{"report_id":"b0146015-d9d1-49e4-a240-0baabd318dde","version":6,"status":"done","tags":[],"date":"2026-01-03T13:15:36Z","url":{"schema":"http","addr":"microsotfmailahtyqeebfdvuqxs.tricature.ru/","fqdn":"microsotfmailahtyqeebfdvuqxs.tricature.ru","domain":"tricature.ru","tld":"ru"},"ip":{"addr":"104.21.14.51","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"microsotfmailahtyqeebfdvuqxs.tricature.ru/","fqdn":"microsotfmailahtyqeebfdvuqxs.tricature.ru","domain":"tricature.ru","tld":"ru"},"title":"Desio Copilot – AI Workspace","dom":{"size":14186,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (377)","md5":"2d9c38bc8b079a935d871084c649d2fe","sha1":"9f60b528703ac9bec8e3431bb72991e3122e4988","sha256":"5013b761074066095d0ac23591ef9557677c7c89e2ff028ebfe0865feeb9ee53","sha512":"e04d970bfa392e3c5dfaa9f9c1405c9eae72f6f8d914f60b0d0fa7797428ccc05b55a01146d47b684b84ec82d0dad1e8fcfa3a964195c8e66141407756a7f3ad","ssdeep":"384:hRzGboRKozZd9qBpKJSmf0l+Za12mSBzM:+boRBr986f0l+I1z2g","tlshash":"0952503250a0643a2923e8c6aa60578f79e1e51bdd270640b6fca3e44fd3dd3ce67609","dom_hash":"domhashc4332a21a06e16010b673bb207617fd7","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"microsotfmailahtyqeebfdvuqxs.tricature.ru/","fqdn":"microsotfmailahtyqeebfdvuqxs.tricature.ru","domain":"tricature.ru","tld":"ru"},"ip":{"addr":"104.21.14.51","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-07T13:15:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"tq2tmylv9quqkoe"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"microsotfmailahtyqeebfdvuqxs.tricature.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"microsotfmailahtyqeebfdvuqxs.tricature.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"microsotfmailahtyqeebfdvuqxs.tricature.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"microsotfmailahtyqeebfdvuqxs.tricature.ru","ip":{"addr":"172.67.157.217","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-01-22","domain_rank":0,"first_seen":"2025-02-07T15:13:36.496479Z","last_seen":"2025-02-07T15:13:36.496479Z","alert_count":9,"request_count":3,"received_data":41239,"sent_data":1343,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"images.unsplash.com","ip":{"addr":"151.101.238.208","port":443,"asn":54113,"as":"FASTLY","country":"Norway","country_code":"NO"},"domain_registered":"2013-05-29","domain_rank":86676,"first_seen":"2015-08-06T06:03:25Z","last_seen":"2025-12-30T11:46:38.277149Z","alert_count":0,"request_count":3,"received_data":444537,"sent_data":1551,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-28T22:14:05.525046Z","alert_count":0,"request_count":4,"received_data":104476,"sent_data":2348,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.207.202","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-28T22:17:10.032556Z","alert_count":0,"request_count":1,"received_data":5121,"sent_data":502,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"microsotfmailahtyqeebfdvuqxs.tricature.ru/","fqdn":"microsotfmailahtyqeebfdvuqxs.tricature.ru","domain":"tricature.ru","tld":"ru"},"ip":{"addr":"172.67.157.217","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"68a0a88f891c8721b6095a6b18e62338","sha1":"f9d0473a3c5fc385cdffd9579c04e20ab6cf4a2d","sha256":"98a7526dd15de558fc5a35180672f5349a63f77f81f2e5caf7d30f010c8cf4e3","sha512":"eb7c48fc8631a9d4a6020e380e8debebe47b839da148b94ef3ed2e3e5dc703443f534a224378dff7747a1609bf65c7f28d75306e1e377750c61d7769b3a8aec8","ssdeep":"","tlshash":"00a0220332ac082a088e20a302a0b28c222080003cc2c0302c0c0208c080f03023c2c0","size":65,"data":"","first_seen":"2025-08-26T22:53:02.284343Z","last_seen":"2026-03-12T09:27:14.28011Z","times_seen":1446,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"microsotfmailahtyqeebfdvuqxs.tricature.ru/","fqdn":"microsotfmailahtyqeebfdvuqxs.tricature.ru","domain":"tricature.ru","tld":"ru"},"ip":{"addr":"172.67.157.217","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T13:15:20.702Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: microsotfmailahtyqeebfdvuqxs.tricature.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sat, 03 Jan 2026 13:15:21 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nCache-Control: no-cache, private\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nt4Slez0%2FstTHMnGNgf4BySYBGP0ckbspjDNxCufYDZQLlPk5sC0ItNMVUBgurmO09W8txgdfepYcLQTSVddytexjkJ4NdlbyvXkaqwRMLI%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nSet-Cookie: XSRF-TOKEN=eyJpdiI6Ik5STzEvK2UyeVlDUE5hbXNJUkJnZFE9PSIsInZhbHVlIjoienYwSUVUQUpzbzgrTmFFYUxjb2c4U2R2YlRqY2tqU2RpUGR2cFRTY054TjNpQ0NZcSttUXdCeld2Q2gvZ1A5UGd0cllxRGtFbFJrZVN5UFRwd3hOU0orOXVoNW1DaDd3YkMxa050d3pHMnQ0enkvOWhYUWtCN3hxMjdhZForYjkiLCJtYWMiOiJmZTExZmY3NWJkNjJkZjRjMzBkN2Q2OWFkMTdlNTdiYjMyYzVmODk4OWM2OGRhNzBmMzAxN2M0MDI1ZWNmZTcwIiwidGFnIjoiIn0%3D; expires=Sat, 03-Jan-2026 15:15:21 GMT; Max-Age=7200; path=/; secure; samesite=none\nlaravel_session=eyJpdiI6IldTbXJXNEQraUlRYkF1SjJnTDdGRWc9PSIsInZhbHVlIjoiRGQybEI2RmlFVVUvWFpoN1h4NFBXYWJFeHFjb3k5SWlPT2hiYUhJR3dvTlZKWWVIdnRvUDZCMHlTRG92T3hlV2lEZW03UzkrazVpNGVZTUZCdm0xM0tQYXRjdm1lQ3FCQno0b2NVejFMczVLbEhjOEZLdjhLbDRJZldKelZ3SVoiLCJtYWMiOiIwMDVmZDhkOWNkNGY3YzFhYWJhYzJjZjIxMTU0ZjVjZDg0Mjc3NzUzNzBiMGQxNjUyYTY1MjNhNzZhNTgwODI0IiwidGFnIjoiIn0%3D; expires=Sat, 03-Jan-2026 15:15:21 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nContent-Encoding: gzip\r\nCF-RAY: 9b82c3ae6db90b49-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14150,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (377)","md5":"78205d9016de2e597479f4d2afa2553d","sha1":"403cf36d2420d8069dcf3f6d496cd65e762606b0","sha256":"0f119d5572942fd873942e793d2fecad09a1e559d12896534f021e4e6fab2fa4","sha512":"6e97ae8e87b621afa58c2befad09dbaa1b750adf8e6a4b9fa873e0a6f7e123daae0c00fc07a57b33bf3d884a887518e2dcb4c22cc2469cb1fd2a106b3bb34d89","ssdeep":"384:PRaGboRKozZd9qBpKJSmf0l+uC1CmSBzA:BboRBr986f0l+11/28","tlshash":"9852613250a0743b2923e4c6aa61574f79f1e51bdd270640b6fca2e44fd3dd2cea7609","first_seen":"2025-11-01T06:14:30.995109Z","last_seen":"2026-02-17T07:18:09.17602Z","times_seen":4555,"resource_available":true,"data":null}},"time_used":632,"timings":{"blocked":3,"dns":0,"connect":2,"send":0,"wait":626,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"microsotfmailahtyqeebfdvuqxs.tricature.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"microsotfmailahtyqeebfdvuqxs.tricature.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"microsotfmailahtyqeebfdvuqxs.tricature.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images.unsplash.com/photo-1555066931-4365d14bab8c?q=80\u0026w=1600\u0026auto=format\u0026fit=crop","fqdn":"images.unsplash.com","domain":"unsplash.com","tld":"com"},"ip":{"addr":"151.101.238.208","port":443,"asn":54113,"as":"FASTLY","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://microsotfmailahtyqeebfdvuqxs.tricature.ru/","date":"2026-01-03T13:15:21.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.unsplash.com","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 12 Aug 2025 01:21:13 GMT","end":"Sun, 13 Sep 2026 01:21:12 GMT"},"fingerprint":{"sha1":"46:28:F0:69:6F:53:FC:9F:BA:6A:73:37:D0:D7:C8:87:AE:06:47:7A","sha256":"80:93:A2:9A:83:84:21:A8:A0:ED:D9:72:A8:E3:4D:EC:8E:A5:E4:4B:42:68:17:09:AA:D6:6C:7C:1B:9D:2A:48"}}},"request":{"raw":"GET /photo-1555066931-4365d14bab8c?q=80\u0026w=1600\u0026auto=format\u0026fit=crop HTTP/1.1\r\nHost: images.unsplash.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://microsotfmailahtyqeebfdvuqxs.tricature.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-imgix-id: ad155b45dec344b2b74a867140e25566dd4ddf57\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 23 Dec 2025 10:23:36 GMT\r\nserver: imgix\r\ndate: Sat, 03 Jan 2026 13:15:21 GMT\r\nage: 960705\r\naccept-ranges: bytes\r\ncontent-type: image/avif\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nx-served-by: cache-fra-eddf8230181-FRA, cache-osl6544-OSL\r\nx-cache: HIT, HIT\r\nvary: Accept, User-Agent\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 66754\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":66754,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"e6fc8411c43db99663b3b1ede45882cc","sha1":"03ee8e6f633fe76bd897c2a5c670844d53edfec2","sha256":"f055dc92a7fc48e9a8c1ed580e7c8cb514fee7026cbd087e420754bdc0c81a1c","sha512":"d33af07260402a38aa9a0a6939b2134f5341a74afde098bf168cc2c8ad27fd2fee284c113ff21d59f2cbe9d837c9daa6f7a75f56559de47aea93762855f895bf","ssdeep":"1536:g8eW1XfCrQjos/QwfGiSmKes/aF1Rx/Mg:ghW1KrQjJXF6iF1Rxr","tlshash":"e4630258a3791ab5db0343bc41321f693b112bfc5746ec2acb6038561352bc9d2875fb","first_seen":"2025-12-31T13:13:55.278391Z","last_seen":"2026-02-11T21:54:32.257085Z","times_seen":235,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":8,"dns":0,"connect":0,"send":0,"wait":4,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.unsplash.com/photo-1520607162513-77705c0f0d4a?q=80\u0026w=1460\u0026auto=format\u0026fit=crop","fqdn":"images.unsplash.com","domain":"unsplash.com","tld":"com"},"ip":{"addr":"151.101.238.208","port":443,"asn":54113,"as":"FASTLY","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://microsotfmailahtyqeebfdvuqxs.tricature.ru/","date":"2026-01-03T13:15:21.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.unsplash.com","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 12 Aug 2025 01:21:13 GMT","end":"Sun, 13 Sep 2026 01:21:12 GMT"},"fingerprint":{"sha1":"46:28:F0:69:6F:53:FC:9F:BA:6A:73:37:D0:D7:C8:87:AE:06:47:7A","sha256":"80:93:A2:9A:83:84:21:A8:A0:ED:D9:72:A8:E3:4D:EC:8E:A5:E4:4B:42:68:17:09:AA:D6:6C:7C:1B:9D:2A:48"}}},"request":{"raw":"GET /photo-1520607162513-77705c0f0d4a?q=80\u0026w=1460\u0026auto=format\u0026fit=crop HTTP/1.1\r\nHost: images.unsplash.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://microsotfmailahtyqeebfdvuqxs.tricature.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-imgix-id: 66a60cbeeb7d4573bc1818a19166720f72256f78\r\ncache-control: public, max-age=31536000\r\nlast-modified: Fri, 19 Dec 2025 08:23:21 GMT\r\nserver: imgix\r\ndate: Sat, 03 Jan 2026 13:15:21 GMT\r\nage: 1313519\r\naccept-ranges: bytes\r\ncontent-type: image/avif\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nx-served-by: cache-fra-etou8220100-FRA, cache-osl6544-OSL\r\nx-cache: HIT, HIT\r\nvary: Accept, User-Agent\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 270650\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":270650,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"815a2d78639ae1e48d00555c46c38630","sha1":"1bcca5297b1d6fbca88e7b14acfa96fe2247ad88","sha256":"e4416f55663109bf972acce9369adbf34a56f6fe1028ce8d8282915db21dbffd","sha512":"1bd60f7526ce65b938748a89ce60f32190ab0f6cc357a7f71a24dc5a3fc04884666001ddb799bf22eb5b45753a6e86fdd2dc2f44ca49d750bb5ed9fa5d64f3b9","ssdeep":"6144:AUu3CaHhdsYLpwnwh3+dn5SeYwYZUbmt1H/FwR1zWT4Hnz71E1:AvyGHsktq6tx9wR1zA4nP1E1","tlshash":"f14423011f12e5f8e764ff3665f33e22a31979695870ae23613948aff38a5b5a0c7058","first_seen":"2025-12-16T10:47:32.854962Z","last_seen":"2026-01-16T10:38:03.025599Z","times_seen":187,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":7,"dns":3,"connect":1,"send":0,"wait":6,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.unsplash.com/photo-1556157382-97eda2d62296?q=80\u0026w=1460\u0026auto=format\u0026fit=crop","fqdn":"images.unsplash.com","domain":"unsplash.com","tld":"com"},"ip":{"addr":"151.101.238.208","port":443,"asn":54113,"as":"FASTLY","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://microsotfmailahtyqeebfdvuqxs.tricature.ru/","date":"2026-01-03T13:15:21.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.unsplash.com","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 12 Aug 2025 01:21:13 GMT","end":"Sun, 13 Sep 2026 01:21:12 GMT"},"fingerprint":{"sha1":"46:28:F0:69:6F:53:FC:9F:BA:6A:73:37:D0:D7:C8:87:AE:06:47:7A","sha256":"80:93:A2:9A:83:84:21:A8:A0:ED:D9:72:A8:E3:4D:EC:8E:A5:E4:4B:42:68:17:09:AA:D6:6C:7C:1B:9D:2A:48"}}},"request":{"raw":"GET /photo-1556157382-97eda2d62296?q=80\u0026w=1460\u0026auto=format\u0026fit=crop HTTP/1.1\r\nHost: images.unsplash.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://microsotfmailahtyqeebfdvuqxs.tricature.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-imgix-id: 666d7bfba862f8e0db8a1077d98f2d1f768dd406\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 23 Dec 2025 11:53:19 GMT\r\nserver: imgix\r\ndate: Sat, 03 Jan 2026 13:15:21 GMT\r\nage: 955321\r\naccept-ranges: bytes\r\ncontent-type: image/avif\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nx-served-by: cache-fra-eddf8230069-FRA, cache-osl6544-OSL\r\nx-cache: HIT, HIT\r\nvary: Accept, User-Agent\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 105258\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":105258,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"d96609ccba812ae2732ea2be2abdb2fc","sha1":"f20eaef07be044a0653d9642c42ffd85199541ed","sha256":"3b2bad096af2f0ea2e428535ad0a02482edfed6d51ffe6d6499fcb74b7b7a90d","sha512":"b2646ee893353b602f2d66d4ff6e6be40ce065cf86c6388b5cc89cd137dc14127d287ff41bd5396b533b9bae64c4342ce8c4a4f06990ea5eb0743bbcf9129312","ssdeep":"1536:zp0jFPN4K46OopJHN7iMMoDFCokTGaqr5pGwPF6pb6kwL3rxHrbXZ48igS:zSZPm6OojNhM5o4GaqrTGznwL3rJNigS","tlshash":"19a312a48821f717f09e21fca496b99c2ecb7fafe117f9c24619163178400ddda46e35","first_seen":"2025-12-16T10:47:32.855872Z","last_seen":"2026-02-11T21:54:32.249693Z","times_seen":311,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":4,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sora/v17/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://microsotfmailahtyqeebfdvuqxs.tricature.ru/","date":"2026-01-03T13:15:21.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sora/v17/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://microsotfmailahtyqeebfdvuqxs.tricature.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 25284\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 01 Jan 2026 10:02:14 GMT\r\nexpires: Fri, 01 Jan 2027 10:02:14 GMT\r\ncache-control: public, max-age=31536000\r\nage: 184387\r\nlast-modified: Mon, 08 Sep 2025 17:59:26 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25284,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 25284, version 1.0","md5":"fc575ebf6f7c3646d13d9386cf8a86e0","sha1":"779e9507b31992161d36df9f8a78ee73a6e64225","sha256":"811e11966d29f3a01fcb19b087b61ac067d380665a55aebb7fcdf2cda95e4a93","sha512":"bf1f6890960e5fe79619d0a7757b95b9e422e3aa5634b1fcfe7b59f018234ec9aff01ae70d9b3593e1e5ddde78e716139c443e5ab0741a61c5d6b1637397412c","ssdeep":"384:dZgkQy8vw6D97NySvnt+kywHJ0WQ5k77oyquIw8CTTu36ioguDDYdiW3I7Oa4Leq:dmJ0G95ySAIHJvd2uIw86zioFA2OC5cL","tlshash":"63b2f14db61d308cfa05cabf0ecb8aba2031dc44bd5b39c4f217928739f6a6599c4564","first_seen":"2025-09-10T18:00:33.205576Z","last_seen":"2026-04-04T00:20:24.889776Z","times_seen":1252,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":53,"dns":0,"connect":8,"send":0,"wait":18,"receive":10,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sora/v17/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://microsotfmailahtyqeebfdvuqxs.tricature.ru/","date":"2026-01-03T13:15:21.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sora/v17/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://microsotfmailahtyqeebfdvuqxs.tricature.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 25284\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 01 Jan 2026 10:02:14 GMT\r\nexpires: Fri, 01 Jan 2027 10:02:14 GMT\r\ncache-control: public, max-age=31536000\r\nage: 184387\r\nlast-modified: Mon, 08 Sep 2025 17:59:26 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25284,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 25284, version 1.0","md5":"fc575ebf6f7c3646d13d9386cf8a86e0","sha1":"779e9507b31992161d36df9f8a78ee73a6e64225","sha256":"811e11966d29f3a01fcb19b087b61ac067d380665a55aebb7fcdf2cda95e4a93","sha512":"bf1f6890960e5fe79619d0a7757b95b9e422e3aa5634b1fcfe7b59f018234ec9aff01ae70d9b3593e1e5ddde78e716139c443e5ab0741a61c5d6b1637397412c","ssdeep":"384:dZgkQy8vw6D97NySvnt+kywHJ0WQ5k77oyquIw8CTTu36ioguDDYdiW3I7Oa4Leq:dmJ0G95ySAIHJvd2uIw86zioFA2OC5cL","tlshash":"63b2f14db61d308cfa05cabf0ecb8aba2031dc44bd5b39c4f217928739f6a6599c4564","first_seen":"2025-09-10T18:00:33.205576Z","last_seen":"2026-04-04T00:20:24.889776Z","times_seen":1252,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":76,"dns":0,"connect":8,"send":0,"wait":11,"receive":3,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sora/v17/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://microsotfmailahtyqeebfdvuqxs.tricature.ru/","date":"2026-01-03T13:15:21.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sora/v17/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://microsotfmailahtyqeebfdvuqxs.tricature.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 25284\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 01 Jan 2026 10:02:14 GMT\r\nexpires: Fri, 01 Jan 2027 10:02:14 GMT\r\ncache-control: public, max-age=31536000\r\nage: 184387\r\nlast-modified: Mon, 08 Sep 2025 17:59:26 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25284,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 25284, version 1.0","md5":"fc575ebf6f7c3646d13d9386cf8a86e0","sha1":"779e9507b31992161d36df9f8a78ee73a6e64225","sha256":"811e11966d29f3a01fcb19b087b61ac067d380665a55aebb7fcdf2cda95e4a93","sha512":"bf1f6890960e5fe79619d0a7757b95b9e422e3aa5634b1fcfe7b59f018234ec9aff01ae70d9b3593e1e5ddde78e716139c443e5ab0741a61c5d6b1637397412c","ssdeep":"384:dZgkQy8vw6D97NySvnt+kywHJ0WQ5k77oyquIw8CTTu36ioguDDYdiW3I7Oa4Leq:dmJ0G95ySAIHJvd2uIw86zioFA2OC5cL","tlshash":"63b2f14db61d308cfa05cabf0ecb8aba2031dc44bd5b39c4f217928739f6a6599c4564","first_seen":"2025-09-10T18:00:33.205576Z","last_seen":"2026-04-04T00:20:24.889776Z","times_seen":1252,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":79,"dns":1,"connect":9,"send":0,"wait":8,"receive":4,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sora/v17/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://microsotfmailahtyqeebfdvuqxs.tricature.ru/","date":"2026-01-03T13:15:21.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sora/v17/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://microsotfmailahtyqeebfdvuqxs.tricature.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 25284\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 01 Jan 2026 10:02:14 GMT\r\nexpires: Fri, 01 Jan 2027 10:02:14 GMT\r\ncache-control: public, max-age=31536000\r\nage: 184387\r\nlast-modified: Mon, 08 Sep 2025 17:59:26 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25284,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 25284, version 1.0","md5":"fc575ebf6f7c3646d13d9386cf8a86e0","sha1":"779e9507b31992161d36df9f8a78ee73a6e64225","sha256":"811e11966d29f3a01fcb19b087b61ac067d380665a55aebb7fcdf2cda95e4a93","sha512":"bf1f6890960e5fe79619d0a7757b95b9e422e3aa5634b1fcfe7b59f018234ec9aff01ae70d9b3593e1e5ddde78e716139c443e5ab0741a61c5d6b1637397412c","ssdeep":"384:dZgkQy8vw6D97NySvnt+kywHJ0WQ5k77oyquIw8CTTu36ioguDDYdiW3I7Oa4Leq:dmJ0G95ySAIHJvd2uIw86zioFA2OC5cL","tlshash":"63b2f14db61d308cfa05cabf0ecb8aba2031dc44bd5b39c4f217928739f6a6599c4564","first_seen":"2025-09-10T18:00:33.205576Z","last_seen":"2026-04-04T00:20:24.889776Z","times_seen":1252,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":68,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsotfmailahtyqeebfdvuqxs.tricature.ru/","fqdn":"microsotfmailahtyqeebfdvuqxs.tricature.ru","domain":"tricature.ru","tld":"ru"},"ip":{"addr":"104.21.14.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T13:15:13.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tricature.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 14 Nov 2025 07:17:50 GMT","end":"Thu, 12 Feb 2026 08:15:22 GMT"},"fingerprint":{"sha1":"B0:52:3A:00:84:C6:5C:B5:8A:7E:70:76:2B:F1:F7:80:7D:FD:41:E9","sha256":"52:D1:E2:38:49:95:56:0F:4C:3D:F9:75:3D:5A:9E:DE:96:0A:A5:CA:9C:AE:25:60:AE:AE:C4:A5:D7:35:BF:37"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: microsotfmailahtyqeebfdvuqxs.tricature.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 03 Jan 2026 13:15:20 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: no-cache, private\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xv0THht2UWrY3EP02HFLf4yl%2BUx1VAykGdL17qAzQzIqCAEZ9utCErzWKbcDrGXo%2B7MXXNKoXpJbnavtnShJEz6B%2F0PtA3BfPJfsx05bXWY%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IlZua3o3aUJENTgyUE9xVDZtdXVYQ3c9PSIsInZhbHVlIjoiSyt6MHN6S2E1WnNiMkZucUd4UWhSOXZySkNWUVNUdVNKK0dZL01uV1VjOEhvcHVrSzhLYmtmMWN4Zmk2T0gzZHUrL0JpNlhKazFyMTdUR2FVSVUwWVJYOGdjMDcvbzAvQis4WkVmVVJjd3p3Yjdja2xCd1oxMnpTNDNPZW01cEUiLCJtYWMiOiJiYzUzNzAwNmEwODQ3OTgwYzdjODdiMjIwZmJkMDIwMDNlMmJhOWZjYmZlMDQzMDcyZjY5ZDc4NWViODA4YjdiIiwidGFnIjoiIn0%3D; expires=Sat, 03-Jan-2026 15:15:20 GMT; Max-Age=7200; path=/; secure; samesite=none\nlaravel_session=eyJpdiI6IkxyVTFOV2twRmdBV1hBTmRWMVcwaWc9PSIsInZhbHVlIjoiU1dnWHBOVVYxK2ZiUHFGb05OQXNld0FLS3FSaHQ4akhEcWt3elNnT0lZampIQ0ZBUWlMRWoxTWZjUG9KWXlWUTBLejhoREtRQVhoMHNieEpRaDlJdjlLNnF5bjl6UmNjQzU2S25LU0ZPV2hkRERDeDVZM3IxdytSWGcwNXo4aWYiLCJtYWMiOiJhYmUzOWUyMDJiNzU5NjViNmU0YWRhNWIxZjdjOGZkMDg4Njc4YTZkZDRmZjIzOGVlNzZlM2FkYmFmNTM2MjcyIiwidGFnIjoiIn0%3D; expires=Sat, 03-Jan-2026 15:15:20 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\ncontent-encoding: br\r\ncf-ray: 9b82c3aafb792efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11254,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (399)","md5":"b0d3b34294c0d3b11813cbb8e78ba653","sha1":"8cab51e4c66be92488ff439acae05f68ceccbd43","sha256":"ec7061bfec61b9c8f47dec071126c3b9c23786a752bd421d144e945854bb711b","sha512":"318e3dad27e022c001aea4a38501e15c884fc89e9e669be3962a5e9210ba3ad758a6e2bef061187ccebfb7b69d495ade1d662cd8183719d0b668a8ca4565f55a","ssdeep":"192:fvSJGOnWvXZ0IcQ8X2t56yTmhp52Ee83PDkLT6pejYlg04/ZlgdZOxU:XSqZ0IRd7Chp526rkLRsYuZOxU","tlshash":"eb32c83250a0743b2923e5d5f7a4178f75a1e113d9270b80b9fd92a48fd3ed2cea7149","first_seen":"2025-11-01T09:42:06.687375Z","last_seen":"2026-02-17T07:18:09.174033Z","times_seen":4573,"resource_available":true,"data":null}},"time_used":13338,"timings":{"blocked":6426,"dns":0,"connect":1,"send":0,"wait":486,"receive":0,"ssl":6424},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"microsotfmailahtyqeebfdvuqxs.tricature.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"microsotfmailahtyqeebfdvuqxs.tricature.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"microsotfmailahtyqeebfdvuqxs.tricature.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Sora:wght@400;500;600;700;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.207.202","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://microsotfmailahtyqeebfdvuqxs.tricature.ru/","date":"2026-01-03T13:15:21.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Sora:wght@400;500;600;700;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://microsotfmailahtyqeebfdvuqxs.tricature.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 03 Jan 2026 13:15:21 GMT\r\ndate: Sat, 03 Jan 2026 13:15:21 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4435,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"0e8412e69177481834a11049265352e8","sha1":"a07bb192571849c72a6fa2af8017c3749b6845a7","sha256":"43d7d74225ca42fc64cb95e1ea41e503d4fe1afa2bc46596e8e6eea6b195c68a","sha512":"66b57a03486b92377aea281ff7afe91440c1d969de1e26928aa88341755edc45450ff68d11485e2b145da070c5af0aad36a83c4cd51a2a9740e9032b5be37586","ssdeep":"96:EOEa1xJc+uoOEa1PNlOXa1xJc+uoOXa1PNlOxMa1xJc+uoOxMa1PNlOpa1xJc+u/:r1BS1b1BB1+1Bo191Bv1I1Be1G","tlshash":"8a910f810967e444fb931cc222dd7d32ee4ea1516844e9799efd18d8fc9ec265362f0c","first_seen":"2025-10-13T07:58:10.562807Z","last_seen":"2026-04-01T17:23:28.444386Z","times_seen":523,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":86,"dns":0,"connect":8,"send":0,"wait":18,"receive":0,"ssl":81},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"microsotfmailahtyqeebfdvuqxs.tricature.ru/favicon.ico","fqdn":"microsotfmailahtyqeebfdvuqxs.tricature.ru","domain":"tricature.ru","tld":"ru"},"ip":{"addr":"172.67.157.217","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://microsotfmailahtyqeebfdvuqxs.tricature.ru/","date":"2026-01-03T13:15:21.621Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: microsotfmailahtyqeebfdvuqxs.tricature.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://microsotfmailahtyqeebfdvuqxs.tricature.ru/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 03 Jan 2026 13:15:22 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nCache-Control: no-cache, private\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z5T8B9vN9RQXHIZFOsNMhJUlNcMMr1nr9kZKxEOtuNAc3miQsPWbOfP3m8mg96Vb%2BWZpkXLmdpECbi8rsrHfeNo9hTU%2FMZ8c%2FBo8HVkbEdc%3D\"}]}\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nSet-Cookie: XSRF-TOKEN=eyJpdiI6IjBMdXRWaHU0KzhDZEo5UURlY3lMUGc9PSIsInZhbHVlIjoiTnViNzNRSmduVllPa1RJV01XcmluNkdVSjZHZ0I4RTFINkhtTk51SUhVRkRHelNIdS9qek1QQkxHR2NrOTdxZ3ZqM2dOVzR5QzkvUVo2dC8yWEpjUWd0dk05V2YyV05DRE41NnFwdFQyL0t2UWxGS1J0Tk9VY1l3YWQ1VVRLKzgiLCJtYWMiOiJiNDMwOWY5NjQ5OTFhMTZmNDY2YjZlZWM1MDg5MjZmNmNiMTMxMTViZWZmOTZmOTkxYTc0YzU3ZWYyMjI1NDliIiwidGFnIjoiIn0%3D; expires=Sat, 03-Jan-2026 15:15:22 GMT; Max-Age=7200; path=/; secure; samesite=none\nlaravel_session=eyJpdiI6InlUWGRqTkwwYmNUbGdtV0V0OGM4elE9PSIsInZhbHVlIjoiM25UK0JYOTZPc1FzbVFrS05aTnpJNGVsSitNblg4OGlneW5iRm1Xc2xJVFROOTQwOW9SVFNvOFZ3WUROMDRkWFN3ME9JeVBYc3pWRzhnVEkvSFNZdE1yUFZYSzlWcVRwOGs2elp4S2RRVGlqakg0Wk5pTlRSVFM4eGxBODIwMnYiLCJtYWMiOiIzMzk3ODZiMzc0ZjdmOTRkOWJjODQ3ODQ2YzAxMmM5OTQ5MzQ1NTg0MTAzMDI1NDA5ZjZlMTYxMTNiMDRiODE2IiwidGFnIjoiIn0%3D; expires=Sat, 03-Jan-2026 15:15:22 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nContent-Encoding: gzip\r\nCF-RAY: 9b82c3b42a660b49-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11254,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (399)","md5":"b0d3b34294c0d3b11813cbb8e78ba653","sha1":"8cab51e4c66be92488ff439acae05f68ceccbd43","sha256":"ec7061bfec61b9c8f47dec071126c3b9c23786a752bd421d144e945854bb711b","sha512":"318e3dad27e022c001aea4a38501e15c884fc89e9e669be3962a5e9210ba3ad758a6e2bef061187ccebfb7b69d495ade1d662cd8183719d0b668a8ca4565f55a","ssdeep":"192:fvSJGOnWvXZ0IcQ8X2t56yTmhp52Ee83PDkLT6pejYlg04/ZlgdZOxU:XSqZ0IRd7Chp526rkLRsYuZOxU","tlshash":"eb32c83250a0743b2923e5d5f7a4178f75a1e113d9270b80b9fd92a48fd3ed2cea7149","first_seen":"2025-11-01T09:42:06.687375Z","last_seen":"2026-02-17T07:18:09.174033Z","times_seen":4573,"resource_available":true,"data":null}},"time_used":600,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":600,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"microsotfmailahtyqeebfdvuqxs.tricature.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"microsotfmailahtyqeebfdvuqxs.tricature.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"microsotfmailahtyqeebfdvuqxs.tricature.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}