTRFOm44U2wu5phEcWPv8:/CkDGy8qYj9xapGO++p1q7f0","tlshash":"ffb3e7b2d009a0f7039f72d9e265af5eb163861bcc03495aa3fcc1d82fd8dd58ea1654","first_seen":"2025-10-08T14:49:36.669Z","last_seen":"2025-10-08T14:49:36.669Z","times_seen":1,"resource_available":false,"data":null}},"time_used":489,"timings":{"blocked":227,"dns":175,"connect":15,"send":0,"wait":19,"receive":16,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/756353.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/756353.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 59775\r\nlast-modified: Tue, 16 Sep 2025 16:13:56 GMT\r\netag: \"68c98cc4-e97f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59775,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"1af2b7174b5dd71847b7397d651d9ee6","sha1":"3fb96947e684a8824e9cba3bfe4027976d2928ce","sha256":"926d8accd09bacff817cfeba81a59170c6ba106122405ad0273cf1b8cc248b44","sha512":"759ea0c604ee1d4c1626c5c4b956954c9c553804174a6a460ad2f89852dd66bb6178b2bcbb1aaccb5534fc693caff9e3a3e7df7a681374392142a54061ead478","ssdeep":"1536:B0aDLdnnPwIbXuySMfwoWSOXHIUa98NUwFZ21A:eavhoIbV4oWSOXHIUm8NfPmA","tlshash":"6d430268fb03ffb18313b5d6ab9bc5628c39f98454545470bc2607cf2b70977a286ab4","first_seen":"2025-10-08T14:49:36.670174Z","last_seen":"2025-11-01T16:46:53.254586Z","times_seen":4,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/222056.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/222056.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 75457\r\nlast-modified: Tue, 05 Nov 2024 01:29:41 GMT\r\netag: \"67297505-126c1\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75457,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"04e3f0f7075e4ecbddb45f975cc20c2b","sha1":"31416c950221940efe890dbe2b9fca062f3bc771","sha256":"d07bdf2befcea6db468317e2e016d5794054506f92b3df8d61c469166d0d3904","sha512":"78aa18b6268fa649a07ae72924513ec499f6aa8483a6dac05a1a2f9d70b008a967d4c8882905e973c0c5751c34a395eb4e8458f716246b64ddf39ee03a7245bd","ssdeep":"1536:ycszUBmzoGkmDM2STXQhoSQYXZUU+Y4pbzzoGuZckWddybBzUEyTvr6nx:7sRvk5D0/pgpHmckWddYolTYx","tlshash":"4c730253164253a6173d06e39c172ff9ce509f78d8b619fb482ae7eb74206a3cc4c91a","first_seen":"2025-10-08T14:49:36.671342Z","last_seen":"2025-10-08T14:49:36.671342Z","times_seen":1,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":136,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/694393.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/694393.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 88566\r\nlast-modified: Tue, 05 Nov 2024 03:41:14 GMT\r\netag: \"672993da-159f6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88566,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"3cb48fbfa0ad01e0fee161426a35454a","sha1":"2521827590bdeeb7f16980fcdea8463a11297c38","sha256":"ad1a9a1c8742bdebadba8481af158a5ac3d45dff9b2781243a429d369764eff4","sha512":"868c03b9da3194a5bc5a0e21f14fb67e45ea9e323c70916fe51fa5ac736629b80f2c9a7faec5bb581aa62557063095a93f64ba7f76979980f75567132d6a9955","ssdeep":"1536:7TBEjDBH5wAn0QZm10oxztf9e3iOi3ZteLF5rwSBc7j8LCdp2ejwiA9Hh1c8LYnu:nB0DLwA0omCoxh99OibeLzwSBcf8LCdE","tlshash":"708312796f2e0e9f2f0045f20b8817529738892499753ab2c970ede2b531c7cb6193f9","first_seen":"2025-10-08T14:49:36.67247Z","last_seen":"2025-10-08T14:49:36.67247Z","times_seen":1,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":141,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/1311410.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/1311410.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 67222\r\nlast-modified: Tue, 05 Nov 2024 11:08:35 GMT\r\netag: \"6729fcb3-10696\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67222,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"53e71bc7d4bb3b5b550dc44b0b5fb6b1","sha1":"8de525f50f358109833abadda9e887169dc8ceef","sha256":"584f256d1e5d8e6eddd697a4b09d33a4c3d86c336b14967018c5b7b3fea8151a","sha512":"ded3b79b3456c395e03c36f7e112a655e0b738dd3275239d2daeeadbe60726bda8174c751e12825a596dcc341c21935db34fb5e2a7ea5807794263efaea4014b","ssdeep":"1536:7h2JoCnpz28xEsJU57qkIpFDqjX+xSQHsJ7/7rUtZB:N2J9npzJCsWxq1qqx9Mt/7otZB","tlshash":"7a630224e64a276e93a09f6f098f81119099d541f451a03fa3436bcee725dcd6d8b1cb","first_seen":"2025-10-08T14:49:36.673543Z","last_seen":"2025-10-08T14:49:36.673543Z","times_seen":1,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":152,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/568413.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/568413.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 126156\r\nlast-modified: Tue, 05 Nov 2024 02:58:42 GMT\r\netag: \"672989e2-1eccc\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":126156,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 578x850, components 3","md5":"fd9d88fcff7875c0ca8c13201a2e2467","sha1":"7dbe7ba93de790a1f190a0554fe50a09b85e506d","sha256":"c74e2373cce68cb76448a4d9dbffcdd10c81edb236d9564067d1fd627f3ccf16","sha512":"bdae0dad42797b863a9ee35f90cec3bdd7cd7bcd3f18ad71bf3395999c87dea0113ee9c2678544dff2ea9132aa7e5952ee6975d6d753ed37d893355deca81bec","ssdeep":"3072:C+fOQ5Q+H438D2UE9XMYCp3zQeCKjXr9P0ScF7Nd9S1J2UX6DQB:5frTY38DWqYCpDXVj7V0zFr9SPXf","tlshash":"cac312add9746f0e57a0ce0a38aace5ee19591e9304972332065d787ff01e71ea2e14c","first_seen":"2025-10-08T14:49:36.67444Z","last_seen":"2025-10-08T14:49:36.67444Z","times_seen":1,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":139,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/684618.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/684618.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 96980\r\nlast-modified: Tue, 05 Nov 2024 03:37:46 GMT\r\netag: \"6729930a-17ad4\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96980,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"c84f731302a00bd76a736eb1cb17bade","sha1":"0d817bbe72e93dc24741623bd80bc1a1f8bdbc45","sha256":"fa991b78bc025a5320eb2f6dfcc5bd3066109b1e42fa92ce586e0eadd561b566","sha512":"2009b1eb74f9ac7fc189785bf40ffde6cc556a81ee53c8d2cfdb3336e2c74bf7e2cab49463666337d29280637c208646e7fa61fa9082910b8e032c94446dfe62","ssdeep":"1536:7L8Ljm+ML+LncZC4ka89JwXovVsP1rB+wgpf0x3mSrLX5S83y1xGpj5qQs:/4iNL+Ln8C4k99BK1if01mSrNYxGds","tlshash":"2293122cfa464ee9bdd2a73e00597b83012d2bd6bb451236bfbdd85d017a0fd8c99142","first_seen":"2025-10-08T14:49:36.675611Z","last_seen":"2025-10-08T14:49:36.675611Z","times_seen":1,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":139,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/581094.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/581094.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 42493\r\nlast-modified: Tue, 05 Nov 2024 03:06:09 GMT\r\netag: \"67298ba1-a5fd\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42493,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 360x512, components 3","md5":"9345150b6ea6c142af5763591a2de097","sha1":"27482a9f1f0f13bff458f643d14eba3b2ce41b30","sha256":"4fd14e7f4cd1fdb54307dad748467b59fae312c3455a0d920d268da9f72c362d","sha512":"62c8df5b8524f8c531c925477f56fa6ef9e8381f09d45cb048aa09bb9fe90957aebd733c651e7029bb473406aa8e01632e5b7c4c3f3f3c8733a48fbf96618935","ssdeep":"768:jU1aW2orI+yvfzUIVMnOCPEq1RZmo2oCewIKSE3PU9dVaD/x+DOnoALp6H1KF9+:jU1RfrtSzjV1qDZmo2ZSEMHVa7x+DTe+","tlshash":"0a13e130951c31918f86d5f399ba63b791552dbafb7cbf2254306a8780d14bc54cfa8c","first_seen":"2025-10-08T14:49:36.676605Z","last_seen":"2025-10-08T14:49:36.676605Z","times_seen":1,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/1074910.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/1074910.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 92253\r\nlast-modified: Tue, 05 Nov 2024 06:59:31 GMT\r\netag: \"6729c253-1685d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":92253,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"97a23d13aef3b3bb8a0f81d446d1c0b0","sha1":"b5877011fe3c2a3e527ac83459cad04f43c018dd","sha256":"a4bee958a9abe5f81ccc48092d8e35af36ef2ba30ceb02b4d7310479147d754b","sha512":"db0de83922594b182dbc227737066f6e9bb184ac736bf76df53245d73d7d5008b9caa30a87cfec5e338d4fe24deab9dcb84a05dddac67624ae767c2d6b6c14ee","ssdeep":"1536:BfDppVSYtm5GrN3b8LyKK6ODwRKpUGqLSWPhmzruhCiYwNM:JlSWm54N3rdhGGQSWYz/iDM","tlshash":"0d93024353a88d86ffab482af735150dd81f2d75ee4780f7b1140c8f82b6d35468a57a","first_seen":"2025-10-08T14:49:36.677669Z","last_seen":"2025-10-08T14:49:36.677669Z","times_seen":1,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":134,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/1325446.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/1325446.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:00 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 114173\r\nlast-modified: Mon, 08 Sep 2025 11:40:11 GMT\r\netag: \"68bec09b-1bdfd\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":114173,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"06e0b1bc5719dc66f6922f5230f2d198","sha1":"5557aa5b2357edd3050de7c0c1efb65a35000865","sha256":"8b9be7e7d8a11f09ad6e0d1f8c2caa3c7c882eb7a3b9dfd2d098b895511d3fd0","sha512":"498e70b8ea9350bb10cc8796c19fb4582248071454fc20ebc07dbc73a4efd84b4a80e6583718646323cf1d1ac9554d44e73674c176d545bc011ac03bbd36b15f","ssdeep":"3072:l6d/ZGHJEkiBji+2RakIBhbRBZxUpCbjqh5Za/32RpXNmVl:l6tZGHJEBjP2TInD4CSrpXNy","tlshash":"73b3f113ce1a4743ba2213f8fd460e7d0e0e1b9ca59536fe02755e86aa702724d9f53e","first_seen":"2025-10-03T09:11:30.197701Z","last_seen":"2025-11-26T10:10:55.257327Z","times_seen":10,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/805650.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/805650.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 67452\r\nlast-modified: Tue, 05 Nov 2024 04:17:12 GMT\r\netag: \"67299c48-1077c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67452,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"75bb5299ed767a09a0beb43a6835aef7","sha1":"945dc1d6b28c9e913dc88f28d4c17654e64920ed","sha256":"15211fa4e62ba992d336a3772b6a1d2bb50c6ce0dae556a3091ef88d5bc46413","sha512":"b4588b2fa74c5f78a7b655c8b4f1f275b21ac72ed9bb67b13682bd2a7cc83f76f9825499275cb1a7817ccee58e85aff6424e373987a7c3d9d8c637974b9d1b73","ssdeep":"768:7a0QLGAWXlXvQQ4yD6QkKq5MZ7X0VtyFMigkMiIHU2pr0FuCQnA3EoxrxffHZCh/:7257K6NWZIV5ihlK00CQnx0xCFDr1x","tlshash":"8a6302c3a7c34fb28b7c95b04d096081e79d910db6e943fe091208a46e52163f20ddbf","first_seen":"2025-10-08T14:49:36.67986Z","last_seen":"2025-11-26T05:57:26.587228Z","times_seen":2,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":144,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/20876.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/20876.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81114\r\nlast-modified: Tue, 05 Nov 2024 00:15:24 GMT\r\netag: \"6729639c-13cda\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81114,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"19d14dfa532e95d93fa22236f60920fb","sha1":"e97bdc4eea9a69f1859b8bcac7c0f304e509f0a6","sha256":"e56d2982bcf736ba451150618761c64ed070f6e605d5a3dbe784e20bafda7d5d","sha512":"8f2142b7133288ee8045b64747c97f759dfff70cd067aad6274775f66f15b3e1353a7ab7f24df00a6dcddf85d3b018dbf2e6c82d42dcd666adb7577c17573954","ssdeep":"1536:ywaRcN6/Sl1Qd9obzs84nzUd2t6OlzjRxWpMRypp1mvsUiPeMd9EDV60NKfRufhk:WcN6Y6k4n4dufErpSvoP9EDjKfR0hk","tlshash":"8983f113bc1188d61dbe12d12a538bdf0d2baf14c1937ff356a64b6435b4da3aa0cd58","first_seen":"2025-10-08T14:49:36.680918Z","last_seen":"2025-10-08T14:49:36.680918Z","times_seen":1,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/5107940.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/5107940.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 65623\r\nlast-modified: Tue, 16 Sep 2025 16:15:20 GMT\r\netag: \"68c98d18-10057\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65623,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"08f14f841e7b55d333c994507f1d6383","sha1":"96002f5ba77c763230fc4c0817a0d2f2f320daaa","sha256":"aed7cf0227c3318de62075d3a9b8f8b3e95f5f67a57136a6a866c550784c7348","sha512":"b64fe86f5c900043ff56da2776d1633928451eb911da0cc26fce92baec6f2904a0a60faa796f24c4b1d599f21fd65c9f24d989c3d7027b30d1ffe5f94bd8a842","ssdeep":"1536:BtHQWpWFaXTh970xDahxyPxowaeq2cugeiTXbUXeNTvZdZ:LHQFa/oO3yP93q23gfTrUWTvZD","tlshash":"8b53f1875845592ac13163b17e0f2fed9a093d19e16179fb8a3a0cc1bf30965adce0a9","first_seen":"2025-10-08T14:49:36.682067Z","last_seen":"2025-11-01T16:46:53.310113Z","times_seen":4,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/793557.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/793557.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 86256\r\nlast-modified: Tue, 05 Nov 2024 04:12:17 GMT\r\netag: \"67299b21-150f0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86256,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 512x753, components 3","md5":"d8836fb0f078925c84244f4f7b81c4f8","sha1":"a008b4df45c6eed1939c0d90bfaa488df15f6f25","sha256":"f91119bedc2cdc4927e5068b2d9156f14f28c92506ac7cb20752b8a417bdb8f1","sha512":"27e13a08a97a4ed9204eb565f33e3aeae8f9f9faf2c9823c7142f5aa95964168d63ff2cf713a87118863f6189b66b6c500d204c15c97aaf91d60840e00d30caa","ssdeep":"1536:bXiC+IjEzqzbTl2GkR28+dG4xBv2SE1yxeafT/Qj3hje3truWjpIyYaIEGl+XNNt:eC+IjEzGxXkkxGZy8aTQT9EuWjpIyY9c","tlshash":"e4830274b0f7733eaf0be915865e2749b3e08261969a4f778b18d4ca6017c71825ccaf","first_seen":"2025-10-08T14:49:36.683164Z","last_seen":"2025-10-08T14:49:36.683164Z","times_seen":1,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":147,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/1113938.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/1113938.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 101221\r\nlast-modified: Tue, 05 Nov 2024 07:22:06 GMT\r\netag: \"6729c79e-18b65\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":101221,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"769b0f3ba65581b2c13c3d9c2e4b049a","sha1":"11b1ceb74ffe22e67eff8027bbcc482f4df0e363","sha256":"09f8b4971bc343b326e32f3449796fa66dd739851a7d54ca42f1e3d3336aaa9a","sha512":"c2ae61f0268d62de9c5bd6ecd6d9d76cb7ff1bb87970314383a1d1c579d0331a47ff40758e63e748090ddcba5a7f7319d0f60d6d4beef552bdd2912abcce6996","ssdeep":"3072:t5VQ5Ra+YEaP+Uj6NoQXAp718F2fm0e7+Pkmq:Fi5xUuNrXAc2fo7+g","tlshash":"a7a312932524eb968b130bba0d4a778a7f02199fdc6025fdb10f16897650feaf12d1cc","first_seen":"2025-10-08T14:49:36.684346Z","last_seen":"2025-10-08T14:49:36.684346Z","times_seen":1,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":142,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/5213844.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/5213844.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 141192\r\nlast-modified: Tue, 05 Nov 2024 17:13:20 GMT\r\netag: \"672a5230-22788\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":141192,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"47c485f2df3fc41b3087345dd95f5a77","sha1":"bf951be078840f629bc18a97335fabefa39e7f16","sha256":"e1719e45c5ee76044d83431562f28c97ea02b85228f14299490f3a149d2c577c","sha512":"a3f81401109f7ee5417854793d5221648de66a84b3f5aa96e9c57a172431cca9533aa8b873cf5d00bbdfabe00b9f99fa9135314f8608d6d67f5902cd5c7256e1","ssdeep":"3072:xif07tWb9HNdPM4I5gaBu/Pp3oqm/osWJa9:xs0pWb9tdPTXaBu/Pp4qkonm","tlshash":"5bd312fb9d407d61aea3b065d0aa2c21052dbc871fe09419a433ae0d56d3ffaa3dd057","first_seen":"2025-10-08T14:49:36.685487Z","last_seen":"2025-10-08T14:49:36.685487Z","times_seen":1,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/24186.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/24186.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 77661\r\nlast-modified: Tue, 05 Nov 2024 00:19:57 GMT\r\netag: \"672964ad-12f5d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77661,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x900, components 3","md5":"bf4aa258080a8aa42057d81a25702fec","sha1":"572383ee371ff98812400fa8c4c6e7f0301c8401","sha256":"0122afa5ec3d569bd6e86f7631ec9d77268008a7d280fa6e8773039616bbb80f","sha512":"102461150f4ec0aef0a701e4f6cf6388a54252e7148947dc734298f5f79ef7e8426cab0ffe9adabee5e45aafa66d5dbab691aeef56b821e590b7072fba216dbe","ssdeep":"1536:7C44IkyfbBsYZHSK7Pk883/+vjkv8T/s0hcNbcgRi57OuxWyHJ:z4I99sFK7Pn83Gvi8TETNVRi57OEWyp","tlshash":"647302cccb06f6601d030d4f5f8156e480588a8a9fef6ee0c464bd6e4b11db16e7db8a","first_seen":"2025-10-08T14:49:36.686509Z","last_seen":"2025-10-08T14:49:36.686509Z","times_seen":1,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/favicon/default/favicon-192x192.png","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /favicon/default/favicon-192x192.png HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nCookie: fpm_visit=1; fpm_referer=%2F%2F%2F%3Adirect\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 6206\r\nlast-modified: Mon, 06 Nov 2023 10:40:33 GMT\r\netag: \"6548c2a1-183e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6206,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGB, non-interlaced","md5":"c2af07b27824aeb26c6fc8c8461384c0","sha1":"d8fe39e6e1e80eda52913a5e8efbbf9744be805b","sha256":"8776f953cbde91e5e7af3bb4f10aefb17d0191b9a9ff3958713795ccc95143b3","sha512":"6e1c5a86029aea48e78e2f3aae680b941b7c8785534e8f3ae0652898b91ffe06b03a8044892418f7dcac4e67d9f28e812c8202bc5fc9fcafada39329a5dc1582","ssdeep":"96:KdzpZjLnqLB/dqJstVnsxF9r9NTDADvxfsnX/iomOvMLi1YBtfUmBj2:K52B/QqtVny9rADvEiomOkFtnR2","tlshash":"e8d17ff3e0fc89417295f96830f69ec05f672d23101157d9622bc9a693b5bd6604a1dc","first_seen":"2025-03-03T02:31:56.578028Z","last_seen":"2026-04-14T12:05:57.72877Z","times_seen":83,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/5212310.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/5212310.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 102767\r\nlast-modified: Tue, 16 Sep 2025 16:13:22 GMT\r\netag: \"68c98ca2-1916f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102767,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"66d04cce689edcc336523a3aa6843861","sha1":"27cd4c931660351c22d400a9d462c7b3f6723847","sha256":"9607f273bf3ae1732c69ff824eb0cbe8798a38696be53cde84ab263ce5449e79","sha512":"c35fde733d9f6abe5497802aa3eb1122ad9ef60a47503218fb87cd983b734ff84d3b580ee1ed7ce923c5bfe0a43b019b77ef487f6bff1b98836e699d2532689c","ssdeep":"1536:B05MRH340P5ewKZPaz/SrH+T1BhtIhBrTwpo2FttKGrdoTvfS2faioF7Q:+qH5PiZaz/tpBXIhBnGvFnrp2Sig0","tlshash":"3ea3f167ad0c001356a807f9bd931ebd394f739dad8152ff64170daf6e188526c9f80a","first_seen":"2025-10-08T14:49:36.68826Z","last_seen":"2025-11-03T03:30:15.404542Z","times_seen":5,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":131,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/1410902.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/1410902.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 82713\r\nlast-modified: Tue, 05 Nov 2024 12:59:38 GMT\r\netag: \"672a16ba-14319\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":82713,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"8064f6b468d2b193026008b4b6484cd0","sha1":"da807765171d204a48506504fcf15c3a76cf9cfc","sha256":"446ab4184637708ce829632f28933f7380d31d76632b1de7ce286f6149f81114","sha512":"158f9a9edff5f6cfa98e2821f94bd2c9c6750128593ae5f2af178b1445f2db2d82a7ad6590b19acfb6f3e02f6862273c61728581b190b27ac8bd6f20ac614830","ssdeep":"1536:BdzIkximLu7OgD9kQN9Nv6anXS4DgA8aoA86zX9y4+VS590c1yDoQgACpBjqOmLb:bzIkximLu7z9nfNv6aXtE96zXIfVSAaG","tlshash":"298312598323825a17d37d57b70edca0b9055f33388eabfb07922ba0f56195acb2d310","first_seen":"2025-10-08T14:49:36.689353Z","last_seen":"2025-10-08T14:49:36.689353Z","times_seen":1,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":142,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/4880777.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/4880777.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 67175\r\nlast-modified: Tue, 05 Nov 2024 15:49:26 GMT\r\netag: \"672a3e86-10667\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67175,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"404b8ac980da6c9bb47f84b63ee930c6","sha1":"027d0a3ba074308695838a05f24eb8e7519b4bd1","sha256":"04ff4b84a133587538236b69782f36662ab36d127f54632723ee2c56006f1a7e","sha512":"abca88a1cec89e464ee72c421f97fe4bf443884374f20d239e2be072987819d0eab1fac559631ea18c42259d748a03296d9e0ba5e7758707a3419590b7ecaee7","ssdeep":"1536:BvFO562pdxWZaEFTbdaQ547nr/Uk7tbSuAdAWWAS3iFvY:7OTdxENXdaNnrUALnYQ","tlshash":"05630201d15a1026276b6f6a9e0f25b264c6283a55510fae7f578f745c3be3d0ce4f4c","first_seen":"2025-10-08T14:49:36.690606Z","last_seen":"2025-10-08T14:49:36.690606Z","times_seen":1,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":140,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/5143788.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/5143788.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 104591\r\nlast-modified: Tue, 05 Nov 2024 17:00:04 GMT\r\netag: \"672a4f14-1988f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104591,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"b19fa5961b887e156d5026c0c8c5b324","sha1":"87076a3f682217a72c29bfbacefbfd29210f2abc","sha256":"0d046d4a3e502d27fe162426b2472de5bdb53e22a148d806efdc9cf2b59dec8c","sha512":"69494414cc58be1127d9da695f7c00c94e61cefb1dc41892fb324a019dd5eee8aadaaead377de3b0de829b838afcf8fe6a622b542437cb10e7ec89a2e6b909e5","ssdeep":"3072:EU2Lh6KVEx8se0ucyyc78U/nIt1OJeZPnBK+TnCI6UeCMy+Z:wWz+ycCqQBKZieCMy+Z","tlshash":"8aa3127fd02e6ba1fb596a2af1b1d6b2328a105b27417cced440d6b02334fa567716c8","first_seen":"2025-10-08T14:49:36.691673Z","last_seen":"2025-10-08T14:49:36.691673Z","times_seen":1,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/456494.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/456494.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 103745\r\nlast-modified: Tue, 05 Nov 2024 02:29:19 GMT\r\netag: \"672982ff-19541\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103745,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"45925bc3ae825612a9dcfda204f80ec2","sha1":"dab6167b057738395c4d41335d71731b2d04d97b","sha256":"6d57c9f19afcad87e60f97b967a917d3dd565dd68e34659ea76420188dee0f45","sha512":"e68cc7bfc73949c9c0a84797271f1532de44a98b703adf3c377bfd5cac955726f7a21f0b37fc295aaff3efdb4f13880f2625f6d81a73cac1044e274f95cdb890","ssdeep":"1536:yhzogr6TkKyRvx/PdOyh/JYOlMlecRjs7B00K7niJT9iDNOMmF5NNL0GSX3DPRIv:kH6AKyRJn5Mlep00CiC8MpTRi","tlshash":"9ea313b7038192a5a1329bbf4d02815377919abb0c3eb2795fa64854753ccac43ecad3","first_seen":"2025-10-08T14:49:36.692819Z","last_seen":"2025-10-08T14:49:36.692819Z","times_seen":1,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/732797.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/732797.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 92300\r\nlast-modified: Tue, 05 Nov 2024 03:54:36 GMT\r\netag: \"672996fc-1688c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":92300,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"3970b2ab1c0ca51a1d31c2ecc5605b72","sha1":"f61e0828e898fa6d3f6b8a715c1f19204d177378","sha256":"7206406abf86c1e9a6e3779b37ea9484b42e4662c9021e5f80d20533c9ab8b7d","sha512":"144abf4fa37958551909ed62ad797b587686e4382280868e002a33995f39eb6225d53d28a4a02fd59b9195fd3f77d7d7afe1da2aaec04962a59348431ad278e5","ssdeep":"1536:y7bgHo47c8qDm07WifSiSKAizGMWUrECkITA9tsb9Pa/i0WkRk9AQgLH:sK7c8qytEaKAAXrI0A9tsd8aCydc","tlshash":"76930213a8054d634d57c3ebffd24cea279ac366d9287cfd057b684dab178b6001ca58","first_seen":"2025-10-08T14:49:36.693974Z","last_seen":"2025-10-08T14:49:36.693974Z","times_seen":1,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/7252511.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/7252511.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:00 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 150239\r\nlast-modified: Mon, 08 Sep 2025 11:38:37 GMT\r\netag: \"68bec03d-24adf\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150239,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"e9e6e61bc4dc99149bebf69ca295cfa1","sha1":"1d247682853dbe167e93cf185d0c3bd96ee366fb","sha256":"2983264096043d6f8b5f5b2d0baf546bbbe57dac25171b16aaee147a5feac521","sha512":"3bdb83c9118da4b81e27932195f60d0f1b0736e7995fa716895313a8487dc5544eeab3ffc9965d9934a0a9a292eff7a57fee04eb3ecabe0545906ad4497d232c","ssdeep":"3072:cw/XXDmhYJcF6w5DB1kGFcrjooPiXKfPlX/EM4uj10:V/XXDmiJcF6w1PkOSbKgvELe10","tlshash":"dce312f893c795744a369aef60806b13411b6a1c2c857bb5e8ee8303bd72953dd493c3","first_seen":"2025-10-08T14:49:36.694995Z","last_seen":"2025-11-26T10:10:55.211359Z","times_seen":5,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":139,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/307012.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/307012.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 30910\r\nlast-modified: Tue, 05 Nov 2024 01:55:10 GMT\r\netag: \"67297afe-78be\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30910,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 610x864, components 3","md5":"57b22eb394ee1e887e85dbe80b12c967","sha1":"d953fd8f6a87c15fbb12b35712aded0789971c70","sha256":"2d91f99ddacf64a70d8d668b39ee55e08f240368c6a554dfdbd27858524ecfef","sha512":"383d65141b8a081b30b39bb224ac95279df32927104b7a9a3e68790f89d47bb1efc9cef937385649ada6b7adf766f1873903e6df737c1f2224848eb15d500e8c","ssdeep":"768:fvRMxpDC7gqLD/NyuavaGuHZDNu9bsPJuk+hUKf0w:fa/CTyoGqZDNYYkk+b1","tlshash":"f3d2be530d1c9a42f6369294fe134f4c7a067e5cfc4738bf24860dda7e35a215eae12a","first_seen":"2025-10-08T14:49:36.696073Z","last_seen":"2026-02-22T22:51:11.024639Z","times_seen":2,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/80268.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/80268.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 37986\r\nlast-modified: Tue, 05 Nov 2024 00:58:16 GMT\r\netag: \"67296da8-9462\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37986,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 354x500, components 3","md5":"80d14a9b60af9e8ad1c69e374b162c86","sha1":"c8b34e2e1d6130cede1283f30a03b0cf3cdf6e2e","sha256":"31ea7662235edc06abe930c6a3d3f9a5f50a7d589c59078b23db840d2f25bb6d","sha512":"72c1673c1b4a1f3fb1dc8ab8511ad7250ae58864d9bb76181d32072579be7dedd4d63d658b9102c6549154ddee62e7f318c546b07ac286f2caa78c58f7dac3be","ssdeep":"768:EGA0EwI7bAzPTUWVk0LA+DoJbQTJHBSijSc1ca9MRh39x+XitSuEb0RDn:EGJMcb8nJbQ1Hzva3hN5M0xn","tlshash":"f903f13f2f4a59a9ff846f3920373793964ddbba1a78731d0f967d6180e2d502a81106","first_seen":"2025-10-08T14:49:36.697166Z","last_seen":"2025-10-08T14:49:36.697166Z","times_seen":1,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/themes/lordfilm/assets/images/default-images/bg.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/themes/lordfilm/assets/images/default-images/bg.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nCookie: fpm_visit=1; fpm_referer=%2F%2F%2F%3Adirect\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 152322\r\nlast-modified: Sun, 18 Feb 2024 14:09:35 GMT\r\netag: \"65d20f9f-25302\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":152322,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x488, components 3","md5":"b78f84883933c4af80ff8c63840760b4","sha1":"8c511389223a457448da49babe013be036221d3c","sha256":"7a3bf7f67cdcc19a8e28ef2eb8288f9ce85c3220b6554c0d5c539795ac2bb59f","sha512":"6a8181c9c1cb5c4ed97cd8e1f6edba124cba44c969ae35147d308e18aefa1ffddb323153f651f6525dd49d9bbd9eea7e682b7250273571643d26c253b87ee844","ssdeep":"3072:909tPzzVv23y8J6p5JIeE4bH6ait4Wskf3C+WMSRYq8jMmSoIV/:9WzVeiu6p5JIwHKtFs23vOYGpd","tlshash":"7fe3238c0b39d75bf29290fbd5b5247de3b0cbb64c274e92b98ad57d08d523a0831179","first_seen":"2025-07-21T01:38:45.698477Z","last_seen":"2025-11-26T10:10:55.219666Z","times_seen":17,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lord-orange-fox.ru/wp-content/uploads/all-posters/1450108.jpg","fqdn":"lord-orange-fox.ru","domain":"lord-orange-fox.ru","tld":"ru"},"ip":{"addr":"62.197.45.240","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lord-orange-fox.ru/","date":"2025-10-08T14:49:01.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lord-orange-fox.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 20:03:04 GMT","end":"Sun, 14 Dec 2025 20:03:03 GMT"},"fingerprint":{"sha1":"E9:7E:DE:F7:D9:31:35:5A:1F:37:98:29:0C:03:41:9E:62:61:18:0C","sha256":"4A:D4:5F:C6:64:7D:AE:DA:76:51:1A:34:4C:CE:3D:58:DD:5D:FF:07:E5:62:97:0E:17:F6:EC:15:58:D8:9F:A0"}}},"request":{"raw":"GET /wp-content/uploads/all-posters/1450108.jpg HTTP/1.1\r\nHost: lord-orange-fox.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lord-orange-fox.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 14:49:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 108558\r\nlast-modified: Tue, 05 Nov 2024 13:27:00 GMT\r\netag: \"672a1d24-1a80e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":108558,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 610x900, components 3","md5":"187ef33753810833dfe6c72491bded61","sha1":"3ee4fde05c03c45e2f7d2c7e76dbc73bb65a5f2c","sha256":"d67c54cb0375b6228bde698fa7a09105cf3c88ba18e9e4a874d15508442d3f77","sha512":"813736d147033efc8b1cc1f7225f1a8d0abad3244f7228bb906af3d49f0fb450577401e8e17d9d42874d393adfb27b6e4b91f843256ca15713429c18a2dd8d67","ssdeep":"3072:glOZGxVVK78JXngZbLkXkoxJ+iFIbZDyQA1FqhrY8:EOZGxVVUIsbLkUoVIbJh6arY8","tlshash":"2fb312ba67369aa09e1a2dc5a4c21bb4537c83dd3068d7b15a0bc4a04f96dbbc4ff150","first_seen":"2025-10-08T14:49:36.699571Z","last_seen":"2025-10-08T14:49:36.699571Z","times_seen":1,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":150,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"lord-orange-fox.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}