{"report_id":"a1ce46d0-2350-4b30-85fa-7a6bce2fd4ce","version":6,"status":"done","tags":[],"date":"2025-12-03T20:44:22Z","url":{"schema":"http","addr":"www.yurist-online-servis-pomosh-rf.ru/","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"172.67.139.63","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"title":"Vegeterika - индивидуальные программы питания от диетолога","dom":{"size":71037,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (17075)","md5":"69a1b0b8432d7674577177fc59d5a7b1","sha1":"40a671d20ddf121c6018204aff766f9dd2ceaf5e","sha256":"c0ce55e3a6662e5f8e7e7cd3f789b00ac6cdc03a81a65cf5e42ed463d01ae22d","sha512":"a6c9117001887c3c879337b623381f3b8175f0f1639f7d35caee72fffb06701552209b1a160211290abc7909a8bc25bcc469c4a6e37b69fab4680d9fedc58d42","ssdeep":"768:HevGXjMaORPKvbaN0pLs5P219oOqbXLRZg839xMEZ7VWqX3lkemjdTm54HuXiEbG:OGXjgKOWOPhNxtVWqFkrcrid","tlshash":"0b632da184f5142f0042a0c2d673ae4f7ed49a17e606c755fcfd6aabdfc2c51ea1321a","dom_hash":"domhashaf991fbbcee0d979c122df4526432578","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.yurist-online-servis-pomosh-rf.ru/","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"172.67.139.63","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-07T20:44:22Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"www.yurist-online-servis-pomosh-rf.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.yurist-online-servis-pomosh-rf.ru","ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":10,"request_count":10,"received_data":1753111,"sent_data":5501,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"panel.quizgo.ru","ip":{"addr":"51.250.30.146","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"domain_registered":"2019-04-02","domain_rank":0,"first_seen":"2022-02-02T17:36:14Z","last_seen":"2025-11-25T08:58:46.915738Z","alert_count":0,"request_count":1,"received_data":27092,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5a5b319d7782e1cd7b9adade4c2db18f","sha1":"8680a399cbdf822add4902c1124be036bff38cd1","sha256":"976585534f0f1ef9bab58cfcecfe950e88db5757d2fa1ab8ede06c3743cd9e32","sha512":"61b3842ebf1e324e21f0b46517a2924ffa5d99970c7d96f9678dc534a7e1ccb39c063a7dbdcc71d3b1f278d48ea62bcae111351d232d419adac073956d5f0f21","ssdeep":"192:9muccUSG9RCEgQZIM0822bWs7vN+g+R3Yxw0hcCp3gplRZOwK3rGRoal8K3AsA2Z:9GrSEf1+N0hcCp3UO91xKQKZ","tlshash":"6d92fce681fa126d298435c3d6b77d8d38dc6c66e144db3ffc6eaa4bd38016062a0317","size":19534,"data":"","first_seen":"2025-10-28T07:15:55.126548Z","last_seen":"2026-01-03T13:01:12.698052Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/assets/quizwidget_v2/build/js/dist_v_1616432511Tb0okcx1BmetGNeQeIY3.js","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f670e038ab6364bb369ca4bea0bad608","sha1":"0ab91b5dd32b6f047f89a31f21c86c629e81f386","sha256":"5e54a1fc7c3c9597159535aa8bc6bbcb840a65bbe2ab73ef6d3d768c4856d576","sha512":"77be4eecff3efacf4a2f98204a22ede629b90c95071360a73d46c9cf2bae86a6340d328f971687424d9852093ca3049e9fc46dd8604113963a59224381d744aa","ssdeep":"6144:Zd+VqFxSv1qRSzfIA5Wft1jaoKzsgoDmBYqwlZ9+l+xP2U6w/T/DP1rcWp5+uoHJ:/+MxSv1n6W+qQZGaYH/Xqq","tlshash":"bbe4f7dab26ca33251d67275944eb38e62ad7856c808817c75e7e8cf5a7c8c4313eb34","size":699004,"data":"","first_seen":"2025-10-28T07:15:55.106854Z","last_seen":"2025-12-03T20:44:27.569127Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/widget/quiz/18122/swirl/init","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yurist-online-servis-pomosh-rf.ru/","date":"2025-12-03T20:43:59.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yurist-online-servis-pomosh-rf.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 05 Nov 2025 20:23:42 GMT","end":"Tue, 03 Feb 2026 21:22:17 GMT"},"fingerprint":{"sha1":"08:7A:2A:A6:CF:2F:C7:3F:E4:27:B9:92:3A:AB:0B:0A:22:63:A1:13","sha256":"69:EF:72:6E:12:7E:2F:DC:34:24:BA:B0:C6:F2:58:56:6B:34:2B:F7:33:26:4D:63:A3:62:52:6F:8C:F3:72:31"}}},"request":{"raw":"GET /widget/quiz/18122/swirl/init HTTP/1.1\r\nHost: www.yurist-online-servis-pomosh-rf.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-CSRF-TOKEN: qvy3VXPqZcXGJowHJ6oTUCMNZgw3VVIVNXZxuACg\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yurist-online-servis-pomosh-rf.ru/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 03 Dec 2025 20:43:59 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nI2ne9rYdwUyx0t4061uvacwCmzVqxkV7l58Bh7X7EwoxCbYMJCyJ2S6VPvDRtHSyK4IQxH%2BNcZXUyULU9%2F3DZRFQ5UBOD1JcBGuaoe%2F59lZxrwV2MMlfGGWiW8MKbXk6vy2\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9a85e63ddbd2568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":196,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"62962daa1b19bbcc2db10b7bfd531ea6","sha1":"d64bae91091eda6a7532ebec06aa70893b79e1f8","sha256":"80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880","sha512":"9002a0475fdb38541e78048709006926655c726e93e823b84e2dbf5b53fd539a5342e7266447d23db0e5528e27a19961b115b180c94f2272ff124c7e5c8304e7","ssdeep":"","tlshash":"c0d0129e9183638b442225907ac211d2654d13a6b87645e82d82a48a951857dc5ca69d","first_seen":"2023-03-07T12:06:54Z","last_seen":"2026-04-06T10:14:21.914629Z","times_seen":90315,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"www.yurist-online-servis-pomosh-rf.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/upload/crop2/1200/WwdzeMfy5MKGFr643tLKgvc9ku6NoyGGQe0yyRn4.jpeg","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.yurist-online-servis-pomosh-rf.ru/","date":"2025-12-03T20:43:59.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yurist-online-servis-pomosh-rf.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 05 Nov 2025 20:23:42 GMT","end":"Tue, 03 Feb 2026 21:22:17 GMT"},"fingerprint":{"sha1":"08:7A:2A:A6:CF:2F:C7:3F:E4:27:B9:92:3A:AB:0B:0A:22:63:A1:13","sha256":"69:EF:72:6E:12:7E:2F:DC:34:24:BA:B0:C6:F2:58:56:6B:34:2B:F7:33:26:4D:63:A3:62:52:6F:8C:F3:72:31"}}},"request":{"raw":"GET /upload/crop2/1200/WwdzeMfy5MKGFr643tLKgvc9ku6NoyGGQe0yyRn4.jpeg HTTP/1.1\r\nHost: www.yurist-online-servis-pomosh-rf.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yurist-online-servis-pomosh-rf.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 03 Dec 2025 20:43:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 432790\r\nlast-modified: Tue, 07 Jan 2025 11:25:22 GMT\r\netag: \"69a96-62b1c00288c80\"\r\nstrict-transport-security: max-age=604800\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TLfNBsn8j6032qWV%2BD7pm3YNCCZruEm1yl5R0CoLnhVUXvXkWdheDDBB4YIRbIHX45eTUX3UzxM8Pq9ObYsotL5el3CqPq4%2FR1Til%2FACtphY%2BNIC4iMx616oAettKLxeLXmT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a85e63debd3568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":432790,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 1200x800, components 3","md5":"a75c7165a9d431f208400e2062f93b60","sha1":"423cab4a6ef09c2506d42abfdf10050d78f7b96d","sha256":"d423f9e38d8aca1126f4b38a9e8a725953ee06875f4d1ac614e979f40cf16490","sha512":"a0091aca5f681dfdb327f3f2a9454d92733112198f19d01fdf7a7eae3b34b7fa0eb2d5e0ef8fd1868dc93d71e7d07a75399bee189d3d9ef6f28bc829cf856ab6","ssdeep":"6144:/I25PG6Ef1Gd0HVucoQxGx0mPt3LjvxBvLjDoxeLm77Ii43uj8bZy6CrlEkhYF:PoZ1Gd0CjHvxVHSmm3Izejqs6C3WF","tlshash":"ef9423ad9675b3d36db6d507e8c91d011f335a433ac4011200e663f26689e9eb7d8afc","first_seen":"2025-10-28T07:15:55.11977Z","last_seen":"2025-12-03T20:44:27.558264Z","times_seen":3,"resource_available":false,"data":null}},"time_used":414,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":231,"receive":183,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"www.yurist-online-servis-pomosh-rf.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"panel.quizgo.ru/assets/dashboard/build/img/default-consultant.png","fqdn":"panel.quizgo.ru","domain":"quizgo.ru","tld":"ru"},"ip":{"addr":"51.250.30.146","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.yurist-online-servis-pomosh-rf.ru/","date":"2025-12-03T20:43:59.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.quizgo.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 07 Sep 2025 13:15:03 GMT","end":"Fri, 09 Oct 2026 13:15:02 GMT"},"fingerprint":{"sha1":"74:3D:3A:2E:A1:B1:15:E7:CB:E1:3C:50:67:0F:3B:BE:BA:CB:EA:08","sha256":"82:54:5C:99:46:10:D0:F6:E1:BD:00:21:0C:62:92:65:F6:BD:0A:5D:CD:9D:C3:5A:45:10:DA:68:D5:76:1E:E0"}}},"request":{"raw":"GET /assets/dashboard/build/img/default-consultant.png HTTP/1.1\r\nHost: panel.quizgo.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0\r\nDate: Wed, 03 Dec 2025 20:43:59 GMT\r\nContent-Type: image/png\r\nContent-Length: 26777\r\nLast-Modified: Mon, 10 Mar 2025 06:15:37 GMT\r\nConnection: keep-alive\r\nETag: \"67ce8389-6899\"\r\nExpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nCache-Control: max-age=315360000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26777,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced","md5":"53926a09cf3a637e077645c90986e883","sha1":"7af64f1e9f5e765203390fe731ea01beeab27149","sha256":"b6a7aa735c44469942fffa95f25252c868252209ead370ee03fe56e8ac1a9cb0","sha512":"a38bb11826b5f41ff9552f8959221b4fa438e723118c05c07590ca8430f69bfdd12625cde11756e494a52d65ba8b3bd9d78296f4e3c80e3c6db4806a6d941154","ssdeep":"384:JZerQ3V4A2LUNkocWbKEbfmYLQJyF/ydv8UaNpy3ARdMpUmfC9VK6ZsdsmhnXlao:JZPmAK42yFAkUaNpywRdMpt3iolL7Zp","tlshash":"2dc2f12b8eb1aad6c7114d75d7c3b603c279fc8a902db1a4cb87f44239583c62c5e997","first_seen":"2023-05-22T08:52:07Z","last_seen":"2025-12-03T20:44:27.559707Z","times_seen":4,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":349,"dns":4,"connect":31,"send":0,"wait":62,"receive":1,"ssl":312},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-03T20:43:57.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yurist-online-servis-pomosh-rf.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 05 Nov 2025 20:23:42 GMT","end":"Tue, 03 Feb 2026 21:22:17 GMT"},"fingerprint":{"sha1":"08:7A:2A:A6:CF:2F:C7:3F:E4:27:B9:92:3A:AB:0B:0A:22:63:A1:13","sha256":"69:EF:72:6E:12:7E:2F:DC:34:24:BA:B0:C6:F2:58:56:6B:34:2B:F7:33:26:4D:63:A3:62:52:6F:8C:F3:72:31"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.yurist-online-servis-pomosh-rf.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 03 Dec 2025 20:43:58 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nlast-modified: Thu, 10 Apr 2025 11:20:48 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P4JoNJEpdpyQ4O6Fdq1HPzc0X3dLflANqjL%2BkILKEsMuSZnt6ny1XQ4XsSchKdNNeyb205r7lSvPQhLnPT2vrCjoF6eFaGMbW6LQOJWFmyt6B%2BAgkp7zMJ3kGcrkMunCyuSs\"}]}\r\nstrict-transport-security: max-age=604800\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a85e63729ed568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":60107,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (17075)","md5":"6df36e5f3c4f02248707e7ac56558469","sha1":"1ca04f0dd11a41bf02ba58a0096cd3c44b77f0b0","sha256":"c756aeb793d421c992f5ab66e5284417a82d6db03ee79610f8dde880f9a6d295","sha512":"5ff35c849126494c1bd2219ffc946adbad7b17868c954a7224cfb7afa803443d232be10a5f33f311a16dbc8b024a469f98188d0b5a0c30bc47c7a78fa88c11ce","ssdeep":"768:eV+GYMaORPKTbf3H0OD5P2DnoOMbH7+XowfwZ0uHSo7ExF:BGYgKfal1z","tlshash":"0c43ebe180f5152f008260c2d672ae4f7ec49917e60ad716fdfd9e9bdfc2d41aa1321a","first_seen":"2025-10-28T07:15:55.124786Z","last_seen":"2026-01-03T13:01:12.694486Z","times_seen":4,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":103,"dns":79,"connect":1,"send":0,"wait":198,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"www.yurist-online-servis-pomosh-rf.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/assets/quizwidget_v2/build/css/dist_v_1616432511Tb0okcx1BmetGNeQeIY3.css","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yurist-online-servis-pomosh-rf.ru/","date":"2025-12-03T20:43:58.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yurist-online-servis-pomosh-rf.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 05 Nov 2025 20:23:42 GMT","end":"Tue, 03 Feb 2026 21:22:17 GMT"},"fingerprint":{"sha1":"08:7A:2A:A6:CF:2F:C7:3F:E4:27:B9:92:3A:AB:0B:0A:22:63:A1:13","sha256":"69:EF:72:6E:12:7E:2F:DC:34:24:BA:B0:C6:F2:58:56:6B:34:2B:F7:33:26:4D:63:A3:62:52:6F:8C:F3:72:31"}}},"request":{"raw":"GET /assets/quizwidget_v2/build/css/dist_v_1616432511Tb0okcx1BmetGNeQeIY3.css HTTP/1.1\r\nHost: www.yurist-online-servis-pomosh-rf.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yurist-online-servis-pomosh-rf.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 03 Dec 2025 20:43:58 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Sat, 11 Jan 2025 11:53:52 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=604800\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"44039-62b6cdd729400\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3NOxyJAkm%2B5J95reloPSvAhLxE4SIbwbDxGT87aL8VFRpq2NgaOsGlah7t3chd7eyXhrfTbv23QyeDxkU0zQa7GNr%2BWmGmEeUeYnxZVow%2Fb6dGBiN0MdLk26pMHSOlDGO5cq\"}]}\r\npriority: u=2,i=?0\r\ncf-ray: 9a85e639eb92568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":278585,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8cd9db24dccb26f5365414ce0270ead1","sha1":"56e41dffd2a4e4acc28f47256bae4ac8581e7e0f","sha256":"35b28defbda91cf82c71ab8fb574e34f757ec2f37a9fa2d7433a48a632f67739","sha512":"2464b950ab5b29001492b5aaa282fe5725e6f725741792fa8ebe0ba356bb8b62ea9a550c431bcaf431edb77bca6117872b89f1987d072825d81b67cf26305d68","ssdeep":"6144:c/E23q3SYiLENM6HN26wtoGfi5ouXOQ1rC:Xyt1c1rC","tlshash":"2a44a562b5a1211de027c65561d0abfd262fc543e7230bfef92b3b3887851c61a73a4d","first_seen":"2025-10-28T07:15:55.115742Z","last_seen":"2026-01-03T13:01:12.680817Z","times_seen":4,"resource_available":false,"data":null}},"time_used":373,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":152,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"www.yurist-online-servis-pomosh-rf.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/upload/crop2/600/WwdzeMfy5MKGFr643tLKgvc9ku6NoyGGQe0yyRn4.jpeg","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.yurist-online-servis-pomosh-rf.ru/","date":"2025-12-03T20:43:58.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yurist-online-servis-pomosh-rf.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 05 Nov 2025 20:23:42 GMT","end":"Tue, 03 Feb 2026 21:22:17 GMT"},"fingerprint":{"sha1":"08:7A:2A:A6:CF:2F:C7:3F:E4:27:B9:92:3A:AB:0B:0A:22:63:A1:13","sha256":"69:EF:72:6E:12:7E:2F:DC:34:24:BA:B0:C6:F2:58:56:6B:34:2B:F7:33:26:4D:63:A3:62:52:6F:8C:F3:72:31"}}},"request":{"raw":"GET /upload/crop2/600/WwdzeMfy5MKGFr643tLKgvc9ku6NoyGGQe0yyRn4.jpeg HTTP/1.1\r\nHost: www.yurist-online-servis-pomosh-rf.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yurist-online-servis-pomosh-rf.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 03 Dec 2025 20:43:58 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 101741\r\nlast-modified: Sat, 11 Jan 2025 11:53:54 GMT\r\netag: \"18d6d-62b6cdd911880\"\r\nstrict-transport-security: max-age=604800\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wVr1OH%2FfrjNNKQdUsVlJ%2FwBMwdBhIOm7IRP3dr3sOt9GprmMNUWcXccjazoP8tCef2soHv8GMshmzzCMCHh%2Fxo0iXBPXA%2FRX9VvxHbpqQDsYXv5BaRNjrJfiAAZEuDtuZp%2Fi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a85e639eb93568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":101741,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x400, components 3","md5":"5f1db6930de98be09f11e4f2c73dbfc2","sha1":"3f01ba05c9a4d5b993a83e354808cc1e7498e309","sha256":"f4d67b8647dd4ae1abbcbb9ef660ece8d245023f780300b044de6e0f66014f2e","sha512":"55943a8ea8ed492c957022d9f2223e3edc18e7e8ac12a176c79ecc2cc0a98fe92f9638bf7d5572fddfdc731ecfa0294059e1c101c77ef32c756c8ce97b09c313","ssdeep":"1536:6FzklGflLXWLqeor8rHBX8ccFKdcGhCDEnY1A2bE7ols4KXZH9G0zJqFWTgKo5tg:dlGfVefrhl0Kd4OiAQ1tMzJqUoKZ","tlshash":"75a312453d75009214fee8b05e2c46fb6bf103165b560a6c98a32f79caffb41ae05bc8","first_seen":"2025-10-28T07:15:55.100787Z","last_seen":"2026-01-03T13:01:12.668218Z","times_seen":4,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"www.yurist-online-servis-pomosh-rf.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/assets/quizwidget_v2/build/img/loader.gif","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.yurist-online-servis-pomosh-rf.ru/","date":"2025-12-03T20:43:58.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yurist-online-servis-pomosh-rf.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 05 Nov 2025 20:23:42 GMT","end":"Tue, 03 Feb 2026 21:22:17 GMT"},"fingerprint":{"sha1":"08:7A:2A:A6:CF:2F:C7:3F:E4:27:B9:92:3A:AB:0B:0A:22:63:A1:13","sha256":"69:EF:72:6E:12:7E:2F:DC:34:24:BA:B0:C6:F2:58:56:6B:34:2B:F7:33:26:4D:63:A3:62:52:6F:8C:F3:72:31"}}},"request":{"raw":"GET /assets/quizwidget_v2/build/img/loader.gif HTTP/1.1\r\nHost: www.yurist-online-servis-pomosh-rf.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yurist-online-servis-pomosh-rf.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 03 Dec 2025 20:43:58 GMT\r\ncontent-type: image/gif\r\ncontent-length: 2395\r\nlast-modified: Sat, 11 Jan 2025 11:53:54 GMT\r\netag: \"95b-62b6cdd911880\"\r\nstrict-transport-security: max-age=604800\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sLxwYYQm4%2FOvbM%2BjSgYCaH2GylFFMsNCY1zAdgzanwKSET%2BwdMTUMlraP076gVpgdoY2wlNp8vjh4mw2ucKlczn7iyk8IDrHg5RRtIdgJvY6bHdfUwKCxVbT%2Bu6Twasc6URj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a85e639eb94568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2395,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 200 x 200","md5":"cefdb6c0479a4712c8c9e775c0a9136f","sha1":"a9d06f4b8195fc607a82f5a71ff398fa7bab09b0","sha256":"d52a8e957e8e6ef785d9ca3b4d139ef696d4a1f6586a18a6e543fd8cfa2f2403","sha512":"e80eaaba111c64ce9e2a25b74818cac91fdd68dad3d0eac6084e178e446e9c60cf90a3dcb0bb8a2e8e15f426e083a0e4402dcc1ec2dba93601343375859f0d2b","ssdeep":"","tlshash":"bc41e9321e388596e48caa307a23def00d669dc521af5717f3717c0c09396a54a46885","first_seen":"2025-10-28T07:15:55.103961Z","last_seen":"2026-01-03T13:01:12.684826Z","times_seen":4,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"www.yurist-online-servis-pomosh-rf.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/assets/dashboard/build/img/favicon.ico","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.yurist-online-servis-pomosh-rf.ru/","date":"2025-12-03T20:43:58.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yurist-online-servis-pomosh-rf.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 05 Nov 2025 20:23:42 GMT","end":"Tue, 03 Feb 2026 21:22:17 GMT"},"fingerprint":{"sha1":"08:7A:2A:A6:CF:2F:C7:3F:E4:27:B9:92:3A:AB:0B:0A:22:63:A1:13","sha256":"69:EF:72:6E:12:7E:2F:DC:34:24:BA:B0:C6:F2:58:56:6B:34:2B:F7:33:26:4D:63:A3:62:52:6F:8C:F3:72:31"}}},"request":{"raw":"GET /assets/dashboard/build/img/favicon.ico HTTP/1.1\r\nHost: www.yurist-online-servis-pomosh-rf.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yurist-online-servis-pomosh-rf.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 03 Dec 2025 20:43:59 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\nvary: accept-encoding\r\nlast-modified: Tue, 07 Jan 2025 11:25:22 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=604800\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"3aee-62b1c00288c80\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VFtGVo%2BU7%2BnWx1Vw6FILbfMkrNd6SEVuiSeDaUnaN3irCAJJdm%2BueWp3kbe1Oe2%2BwPbqwq9mmajS7NSXCh3aWOCWL2x6eIWEugCL4REUt1D9dyG8NDW60ueMxBqlUw6086uu\"}]}\r\npriority: u=6,i=?0\r\ncf-ray: 9a85e63d2bca568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15086,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"9ad16628972f5b678039691b2b3ef266","sha1":"003e0b10cfdad3d010883f5c59fa78afac7f0c5b","sha256":"945c8b5f19df2d14a31c9ffebc387f71dd5fb746933e1e4ffcbd5c03e2115f3e","sha512":"7945f7045b93c91a5a71c6b4f65457ad2dba52c9cde1615fb324dd028f8bae5997eb59b989cb91b5a869292405b40aab7a5a5a50f3bebd8b6280be5ecdeb64bc","ssdeep":"96:jyIXeAvxtnwXwmC3wwa1NWlzpstcxql4OLTELf+bNi:jyjAvewSSGvXbNi","tlshash":"6562c37ba2079bc3dbc10a7c8f35b9b501a96c79fc30c79e205c3a0a21d9ed6745259b","first_seen":"2023-05-22T08:52:07Z","last_seen":"2026-04-04T01:31:11.350774Z","times_seen":19,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"www.yurist-online-servis-pomosh-rf.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/assets/quizwidget_v2/build/fonts/TTNormsPro-Regular.woff","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.yurist-online-servis-pomosh-rf.ru/","date":"2025-12-03T20:43:59.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yurist-online-servis-pomosh-rf.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 05 Nov 2025 20:23:42 GMT","end":"Tue, 03 Feb 2026 21:22:17 GMT"},"fingerprint":{"sha1":"08:7A:2A:A6:CF:2F:C7:3F:E4:27:B9:92:3A:AB:0B:0A:22:63:A1:13","sha256":"69:EF:72:6E:12:7E:2F:DC:34:24:BA:B0:C6:F2:58:56:6B:34:2B:F7:33:26:4D:63:A3:62:52:6F:8C:F3:72:31"}}},"request":{"raw":"GET /assets/quizwidget_v2/build/fonts/TTNormsPro-Regular.woff HTTP/1.1\r\nHost: www.yurist-online-servis-pomosh-rf.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yurist-online-servis-pomosh-rf.ru/assets/quizwidget_v2/build/css/dist_v_1616432511Tb0okcx1BmetGNeQeIY3.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 03 Dec 2025 20:43:59 GMT\r\ncontent-type: font/woff\r\ncontent-length: 78252\r\nlast-modified: Tue, 07 Jan 2025 11:25:22 GMT\r\netag: \"131ac-62b1c00288c80\"\r\nstrict-transport-security: max-age=604800\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TdhL3ZKyecr%2FqEfbg3K1KsEzBvqfd4KVdpFyX0Yy%2BS%2B5HegO0bL85WBjz4NaLKVJRk6Hq7sUoAMXn3jKdaPiJN1%2FR%2BNYMPUzxtLinpjipQZXnFYYn0951lOoKclAoRVGDdm9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a85e63debd4568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78252,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 78252, version 0.0","md5":"76e68770cf6aa7cea3875bbe107a1483","sha1":"0f564843eba90ca18bf4234a69320ebb51950ef6","sha256":"c9b1b45af8225c06e43a0d1ca6ba07bbab7f5fa417dbec469735d20f7f980158","sha512":"3fec801316f5db6f966f7c22b817997469bb634af5a5e6a64b3889c772b2709e2b21967e191b032d2129b57c1202a1d3b07c7caeba4787f1972ea34c7cf5b6ba","ssdeep":"1536:W+oog68pjW+A2Ru4rRPs6/Uw9vx02JvSHr2aSWhNLJGzg:W+o6MjgpmR3PZx02JqL2aHhNf","tlshash":"69730200a54083f4bedd284d48550bbde53fd78b9bb92d9d3dc60306769353b4aae462","first_seen":"2023-08-03T06:21:23Z","last_seen":"2026-01-13T08:37:42.470241Z","times_seen":14,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":124,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"www.yurist-online-servis-pomosh-rf.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/assets/quizwidget_v2/build/fonts/TTNormsPro-Medium.woff","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.yurist-online-servis-pomosh-rf.ru/","date":"2025-12-03T20:43:59.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yurist-online-servis-pomosh-rf.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 05 Nov 2025 20:23:42 GMT","end":"Tue, 03 Feb 2026 21:22:17 GMT"},"fingerprint":{"sha1":"08:7A:2A:A6:CF:2F:C7:3F:E4:27:B9:92:3A:AB:0B:0A:22:63:A1:13","sha256":"69:EF:72:6E:12:7E:2F:DC:34:24:BA:B0:C6:F2:58:56:6B:34:2B:F7:33:26:4D:63:A3:62:52:6F:8C:F3:72:31"}}},"request":{"raw":"GET /assets/quizwidget_v2/build/fonts/TTNormsPro-Medium.woff HTTP/1.1\r\nHost: www.yurist-online-servis-pomosh-rf.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yurist-online-servis-pomosh-rf.ru/assets/quizwidget_v2/build/css/dist_v_1616432511Tb0okcx1BmetGNeQeIY3.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 03 Dec 2025 20:43:59 GMT\r\ncontent-type: font/woff\r\ncontent-length: 77592\r\nlast-modified: Tue, 07 Jan 2025 11:25:22 GMT\r\netag: \"12f18-62b1c00288c80\"\r\nstrict-transport-security: max-age=604800\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XrtXhjFnT%2Ba4THQhH6iFrR%2Bo5Sy4Fn1rMuRlVR8tw0xwbI28ImasNeudi%2BRKRcB6JFlKV4Hf3XriBtuv1YGlp0fpsEmcwF0idnaCX7hbs98E3O8fK6rKCRLM8T5eWo4uIGBY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a85e63debd5568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77592,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 77592, version 0.0","md5":"cac930affe35f1da4f8fb6a2ef7b4ab9","sha1":"86a2ede955a40352d270ec75d43ebea947d3a7f1","sha256":"87d1c21372a7b90497a88f3a3c5399a422a08a7c8a2fcdc18b1500e1c006014d","sha512":"1dacfbade13a65d4797289847fa1eb90411fce0f58c23c457d65c7cdbc42165db7495721b378ef519217f7827d0faca1793fa2bd6cfc75980fc08efbe3de43c4","ssdeep":"1536:KNXrvILiepRzUkuyQ8YC3VgendtDqTqel/JvSHr2aSWhNLJGzC:2XrvybpRwkw5Ca2dtD8/JqL2aHhNx","tlshash":"6573020b9d8017e901731afb418853fdbbbea78f2051319f2dd107658ee257f2d40aaa","first_seen":"2023-10-22T14:52:18Z","last_seen":"2026-01-13T08:37:42.341388Z","times_seen":14,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":56,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"www.yurist-online-servis-pomosh-rf.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yurist-online-servis-pomosh-rf.ru/assets/quizwidget_v2/build/js/dist_v_1616432511Tb0okcx1BmetGNeQeIY3.js","fqdn":"www.yurist-online-servis-pomosh-rf.ru","domain":"yurist-online-servis-pomosh-rf.ru","tld":"ru"},"ip":{"addr":"104.21.62.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yurist-online-servis-pomosh-rf.ru/","date":"2025-12-03T20:43:58.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yurist-online-servis-pomosh-rf.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 05 Nov 2025 20:23:42 GMT","end":"Tue, 03 Feb 2026 21:22:17 GMT"},"fingerprint":{"sha1":"08:7A:2A:A6:CF:2F:C7:3F:E4:27:B9:92:3A:AB:0B:0A:22:63:A1:13","sha256":"69:EF:72:6E:12:7E:2F:DC:34:24:BA:B0:C6:F2:58:56:6B:34:2B:F7:33:26:4D:63:A3:62:52:6F:8C:F3:72:31"}}},"request":{"raw":"GET /assets/quizwidget_v2/build/js/dist_v_1616432511Tb0okcx1BmetGNeQeIY3.js HTTP/1.1\r\nHost: www.yurist-online-servis-pomosh-rf.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yurist-online-servis-pomosh-rf.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 03 Dec 2025 20:43:58 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nlast-modified: Sat, 11 Jan 2025 11:53:52 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=604800\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"aaa7c-62b6cdd729400\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YQS3upD4NuMAzEa1jrV1roGU5nlZdG%2F%2BR%2F2SRO6h0fZhlq2XFj%2BZNoFy34thf56zQrZGr1N8zr%2Fwz8%2Bj7aW0XFxqJ5%2BHtDp4donxUt3giXECFfAkzIj3AWSvpSnw6Uw5CJp2\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 9a85e639eb95568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":699004,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"f670e038ab6364bb369ca4bea0bad608","sha1":"0ab91b5dd32b6f047f89a31f21c86c629e81f386","sha256":"5e54a1fc7c3c9597159535aa8bc6bbcb840a65bbe2ab73ef6d3d768c4856d576","sha512":"77be4eecff3efacf4a2f98204a22ede629b90c95071360a73d46c9cf2bae86a6340d328f971687424d9852093ca3049e9fc46dd8604113963a59224381d744aa","ssdeep":"6144:Zd+VqFxSv1qRSzfIA5Wft1jaoKzsgoDmBYqwlZ9+l+xP2U6w/T/DP1rcWp5+uoHJ:/+MxSv1n6W+qQZGaYH/Xqq","tlshash":"bbe4f7dab26ca33251d67275944eb38e62ad7856c808817c75e7e8cf5a7c8c4313eb34","first_seen":"2025-10-28T07:15:55.106854Z","last_seen":"2025-12-03T20:44:27.569127Z","times_seen":3,"resource_available":true,"data":null}},"time_used":440,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":211,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"www.yurist-online-servis-pomosh-rf.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}