{"report_id":"d64a731b-4cf2-4ac6-91d7-9c8843c0fdf7","version":6,"status":"done","tags":[],"date":"2026-03-24T20:20:30Z","url":{"schema":"http","addr":"slon4l.cc/","fqdn":"slon4l.cc","domain":"slon4l.cc","tld":"cc"},"ip":{"addr":"109.172.91.189","port":0,"asn":0,"as":"","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"slon4l.cc/","fqdn":"slon4l.cc","domain":"slon4l.cc","tld":"cc"},"title":"slon4.cc","dom":{"size":4197,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"bfd65973c9e367987f7ad37385ea2552","sha1":"77a3c77df9bea66506855f3debca5a5c7f9d9631","sha256":"912deb270b71895cb27793ef364ec409f31cd14e777228cce934e63094a1b949","sha512":"dc1994f55d34ef25e099a0f6795047de1bd64da26b5e36ef20671e29d6304b96f6f6032063f84e727fea27e8dc652b63d706b01677691356e3d8aabb10130d36","ssdeep":"48:nKlNvNpmq3p3r/ddjOThMRoF/8aZ9HVw/WJlQAqFsejr:n0nJldjOThfZZdyu7qFsejr","tlshash":"7c81349745a704553902d8743fdb9a5626498023c209dca87f9c239ccfcbad59af3b8c","dom_hash":"domhash7daee4acee8fd89d07cbd3cc302156bc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"slon4l.cc/","fqdn":"slon4l.cc","domain":"slon4l.cc","tld":"cc"},"ip":{"addr":"109.172.91.189","port":0,"asn":0,"as":"","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-28T20:20:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"slon4l.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"slon4l.cc","ip":{"addr":"109.172.91.189","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":5,"request_count":5,"received_data":26334,"sent_data":2429,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"slon4l.cc/","fqdn":"slon4l.cc","domain":"slon4l.cc","tld":"cc"},"ip":{"addr":"109.172.91.189","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-24T20:20:09.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"slon4l.cc","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 07:00:58 GMT","end":"Sun, 14 Jun 2026 07:00:57 GMT"},"fingerprint":{"sha1":"4E:4C:00:36:90:36:D1:33:ED:12:CD:3D:3D:13:52:43:95:70:60:F5","sha256":"8C:26:23:18:54:CF:64:3E:4C:11:AA:DB:07:86:DD:E2:BC:3F:09:8B:DF:41:7C:3A:8B:44:BB:0B:46:D4:B8:00"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: slon4l.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 24 Mar 2026 20:20:09 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: antibot=fc413f27-db18-462c-9879-70d3e25de63b; Path=/; HttpOnly; Secure; SameSite=Strict\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4383,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"8f4211def7fa9f6f5750cdae97a7346d","sha1":"8accdfb0ad4bd85bb385c2b1fc3bd2766765ea3e","sha256":"869aa69d25e48907d2ea8c31c9c7aa8d7776d4a3b33a3786a5a60d868c3d4253","sha512":"38419dadd7a0abb3b2aff611e3ad048bf7c965ed827b78ff43598060f1eed813085c4857df2c830b627021502c4d43b04a0ab502f4b7e17a37512698028573df","ssdeep":"48:tf1NeN8yrpxhHEddHjPaKow5KX8zXtiXttPIv4WBf3P:dy7uLHjPaKRPXMC4WBPP","tlshash":"df91312585851445313286b47fd25aaafb8a0123c30641a87fdc33968ffba5897b3fcc","first_seen":"2026-03-24T20:20:35.140905Z","last_seen":"2026-03-24T20:20:35.140905Z","times_seen":1,"resource_available":false,"data":null}},"time_used":459,"timings":{"blocked":165,"dns":7,"connect":49,"send":0,"wait":129,"receive":0,"ssl":106},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"slon4l.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"slon4l.cc/antibot_assets/css2.css","fqdn":"slon4l.cc","domain":"slon4l.cc","tld":"cc"},"ip":{"addr":"109.172.91.189","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://slon4l.cc/","date":"2026-03-24T20:20:09.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"slon4l.cc","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 07:00:58 GMT","end":"Sun, 14 Jun 2026 07:00:57 GMT"},"fingerprint":{"sha1":"4E:4C:00:36:90:36:D1:33:ED:12:CD:3D:3D:13:52:43:95:70:60:F5","sha256":"8C:26:23:18:54:CF:64:3E:4C:11:AA:DB:07:86:DD:E2:BC:3F:09:8B:DF:41:7C:3A:8B:44:BB:0B:46:D4:B8:00"}}},"request":{"raw":"GET /antibot_assets/css2.css HTTP/1.1\r\nHost: slon4l.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://slon4l.cc/\r\nCookie: antibot=fc413f27-db18-462c-9879-70d3e25de63b\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Tue, 24 Mar 2026 20:20:10 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 19\r\nConnection: close\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T12:33:34.927032Z","times_seen":16386556,"resource_available":true,"data":null}},"time_used":1137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"slon4l.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"slon4l.cc/antibot_assets/kraken.css","fqdn":"slon4l.cc","domain":"slon4l.cc","tld":"cc"},"ip":{"addr":"109.172.91.189","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://slon4l.cc/","date":"2026-03-24T20:20:09.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"slon4l.cc","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 07:00:58 GMT","end":"Sun, 14 Jun 2026 07:00:57 GMT"},"fingerprint":{"sha1":"4E:4C:00:36:90:36:D1:33:ED:12:CD:3D:3D:13:52:43:95:70:60:F5","sha256":"8C:26:23:18:54:CF:64:3E:4C:11:AA:DB:07:86:DD:E2:BC:3F:09:8B:DF:41:7C:3A:8B:44:BB:0B:46:D4:B8:00"}}},"request":{"raw":"GET /antibot_assets/kraken.css HTTP/1.1\r\nHost: slon4l.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://slon4l.cc/\r\nCookie: antibot=fc413f27-db18-462c-9879-70d3e25de63b\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 24 Mar 2026 20:20:10 GMT\r\nContent-Type: text/css; charset=utf-8\r\nContent-Length: 4768\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nLast-Modified: Tue, 06 Jan 2026 17:09:55 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4768,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"75fd64fc8e99dc317f41914081a03352","sha1":"97c20a567cf31b997322b3228838ae44b1394233","sha256":"db6ad8d74f75b4ec10be88cbf8dcf0134d1f63f7126accf2b375a0833aba0028","sha512":"9b8c26c9e7b3ca6fbdd5337dbbe2a6bfa06cb476355406f010cf4ea09438a406c804f5c56577e7b68b11870ee8fedb397ffd11a72ab2036c5485175779aafc99","ssdeep":"48:W3AtE0JlzWvwIpQnStqoemMHmGmRm6iRtmQmHxa9uuuma86cPBmJz9K+N3z+0hCK:/zGwIU2jMxALy63zD2s5","tlshash":"78a1df9e16022b5083324f3463979b15b72402768e4530edb8d04ab9eb96be686d0fcf","first_seen":"2024-09-22T02:59:45Z","last_seen":"2026-06-10T20:27:35.679161Z","times_seen":214,"resource_available":false,"data":null}},"time_used":438,"timings":{"blocked":149,"dns":1,"connect":49,"send":0,"wait":134,"receive":0,"ssl":102},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"slon4l.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"slon4l.cc/antibot_generatecaptcha?eAUjfqe34j","fqdn":"slon4l.cc","domain":"slon4l.cc","tld":"cc"},"ip":{"addr":"109.172.91.189","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://slon4l.cc/","date":"2026-03-24T20:20:09.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"slon4l.cc","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 07:00:58 GMT","end":"Sun, 14 Jun 2026 07:00:57 GMT"},"fingerprint":{"sha1":"4E:4C:00:36:90:36:D1:33:ED:12:CD:3D:3D:13:52:43:95:70:60:F5","sha256":"8C:26:23:18:54:CF:64:3E:4C:11:AA:DB:07:86:DD:E2:BC:3F:09:8B:DF:41:7C:3A:8B:44:BB:0B:46:D4:B8:00"}}},"request":{"raw":"GET /antibot_generatecaptcha?eAUjfqe34j HTTP/1.1\r\nHost: slon4l.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://slon4l.cc/\r\nCookie: antibot=fc413f27-db18-462c-9879-70d3e25de63b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 24 Mar 2026 20:20:11 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 11607\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nCache-Control: no-store, no-cache, must-revalidate, private\r\nExpires: 0\r\nLast-Modified: Wed, 14 Jan 2026 16:48:55 GMT\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11607,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Blender:File:C:\\Projects\\captcha\\captcha-3.blend\", comment: \"Blender:Date:2023/02/15 01:36:54\", comment: \"Blender:Time:00:00:00:00\", comment: \"Blender:Frame:000\", comment: \"Blender:Camera:Camera\", comment: \"Blender:Scene:Scene\", comment: \"Blender:RenderTime:00:00.08\", baseline, precision 8, 380x120, components 3","md5":"909f511af6e42e43ee76fc1c3a85bdf2","sha1":"bc4ba77818f5420ab0c33fbdee506da668f1f477","sha256":"59409b7205cc111260275e3dbe9c5a386adecef52c9b2b734857db1aea160209","sha512":"605110b330149f73d95b3708f1c93831728191787ba1d938d24918689d616fa52060e3ac1c125e4936549bdc33e08f2075b3f04c7d745f09127e5b600efc4b2d","ssdeep":"192:kjyhDYOsMqYWzAniDImXk4pCAwqPcLQMqPVJ2krod9QjXyK/LkZeHj:YyVYO4YWzAiVksCAvKVkVJpU4byKTLj","tlshash":"7e32bf34cb00aa27bdf17c367d1c0c92b9e55d0dfeb866117121c2ebf701892544ab4e","first_seen":"2026-03-24T20:20:35.146023Z","last_seen":"2026-04-07T20:26:17.218162Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2405,"timings":{"blocked":1131,"dns":0,"connect":52,"send":0,"wait":138,"receive":0,"ssl":105},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"slon4l.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"slon4l.cc/favicon.ico","fqdn":"slon4l.cc","domain":"slon4l.cc","tld":"cc"},"ip":{"addr":"109.172.91.189","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://slon4l.cc/","date":"2026-03-24T20:20:10.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"slon4l.cc","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 07:00:58 GMT","end":"Sun, 14 Jun 2026 07:00:57 GMT"},"fingerprint":{"sha1":"4E:4C:00:36:90:36:D1:33:ED:12:CD:3D:3D:13:52:43:95:70:60:F5","sha256":"8C:26:23:18:54:CF:64:3E:4C:11:AA:DB:07:86:DD:E2:BC:3F:09:8B:DF:41:7C:3A:8B:44:BB:0B:46:D4:B8:00"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: slon4l.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://slon4l.cc/\r\nCookie: antibot=fc413f27-db18-462c-9879-70d3e25de63b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 24 Mar 2026 20:20:11 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4383,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"4ae81de8b43ef42893286e62d5c4188d","sha1":"4613f4a8bba1f4df6ab219443f00ff42437f8e31","sha256":"f5f82bd3a5270f559be82cc743776bec9375885e8767fc2e24d036b65b1e6c06","sha512":"17a920ffb1c0e71296302a540ce2e9da113700aca08a8e9077b264d3d3d6df2b8535f124d70a78ad82104ac3135c96274e6ef378a046784205b0461eaab80179","ssdeep":"48:tf1NeN8yrpxhHEdd3+jPaKow5KX8zXtiXttPIv4WBf3P:dy7uL3+jPaKRPXMC4WBPP","tlshash":"7191422585851445313286b47fd256aafb8a0123c30241a87fdc33a68ffba5897b3fcc","first_seen":"2026-03-24T20:20:35.148188Z","last_seen":"2026-03-24T20:20:35.148188Z","times_seen":1,"resource_available":false,"data":null}},"time_used":770,"timings":{"blocked":645,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"slon4l.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}