{"report_id":"934a308a-4a1c-40da-ab42-dd45e91aa37f","version":6,"status":"done","tags":[],"date":"2026-05-29T18:15:14Z","url":{"schema":"https","addr":"veldsrings.org/","fqdn":"veldsrings.org","domain":"veldsrings.org","tld":"org"},"ip":{"addr":"193.233.129.175","port":0,"asn":43444,"as":"Blockchain Network Solutions Ltd","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"veldsrings.org/","fqdn":"veldsrings.org","domain":"veldsrings.org","tld":"org"},"title":"Next Generation Script Exploits","dom":{"size":12131,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"12c73240dd7f3ea5e31f45891d0766ea","sha1":"0ebeaad87cefa2f47ab2512f078df1f8e62f6cf1","sha256":"8a7e1464c206c656e15fec7bcecb058c48b7b1c5184e35e90efba6843f806ff5","sha512":"4967a43973890eaf08263fd09cb82bac7a183e493ff78f7bcf084986aa2948b837707299933d1e6c41a87b3f534cb4dbd11d4b691f2a30bae38a4e0b4493cdf4","ssdeep":"192:38ormOONht4lB/vfFskP8AAvmDz4Yx+eh+/Gvwi:MormOOm1wYth+c","tlshash":"42428269e9f15033016380d2dae6573b3fe6c017c5564040f2fd1bac1fd6e8eaa17aa9","dom_hash":"domhashda2a2d558a6a7740f6e7b890f2947d52","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"veldsrings.org/","fqdn":"veldsrings.org","domain":"veldsrings.org","tld":"org"},"ip":{"addr":"193.233.129.175","port":0,"asn":43444,"as":"Blockchain Network Solutions Ltd","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-03T18:15:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"veldsrings.org","ip":{"addr":"193.233.129.175","port":443,"asn":43444,"as":"Blockchain Network Solutions Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2026-05-29","domain_rank":0,"first_seen":"2026-05-29T18:11:33.644675Z","last_seen":"2026-05-29T18:11:33.644675Z","alert_count":0,"request_count":4,"received_data":29453,"sent_data":1756,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"veldsrings.org/script.js","fqdn":"veldsrings.org","domain":"veldsrings.org","tld":"org"},"ip":{"addr":"193.233.129.175","port":443,"asn":43444,"as":"Blockchain Network Solutions Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2174430e97194b6a42e4b42ec59831e","sha1":"68128d80b952dc8a22d7f526d97d432468bd8360","sha256":"95ff84ebd0e05d241d3c8e6bd21910976bbf380ad2dffe56bd585118d6c81b67","sha512":"75fa4a0ec418505221ef4ed7d833d94ab8b20fadee440a01669845db73a1df134afed5ba8e7a61b2958d372fb9bd24890ecc8e0b4eb60fbdfd680a1778bd8434","ssdeep":"","tlshash":"e051bd2b12b2203580a7716a93df8b887a3a104b7406cd563f5c4b4e1fe1da569f3ee5","size":2712,"data":"","first_seen":"2026-03-27T14:56:41.775218Z","last_seen":"2026-05-29T18:15:14.558327Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veldsrings.org/","fqdn":"veldsrings.org","domain":"veldsrings.org","tld":"org"},"ip":{"addr":"193.233.129.175","port":443,"asn":43444,"as":"Blockchain Network Solutions Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"f9f8bc5a430d77681a2c831c1c7637d9","sha1":"e3617125ac9f6fbd804da74d2bc41032d35013fd","sha256":"e29dfe3e6e1b955afbf08c7958187f8ffe425f50670016f2130342f8d843435b","sha512":"c89f1958c6b57e3be068d00d8c7ac83bacd514300fe553b4642d845ba4e45410eb42ba3807b7c928febc2f556c6b95a05fe36697277bd7ec90fca54e270543d0","ssdeep":"","tlshash":"fbe02b3c67631514b2232037dfbb8304f46181333086f405fb4e894dff61916968359b","size":347,"data":"","first_seen":"2026-05-29T18:11:38.422499Z","last_seen":"2026-05-29T18:15:14.559592Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"veldsrings.org/style.css","fqdn":"veldsrings.org","domain":"veldsrings.org","tld":"org"},"ip":{"addr":"193.233.129.175","port":443,"asn":43444,"as":"Blockchain Network Solutions Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://veldsrings.org/","date":"2026-05-29T18:14:53.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"veldsrings.org","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 11:02:11 GMT","end":"Thu, 27 Aug 2026 11:02:10 GMT"},"fingerprint":{"sha1":"3B:86:C7:85:F2:CF:60:B4:62:AF:F2:1D:76:9A:80:67:FE:4E:69:52","sha256":"3C:C3:D1:2F:9B:BB:F8:F3:BF:B5:34:56:35:89:EA:F1:B9:66:24:83:90:BF:B0:56:A1:3C:66:81:C8:17:31:E7"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: veldsrings.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://veldsrings.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 29 May 2026 18:14:53 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 29 May 2026 17:18:50 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"6a19ca7a-350c\"\r\nExpires: Sat, 30 May 2026 18:14:53 GMT\r\nCache-Control: max-age=86400\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13580,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"7c16fa07fac41e7044e62de7f6cd9832","sha1":"84d48eded8476899cf72676b70eed6e5f36e1248","sha256":"f58f6bd1d36fb1fc489afead4f184ed12362615151b3624217f888b0482ebebf","sha512":"464f527a4a8136d7523ea780a1a79060e0d33f4aac928383060fa151b6ad5f8a5a776b304c2776492dc77910e167558ddc31acb6897c0d1655576e7c3c7c88dc","ssdeep":"192:dpEBj+eOKI3A3qFsxb0bWMDLs3ZCvB+h5h7LaLsp1qOehg4Il+O3xYA+MvzPULpX:d1Fsx9BEyAUA","tlshash":"4952345966a71999781f982517ff97c4739ca087cc0dce7e3acd21548f893b8a0a2f4c","first_seen":"2026-03-27T14:56:41.774198Z","last_seen":"2026-05-29T18:15:14.554664Z","times_seen":21,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veldsrings.org/favicon.svg","fqdn":"veldsrings.org","domain":"veldsrings.org","tld":"org"},"ip":{"addr":"193.233.129.175","port":443,"asn":43444,"as":"Blockchain Network Solutions Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://veldsrings.org/","date":"2026-05-29T18:14:53.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"veldsrings.org","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 11:02:11 GMT","end":"Thu, 27 Aug 2026 11:02:10 GMT"},"fingerprint":{"sha1":"3B:86:C7:85:F2:CF:60:B4:62:AF:F2:1D:76:9A:80:67:FE:4E:69:52","sha256":"3C:C3:D1:2F:9B:BB:F8:F3:BF:B5:34:56:35:89:EA:F1:B9:66:24:83:90:BF:B0:56:A1:3C:66:81:C8:17:31:E7"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: veldsrings.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://veldsrings.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 29 May 2026 18:14:53 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Fri, 29 May 2026 17:18:50 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"6a19ca7a-1ba\"\r\nExpires: Sat, 30 May 2026 18:14:53 GMT\r\nCache-Control: max-age=86400\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":442,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"81c76c10bc20d8f88ab20b542025265b","sha1":"75aa3470706f1f27f2c4775825d31663318df2d6","sha256":"077df9e4e5c60fa9c75edee478f0e587ba4efda7deac4657dad93302142e7d66","sha512":"ac80021077f48f209d97888cacee5f96543a75d122b975b1bba873f23e9ce89634c45b539f4f33ca9ac77d44913ee2b0bdd738dada718ab11f606ee383fae8b3","ssdeep":"","tlshash":"e8f0e525d4e98423c128a381db64a8fa271dc1e392a58214b5ee3f183f5c4f668477a8","first_seen":"2026-03-27T14:56:41.776159Z","last_seen":"2026-05-29T18:15:14.55606Z","times_seen":21,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veldsrings.org/","fqdn":"veldsrings.org","domain":"veldsrings.org","tld":"org"},"ip":{"addr":"193.233.129.175","port":443,"asn":43444,"as":"Blockchain Network Solutions Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-29T18:14:52.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"veldsrings.org","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 11:02:11 GMT","end":"Thu, 27 Aug 2026 11:02:10 GMT"},"fingerprint":{"sha1":"3B:86:C7:85:F2:CF:60:B4:62:AF:F2:1D:76:9A:80:67:FE:4E:69:52","sha256":"3C:C3:D1:2F:9B:BB:F8:F3:BF:B5:34:56:35:89:EA:F1:B9:66:24:83:90:BF:B0:56:A1:3C:66:81:C8:17:31:E7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: veldsrings.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 29 May 2026 18:14:52 GMT\r\nContent-Type: text/html\r\nLast-Modified: Fri, 29 May 2026 17:18:50 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"6a19ca7a-2d03\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11523,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"fb445cb81443e86eaef68d3bcbb101b9","sha1":"2ad9b37217b234998c934e9f22654e5ff9c497f4","sha256":"366020a0b0bcf3a8f7f108bffd42dadb32c0e2beaf5e028223c65348a2b92cda","sha512":"5e6b660bd780ec191fca99333916f6f126788424b97c17fde9f0aaf1da74b62474f1a6dadbc97e3f89c2725d4c0c98cc2bdf65e99571ebf9b8aee6a3f9ab4142","ssdeep":"192:lyormOONht4lBThfP8RmD4Yx+eh+/GvwNM:4ormOOmBcYth+rM","tlshash":"e032606ae8f15433016384d39ea6536b7fe6c017c00a5000f1fd57ac1fd6e8aea17a9d","first_seen":"2026-05-29T18:11:38.421526Z","last_seen":"2026-05-29T18:15:14.557197Z","times_seen":4,"resource_available":true,"data":null}},"time_used":136,"timings":{"blocked":53,"dns":1,"connect":25,"send":0,"wait":25,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veldsrings.org/script.js","fqdn":"veldsrings.org","domain":"veldsrings.org","tld":"org"},"ip":{"addr":"193.233.129.175","port":443,"asn":43444,"as":"Blockchain Network Solutions Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://veldsrings.org/","date":"2026-05-29T18:14:53.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"veldsrings.org","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 11:02:11 GMT","end":"Thu, 27 Aug 2026 11:02:10 GMT"},"fingerprint":{"sha1":"3B:86:C7:85:F2:CF:60:B4:62:AF:F2:1D:76:9A:80:67:FE:4E:69:52","sha256":"3C:C3:D1:2F:9B:BB:F8:F3:BF:B5:34:56:35:89:EA:F1:B9:66:24:83:90:BF:B0:56:A1:3C:66:81:C8:17:31:E7"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: veldsrings.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://veldsrings.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 29 May 2026 18:14:53 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 29 May 2026 17:18:50 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"6a19ca7a-a98\"\r\nExpires: Sat, 30 May 2026 18:14:53 GMT\r\nCache-Control: max-age=86400\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2712,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"b2174430e97194b6a42e4b42ec59831e","sha1":"68128d80b952dc8a22d7f526d97d432468bd8360","sha256":"95ff84ebd0e05d241d3c8e6bd21910976bbf380ad2dffe56bd585118d6c81b67","sha512":"75fa4a0ec418505221ef4ed7d833d94ab8b20fadee440a01669845db73a1df134afed5ba8e7a61b2958d372fb9bd24890ecc8e0b4eb60fbdfd680a1778bd8434","ssdeep":"","tlshash":"e051bd2b12b2203580a7716a93df8b887a3a104b7406cd563f5c4b4e1fe1da569f3ee5","first_seen":"2026-03-27T14:56:41.775218Z","last_seen":"2026-05-29T18:15:14.558327Z","times_seen":21,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}