{"report_id":"da2d0c2a-48a6-4ea1-8768-cbd8c90a7d67","version":6,"status":"done","tags":[],"date":"2025-01-08T11:01:38Z","url":{"schema":"http","addr":"baallsn3.beget.tech/","fqdn":"baallsn3.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"5.101.152.15","port":0,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"http","addr":"baallsn3.beget.tech/","fqdn":"baallsn3.beget.tech","domain":"beget.tech","tld":"tech"},"title":"This page is blocked by service provider."},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-03-19T11:01:38Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"cp.beget.com","ip":{"addr":"193.168.47.247","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"domain_registered":"1999-12-29","domain_rank":150465,"first_seen":"2016-03-24T06:31:11Z","last_seen":"2025-01-02T14:14:20.91935Z","alert_count":0,"request_count":3,"received_data":61539,"sent_data":1324,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-01-08T01:38:05.272172Z","alert_count":0,"request_count":2,"received_data":86330,"sent_data":1063,"comment":"","tags":null,"fingerprints":null},{"fqdn":"baallsn3.beget.tech","ip":{"addr":"5.101.152.15","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"domain_registered":"2016-08-29","domain_rank":0,"first_seen":"2025-01-06T15:45:31.549796Z","last_seen":"2025-01-06T15:45:31.549796Z","alert_count":3,"request_count":3,"received_data":74012,"sent_data":1175,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":235,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-01-08T01:51:11.139584Z","alert_count":0,"request_count":3,"received_data":45360,"sent_data":1344,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-01-08T02:17:55.323856Z","alert_count":0,"request_count":1,"received_data":30878,"sent_data":412,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-01-08T01:35:26.795263Z","alert_count":0,"request_count":2,"received_data":3705,"sent_data":922,"comment":"","tags":null,"fingerprints":null},{"fqdn":"use.fontawesome.com","ip":{"addr":"104.21.27.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-10-18","domain_rank":942,"first_seen":"2017-01-30T04:43:25Z","last_seen":"2025-01-08T02:42:23.984223Z","alert_count":0,"request_count":3,"received_data":111665,"sent_data":1494,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":[{"sensor_name":"threatfox","sensor_type":"url","title":"","description":"ThreatFox","scan_date":"2025-01-06","alert":"DCRat","trigger":"baallsn3.beget.tech","verdict":"malicious","severity":"medium","comment":"DCRat","link":"https://threatfox.abuse.ch/","meta":null},{"sensor_name":"threatfox","sensor_type":"url","title":"","description":"ThreatFox","scan_date":"2025-01-06","alert":"DCRat","trigger":"baallsn3.beget.tech","verdict":"malicious","severity":"medium","comment":"DCRat","link":"https://threatfox.abuse.ch/","meta":null},{"sensor_name":"threatfox","sensor_type":"url","title":"","description":"ThreatFox","scan_date":"2025-01-06","alert":"DCRat","trigger":"baallsn3.beget.tech","verdict":"malicious","severity":"medium","comment":"DCRat","link":"https://threatfox.abuse.ch/","meta":null}]}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b1dcb9f6bbf4676e6e141d1e496181e1","sha1":"542c7ff20f18bbf571a4b30f1606bafd77ff8fe7","sha256":"158a70efc698bbff03cf1e1780a9404a4ea1906733806887910c32a8aeb50f65","sha512":"41af66b80598cb7831fc2ad969d6bd6dd9fff41fa8b5f637154111c4a4179b12d9e477924c8c3c0532c9c09cc2ed2dc89ceb22ca14e791cd8693352f49e84ec1","ssdeep":"","tlshash":"b7310ec2327a607508f754cf6b2e0723b752b01ccf267b403bac52f84356d129ca259e","size":1565,"data":"","first_seen":"2023-04-12T00:14:07Z","last_seen":"2026-05-05T21:26:54.011629Z","times_seen":2537,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a04eafe1ff7aca96ec5b7911c44c94e3","sha1":"9a84a73412388bb759fb69086b9f4bef396b637f","sha256":"ae6a99646929c8f3d2988399386bd53bfc11e648164f8ab1a011295f944f10cb","sha512":"3991d0e58602d84d62a610ed32b65f7d87f152ceb34220c35739fd79bb02985aaf555019df48b4eb61b2aefad27063c490b21f0ebaa43ba56b146501377ed8d1","ssdeep":"","tlshash":"2f1182c0e0ef80ba49f3a0d61bde8677326d684895d06781236de72057a9a54b95ec3c","size":838,"data":"","first_seen":"2023-04-12T00:14:07Z","last_seen":"2026-05-05T21:26:54.015342Z","times_seen":2537,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"60160a46503b1f932964fae1eadff8b5","sha1":"91c9cac1ce13aa7157f3db9ef0806bc585d43bc9","sha256":"4b1f5011220ee0b079af36019131707403d8aed66a1e22c72394b09818e6f8c5","sha512":"5edc5fe469df5472bf56bc502ff568fb0e1675ef64e997e87f6c37ee8260f28cca65dde98f64c0df9c9d253563b8280bb1241feb2da5659b50434895b03512de","ssdeep":"","tlshash":"0651ba93b02bb7714cf20981bfbe264b7761b5444a3f2b513a5cb254179392acceb85c","size":2635,"data":"","first_seen":"2023-04-12T00:14:07Z","last_seen":"2026-05-05T21:26:54.013946Z","times_seen":2537,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/lodash.js/4.17.10/lodash.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"51a949e651144b8e525d4b2d913e6215","sha1":"2dfdedd20a6ec42794695a8c3797bd74417c4915","sha256":"54a21333ad7aad5cd5f8c23791930d503a18e6e4ecb9297566f11e6613682559","sha512":"813c0f4e0c6504060b183d203f9a561bf0d4757bcffed57a1764dc7ce27dfa178623eb91fcb9640d186e5e8be5965b2f4bb5db1bc7a57d5325dd9aea77a980e9","ssdeep":"1536:qaBdvaiKUejyZKzoqMAV+KCzZYnXElVHpPN+rGzz:qaxBPVQi","tlshash":"ed634fc93ac3f4664363a4b1046f088ff27d9fa5a89da108e1e1f0ec787885dd167e59","size":73156,"data":"","first_seen":"2023-03-07T01:11:36Z","last_seen":"2026-05-05T21:26:53.981597Z","times_seen":3192,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.3.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-05-06T14:40:51.706276Z","times_seen":126003,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/fancybox/3.3.5/jquery.fancybox.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b762d7a222031899a8b3d8fa8e6a21cf","sha1":"5f2927d035f3b5e99a99ca0652584bff8aa49850","sha256":"4dbe2075e08dfc008a9a1290dc149f6ee360215610cc1944bdb625c0aee3b83c","sha512":"6ebfb957b99e61acecf9f8b142379be9ef5cccdc113adc15e2cc2ea82df97847b0d61a91e197b8fa8b1a906d1442c4f74a47a05c7b4dfeee6d76079938a68fb3","ssdeep":"1536:030fUYjbgNX2wpdsuf7Ivv46Xk4nQwv5H7H1fRDHtzVcxxVoX/m:OfYjbgNDfsufeXk4nQwtDHDNzVcxxVoO","tlshash":"5153199fb710746586bb15a4a30f510ed537b41af10284b378acd4951af4fc822ebfea","size":61486,"data":"","first_seen":"2023-03-07T01:11:36Z","last_seen":"2026-05-06T14:31:43.458856Z","times_seen":4622,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"baallsn3.beget.tech/","fqdn":"baallsn3.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"5.101.152.15","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"7d47f9b71ddf11d1fb68bd945115f6cc","sha1":"5e28f946a41102ae062e042bbd71db99f8d49495","sha256":"03f3b686308b778cbb61fadfba441bf922bbb214ddf72cc42d917f071e0506ff","sha512":"d28f4b970ca607c1af58d1d17a86cd3f03c5e99000f1cc507f6b09f9725c5d5af411efe5c60d386287f5d33df8d488cd2e8721c7dd7a3c54cb22c8d54c30a6e8","ssdeep":"192:Nd8/t/VBz9qckJNo7+QoPBQtvw4I+NjaSEaLfKnKABYiHi9mytnEak:8Zn5FsP+KnKEYiHi9my8","tlshash":"5f1274b3f0b5096a0d17207aba0a650c7660803f6e959d577e9c1a1c1ff41bba6ff318","size":9643,"data":"","first_seen":"2023-04-06T02:35:57Z","last_seen":"2026-05-05T02:18:42.784635Z","times_seen":580,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"baallsn3.beget.tech/","fqdn":"baallsn3.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"5.101.152.15","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-08T11:01:13.620Z","timestamp":1736334073620,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: baallsn3.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 11:01:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 274\r\nLast-Modified: Tue, 19 Nov 2024 06:24:41 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nETag: \"673c2f29-112\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":274,"size_decoded":274,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"dde72ae232dc63298465861482d7bb93","sha1":"557c5dbebc35bc82280e2a744a03ce5e78b3e6fb","sha256":"0032588b8d93a807cf0f48a806ccf125677503a6fabe4105a6dc69e81ace6091","sha512":"389eb8f7b18fcdd1a6f275ff8acad211a10445ff412221796cd645c9a6458719cced553561e2b4d438783459d02e494d5140c0d85f2b3df617b7b2e031d234b2","ssdeep":"","tlshash":"57d02e723688c4a8e4923ea90eaa83cc5d28a9a034c3c215084ab6b098801574e336ea","first_seen":"2023-04-06T02:35:57Z","last_seen":"2026-05-06T11:20:34.719678Z","times_seen":2310,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"threatfox","sensor_type":"url","title":"","description":"ThreatFox","scan_date":"2025-01-06","alert":"DCRat","trigger":"baallsn3.beget.tech","verdict":"malicious","severity":"medium","comment":"DCRat","link":"https://threatfox.abuse.ch/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"baallsn3.beget.tech/","fqdn":"baallsn3.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"5.101.152.15","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-08T11:01:13.620Z","timestamp":1736334073620,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: baallsn3.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: beget=begetok\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 11:01:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 36396\r\nLast-Modified: Tue, 19 Nov 2024 15:40:22 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nETag: \"673cb166-8e2c\"\r\nExpires: Wed, 08 Jan 2025 11:01:12 GMT\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36396,"size_decoded":36396,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"c531d8667eaa985320ab3782c088c819","sha1":"e7834bfa267cb269538fd3ffc56fb7efe0e640d7","sha256":"4cc4ee2bacdaab5c044e206170cc172cc00457f5ec8ed9594344987eb0835ec4","sha512":"fb9fb02924a22afbf99c300fddc328c24eb20b402643f112d93f13bc0369907083bed0681e6f152829cd63b78646c894b781c87f6f9f4bbc6de706f0aa5872b7","ssdeep":"768:GafnAN5a2VF5FWFEHFlp+ZpQNmHYqADNvKJs0Z43NwHhnfw+05C91:ma2Vbsozp+7QNmHz6NvKJsG43NakCD","tlshash":"63f28363e0f114930e03a0747bae270d7a71903b998ade663ddc1b8c5fd3895d8ab359","first_seen":"2023-04-06T02:35:57Z","last_seen":"2025-03-01T10:46:02.156101Z","times_seen":474,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"threatfox","sensor_type":"url","title":"","description":"ThreatFox","scan_date":"2025-01-06","alert":"DCRat","trigger":"baallsn3.beget.tech","verdict":"malicious","severity":"medium","comment":"DCRat","link":"https://threatfox.abuse.ch/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/lodash.js/4.17.10/lodash.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:13.693Z","timestamp":1736334073693,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Nov 2024 07:25:18 GMT","end":"Mon, 24 Feb 2025 07:25:17 GMT"},"fingerprint":{"sha1":"64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02","sha256":"E2:FD:99:E5:FF:2E:79:8A:23:2B:44:C0:93:30:22:99:44:F9:88:0A:8C:26:58:B1:13:F4:D5:05:08:36:E0:2F"}}},"request":{"raw":"GET /ajax/libs/lodash.js/4.17.10/lodash.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://baallsn3.beget.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Jan 2025 11:01:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 21762\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ed2-11dc4\"\r\nlast-modified: Mon, 04 May 2020 16:12:02 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 2394094\r\nexpires: Mon, 29 Dec 2025 11:01:13 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=cbeLIvo6aDYQh2geiAlDeVDsBNAzCog6UVs0gVvNv3gkowuwlv82PRwv%2FfNQs%2BEct793%2BABzeleDjOPYSzzoKXQQZoZvaTj%2BKnsdUggIowbkKjY7hRe1Tbl9o1QGUS1Kwhny%2Fjz4\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 8febb038bf7856b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21762,"size_decoded":73156,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4234)","md5":"51a949e651144b8e525d4b2d913e6215","sha1":"2dfdedd20a6ec42794695a8c3797bd74417c4915","sha256":"54a21333ad7aad5cd5f8c23791930d503a18e6e4ecb9297566f11e6613682559","sha512":"813c0f4e0c6504060b183d203f9a561bf0d4757bcffed57a1764dc7ce27dfa178623eb91fcb9640d186e5e8be5965b2f4bb5db1bc7a57d5325dd9aea77a980e9","ssdeep":"1536:qaBdvaiKUejyZKzoqMAV+KCzZYnXElVHpPN+rGzz:qaxBPVQi","tlshash":"ed634fc93ac3f4664363a4b1046f088ff27d9fa5a89da108e1e1f0ec787885dd167e59","first_seen":"2023-03-07T01:11:36Z","last_seen":"2026-05-05T21:26:53.981597Z","times_seen":3192,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":27,"dns":0,"connect":1,"send":0,"wait":11,"receive":1,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/fancybox/3.3.5/jquery.fancybox.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:13.699Z","timestamp":1736334073699,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Nov 2024 07:25:18 GMT","end":"Mon, 24 Feb 2025 07:25:17 GMT"},"fingerprint":{"sha1":"64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02","sha256":"E2:FD:99:E5:FF:2E:79:8A:23:2B:44:C0:93:30:22:99:44:F9:88:0A:8C:26:58:B1:13:F4:D5:05:08:36:E0:2F"}}},"request":{"raw":"GET /ajax/libs/fancybox/3.3.5/jquery.fancybox.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://baallsn3.beget.tech/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Jan 2025 11:01:13 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 2949\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e58-36f1\"\r\nlast-modified: Mon, 04 May 2020 16:10:00 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1839756\r\nexpires: Mon, 29 Dec 2025 11:01:13 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=3gGsZ6TqOSu0vcpt5E8dC0Zd06nAgx1AmU8ZU2eSlFJixtHWzK0Fk8y%2FcR2GJXnf9KDDz9%2FSxrGUk8XCDKA2DJySmIXg5vbbO1Vq9lOtEQWGBaUZ5Rp9dyC2bQbOCxS7pHGyFxpA\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 8febb038cf8756b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2949,"size_decoded":14065,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (14065), with no line terminators","md5":"1679dcd38f5d43f1ef64c0ff331af810","sha1":"fe69cca0e7d419533924228c6bd434bc57ab542f","sha256":"f6f3d53dd2240261f157695adf386a5c08014298c19f62ccf63cd162996892d0","sha512":"35ea7a6b3445a389e236643fda00a7b03712e083f79c5efbf8cde336ff58c3164f19e9dfb4b63457a2b245aab0e13e1f8e5a527aa02109040182b389fab981f2","ssdeep":"192:LSI+Dc4r6oiMtKtlgjg0xY7Z394C6vGgjq5TCb:GIu7qMtKtlgkr7Z0vGTZi","tlshash":"855252636140325c507bcd61d7cf9948e239c152a6221afbf64cfd59cbc7be822c62c6","first_seen":"2023-04-06T01:20:39Z","last_seen":"2026-05-06T14:31:43.443022Z","times_seen":4750,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":28,"dns":1,"connect":1,"send":0,"wait":14,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/fancybox/3.3.5/jquery.fancybox.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:13.700Z","timestamp":1736334073700,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Nov 2024 07:25:18 GMT","end":"Mon, 24 Feb 2025 07:25:17 GMT"},"fingerprint":{"sha1":"64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02","sha256":"E2:FD:99:E5:FF:2E:79:8A:23:2B:44:C0:93:30:22:99:44:F9:88:0A:8C:26:58:B1:13:F4:D5:05:08:36:E0:2F"}}},"request":{"raw":"GET /ajax/libs/fancybox/3.3.5/jquery.fancybox.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://baallsn3.beget.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Jan 2025 11:01:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 17617\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e58-f02e\"\r\nlast-modified: Mon, 04 May 2020 16:10:00 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1841672\r\nexpires: Mon, 29 Dec 2025 11:01:13 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=7WexE60gzgW0gwJaVUaVSXMzErqYjx6nNzIn1OpIVO0LvI170sdDsJZ4BtBkshNxgaCNoDeaP6dp8dHgOsxx0hBMGvkfP4pl9BzYT%2FWaQ0x7WNNIP67bgrPeYlfvWmWi88dGydvf\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 8febb038efba56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17617,"size_decoded":61486,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32006)","md5":"b762d7a222031899a8b3d8fa8e6a21cf","sha1":"5f2927d035f3b5e99a99ca0652584bff8aa49850","sha256":"4dbe2075e08dfc008a9a1290dc149f6ee360215610cc1944bdb625c0aee3b83c","sha512":"6ebfb957b99e61acecf9f8b142379be9ef5cccdc113adc15e2cc2ea82df97847b0d61a91e197b8fa8b1a906d1442c4f74a47a05c7b4dfeee6d76079938a68fb3","ssdeep":"1536:030fUYjbgNX2wpdsuf7Ivv46Xk4nQwv5H7H1fRDHtzVcxxVoX/m:OfYjbgNDfsufeXk4nQwtDHDNzVcxxVoO","tlshash":"5153199fb710746586bb15a4a30f510ed537b41af10284b378acd4951af4fc822ebfea","first_seen":"2023-03-07T01:11:36Z","last_seen":"2026-05-06T14:31:43.458856Z","times_seen":4622,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":51,"dns":6,"connect":1,"send":0,"wait":11,"receive":1,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.3.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:13.696Z","timestamp":1736334073696,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo ECC Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Jun 2024 00:00:00 GMT","end":"Wed, 25 Jun 2025 23:59:59 GMT"},"fingerprint":{"sha1":"CD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5","sha256":"AB:77:AE:8B:01:C3:97:E7:80:17:A2:C0:A0:8D:8A:BE:C9:8A:77:1C:06:8C:B9:64:E1:7B:E5:9F:3B:E7:EC:FA"}}},"request":{"raw":"GET /jquery-3.3.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://baallsn3.beget.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1538f\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 08 Jan 2025 11:01:13 GMT\r\nage: 2511127\r\nx-served-by: cache-lga13622-LGA, cache-hel1410034-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 65, 129836\r\nx-timer: S1736334074.799759,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30288\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30288,"size_decoded":86927,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-05-06T14:40:51.706276Z","times_seen":126003,"resource_available":true,"data":null}},"time_used":222,"timings":{"blocked":87,"dns":3,"connect":32,"send":0,"wait":27,"receive":10,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=PT+Sans+Caption\u0026subset=cyrillic,latin-ext","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:13.704Z","timestamp":1736334073704,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D","sha256":"7D:F5:AB:9A:97:34:D8:88:D9:F0:60:60:A2:9D:D1:4F:BF:36:29:43:AA:5D:4E:48:B3:17:0C:A5:B7:05:FF:BF"}}},"request":{"raw":"GET /css?family=PT+Sans+Caption\u0026subset=cyrillic,latin-ext HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://baallsn3.beget.tech/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 08 Jan 2025 11:01:13 GMT\r\ndate: Wed, 08 Jan 2025 11:01:13 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":983,"size_decoded":983,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression","md5":"6c1ac5492dc94f9e6d632e5e97daf107","sha1":"4623263fe7495426c224332225b500b69e697175","sha256":"167b899acaba43c50d35f4f04141383d6a7b4d077568ee2940f19c04fd51e6c6","sha512":"f6c558c872e9dc005ee9ff977193c36bb0c49109d4b3b9e6fceadde8d70101dce8c44cea79fa189ee5e47b66ca6c3ce751fdad87577011beb5bb2c95affabeb5","ssdeep":"","tlshash":"61116154567b3927b04520293d7ce7840c589a8f3826cc865434c2a3719c9f8f8c485e","first_seen":"2025-01-08T11:01:39.462768Z","last_seen":"2025-01-08T11:01:39.462768Z","times_seen":1,"resource_available":false,"data":null}},"time_used":466,"timings":{"blocked":219,"dns":3,"connect":17,"send":0,"wait":23,"receive":0,"ssl":198},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"use.fontawesome.com/releases/v5.2.0/css/solid.css","fqdn":"use.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.21.27.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:13.705Z","timestamp":1736334073705,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jan 2025 23:52:55 GMT","end":"Sun, 06 Apr 2025 00:52:49 GMT"},"fingerprint":{"sha1":"C3:0F:A8:70:18:47:83:79:64:E6:D2:14:74:73:F9:8F:85:B6:37:86","sha256":"30:36:DE:BB:26:04:E0:63:56:8D:FE:AF:97:93:BA:19:EF:1E:93:D5:C0:CF:05:F9:5B:1D:CD:A1:4D:62:5B:34"}}},"request":{"raw":"GET /releases/v5.2.0/css/solid.css HTTP/1.1\r\nHost: use.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://baallsn3.beget.tech\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://baallsn3.beget.tech/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Jan 2025 11:01:13 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\netag: W/\"ad53ee37dc67730269f8944b5913d4c0\"\r\nlast-modified: Fri, 22 Sep 2023 01:45:25 GMT\r\nvary: Origin, Accept-Encoding\r\ncf-cache-status: MISS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=mpllNsmQNBEltZxV4RTMsH6uU%2B%2FCcQhKLL4uqbCbloBZuq%2BO2r6WJWmr8HJbCbmuOvPHrz%2Bk6O2OVgxtK3svgoNhQzKSPMR%2Bk3v2WpAbpOZJdr7PmcOyN%2FlzCGApepnFPq%2BTE6Z7\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8febb038fb6056ba-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=545\u0026min_rtt=387\u0026rtt_var=292\u0026sent=8\u0026recv=12\u0026lost=0\u0026retrans=0\u0026sent_bytes=3202\u0026recv_bytes=1202\u0026delivery_rate=7109656\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=6b1d0110b7d3c3c6\u0026ts=218\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":757,"size_decoded":644,"mime_type":"text/css","magic":"ASCII text, with very long lines (464)","md5":"ad53ee37dc67730269f8944b5913d4c0","sha1":"bfa932644183366bb9691fd1464094df448ba87f","sha256":"558a9382560645a009622da8ccbc22e7bb009203cc7c496873d043524ffdb460","sha512":"dd796aebf9b5a5cfbc4fba41a756c4897aa478f5e579062ac2b38961477d40e6c53368e4b4065d8c5009643352d77906f23f7ffaee4f844ce115112d4c0728ce","ssdeep":"","tlshash":"99f02d6e4646194141c10b0138d9fa5ddd46f0a87c582f33a12adc3d8cf9d5f11b9f19","first_seen":"2023-04-06T02:35:57Z","last_seen":"2026-05-05T21:26:53.983924Z","times_seen":2342,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":53,"dns":3,"connect":4,"send":0,"wait":168,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cp.beget.com/i/logo.png","fqdn":"cp.beget.com","domain":"beget.com","tld":"com"},"ip":{"addr":"193.168.47.247","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:13.710Z","timestamp":1736334073710,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cp.beget.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Dec 2024 23:16:34 GMT","end":"Thu, 20 Mar 2025 23:16:33 GMT"},"fingerprint":{"sha1":"85:CE:6D:D0:B6:E8:CE:2D:AF:DB:E9:27:57:A7:67:66:11:78:C2:4C","sha256":"F1:5A:EC:26:54:F5:6A:F1:77:DA:55:41:9B:5A:CA:87:35:68:F9:2F:BB:3D:C8:97:B0:33:C5:81:76:D0:84:4B"}}},"request":{"raw":"GET /i/logo.png HTTP/1.1\r\nHost: cp.beget.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://baallsn3.beget.tech/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Jan 2025 11:01:14 GMT\r\ncontent-type: image/png\r\ncontent-length: 6686\r\nlast-modified: Fri, 27 Dec 2024 12:48:39 GMT\r\netag: \"676ea227-1a1e\"\r\nexpires: Fri, 07 Feb 2025 11:01:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6686,"size_decoded":6686,"mime_type":"image/png","magic":"PNG image data, 195 x 89, 8-bit/color RGBA, non-interlaced","md5":"e619e67b3e2efe2c6acb95a4ed1d06d7","sha1":"4bbdd81b087a472cd58b56d51d82dcd21b04353b","sha256":"9db7c6e307c01199ecbe2f94ae37f5538f484bba74054802876c01dcffd9d55f","sha512":"963d60c31efb3ce085ce716aa5dbf3ac442c2f3db4b592f2061f2912108f627f516831915d1dd7a606a2072af48ea46642608c7bd5a6c7f0abf10c8ab29e6c6f","ssdeep":"192:I2SCSy2y34Faf+qUwr0+qaQj8y7O481KQhmPz:Ke4wzg+q1Iy9nNz","tlshash":"94d190a85fef53b0ca9b9b5f04af5aa85ed21d9917b37808050ff369f40bb050d64236","first_seen":"2023-04-30T19:57:28Z","last_seen":"2026-05-05T21:26:53.993641Z","times_seen":3337,"resource_available":false,"data":null}},"time_used":681,"timings":{"blocked":332,"dns":21,"connect":35,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cp.beget.com/img/octo/octo_error.png","fqdn":"cp.beget.com","domain":"beget.com","tld":"com"},"ip":{"addr":"193.168.47.247","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:13.717Z","timestamp":1736334073717,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cp.beget.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Dec 2024 23:16:34 GMT","end":"Thu, 20 Mar 2025 23:16:33 GMT"},"fingerprint":{"sha1":"85:CE:6D:D0:B6:E8:CE:2D:AF:DB:E9:27:57:A7:67:66:11:78:C2:4C","sha256":"F1:5A:EC:26:54:F5:6A:F1:77:DA:55:41:9B:5A:CA:87:35:68:F9:2F:BB:3D:C8:97:B0:33:C5:81:76:D0:84:4B"}}},"request":{"raw":"GET /img/octo/octo_error.png HTTP/1.1\r\nHost: cp.beget.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://baallsn3.beget.tech/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Jan 2025 11:01:14 GMT\r\ncontent-type: image/png\r\ncontent-length: 49348\r\nlast-modified: Fri, 27 Dec 2024 12:48:40 GMT\r\netag: \"676ea228-c0c4\"\r\nexpires: Fri, 07 Feb 2025 11:01:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49348,"size_decoded":49348,"mime_type":"image/png","magic":"PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced","md5":"e093637aceb0d1e394bea20078de3fa2","sha1":"fc5f1ef3489f3fdcaff7dc226d797495978a31b2","sha256":"c5c8b8e31b6e40ab95ce719d7d4035c1215b654635e9ad23f62cd44f266d7948","sha512":"a9e64e2beb6b51be4d2d32fff8629881ac18fc5e2529b12e935e7c6269120e2bf0cc409e4a89d4a8e52c18f61fd569b1d5e52ab74a307da2759f0c4a70dab7e1","ssdeep":"768:7QdlFrHYqXjHc43rFvfJeYso8l5dwRkTgV74BagRMTuKp/:8tHtzHc43r5ReAcgJZ6Kp/","tlshash":"4f23020dfa465815c1527e9cfd28becf183d886ee3173186f7da264c5dc969e4c8b221","first_seen":"2023-04-06T15:16:53Z","last_seen":"2026-05-05T21:26:53.994998Z","times_seen":2130,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":231,"dns":0,"connect":37,"send":0,"wait":62,"receive":39,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:14.070Z","timestamp":1736334074070,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF","sha256":"0C:0D:EC:55:A6:58:72:97:20:B5:7E:DB:CB:E9:4D:9D:F8:CA:76:37:D0:6A:16:15:D3:64:D6:47:3C:D1:A9:30"}}},"request":{"raw":"GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://baallsn3.beget.tech\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 45300\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Jan 2025 06:51:35 GMT\r\nexpires: Sun, 04 Jan 2026 06:51:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 360579\r\nlast-modified: Wed, 27 Apr 2022 16:11:08 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45300,"size_decoded":45300,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 45300, version 1.0","md5":"5fe660c3a23b871807b0e1d3ee973d23","sha1":"62a9dd423b30b6ee3ab3dd40d573545d579af10a","sha256":"e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d","sha512":"9eb08055befc2b70cc8bba34496f14414ea32f5b97f185d357f100ea7d74bfdc12afd815a53e629d02a53dc7f3e37096df8bbbd36ab44a011c1a4288b42780cd","ssdeep":"768:XNcHdvw7wbeW4t3x3dcjsflPt8YCRzGzgI/gBPaKkqnMMUQAbc6VBhXGGVJM/:XNmdvw73NAIlPtZCRzGzg+QPaKkqnMMv","tlshash":"4d1302bed59568a42c6e06e75ba17b03e7ab9f3260f97b2107c732a3c73455cd42108e","first_seen":"2023-04-05T14:04:03Z","last_seen":"2026-05-06T12:51:42.961812Z","times_seen":8200,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":98,"dns":27,"connect":8,"send":0,"wait":14,"receive":18,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/ptsanscaption/v19/0FlMVP6Hrxmt7-fsUFhlFXNIlpcaeg_x.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:14.073Z","timestamp":1736334074073,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF","sha256":"0C:0D:EC:55:A6:58:72:97:20:B5:7E:DB:CB:E9:4D:9D:F8:CA:76:37:D0:6A:16:15:D3:64:D6:47:3C:D1:A9:30"}}},"request":{"raw":"GET /s/ptsanscaption/v19/0FlMVP6Hrxmt7-fsUFhlFXNIlpcaeg_x.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://baallsn3.beget.tech\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39364\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Jan 2025 04:23:50 GMT\r\nexpires: Sun, 04 Jan 2026 04:23:50 GMT\r\ncache-control: public, max-age=31536000\r\nage: 369444\r\nlast-modified: Tue, 02 May 2023 14:55:27 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39364,"size_decoded":39364,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39364, version 1.0","md5":"3a8012ec36f9a10b6e08246ab0b2b3bd","sha1":"4c175a2409791b7637cce679653d174f528f81c9","sha256":"c9e8c3d39f75bcfd9c4cb7e4d2fcd5720993fd73e0ccb0bab98adb4ffabf1296","sha512":"414943424bd266bf900c90af458d4ffc29af801021418c3c126f257dbaa52009545499ff28983f6a5790034d01bad8e64d444dd0218120ae59ba97a389202c1f","ssdeep":"768:vglIkANrgZVihqzYjrVs0Jua2ccnv9bGECRfGer4vzcaa:vglIZ2MqMrVVtqnVbGRBt","tlshash":"c90301d893dcb80516a59289d332bf46d00ff58091227806795e3ba58d5cbc22acba7f","first_seen":"2023-05-03T04:22:51Z","last_seen":"2026-05-06T11:26:08.980695Z","times_seen":3986,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":113,"dns":24,"connect":21,"send":0,"wait":15,"receive":12,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"baallsn3.beget.tech/favicon.ico","fqdn":"baallsn3.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"5.101.152.15","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:14.273Z","timestamp":1736334074273,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: baallsn3.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://baallsn3.beget.tech/\r\nCookie: beget=begetok\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 11:01:14 GMT\r\nContent-Type: text/html\r\nContent-Length: 36396\r\nLast-Modified: Tue, 19 Nov 2024 15:40:22 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nETag: \"673cb166-8e2c\"\r\nExpires: Wed, 08 Jan 2025 11:01:13 GMT\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36396,"size_decoded":36396,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"c531d8667eaa985320ab3782c088c819","sha1":"e7834bfa267cb269538fd3ffc56fb7efe0e640d7","sha256":"4cc4ee2bacdaab5c044e206170cc172cc00457f5ec8ed9594344987eb0835ec4","sha512":"fb9fb02924a22afbf99c300fddc328c24eb20b402643f112d93f13bc0369907083bed0681e6f152829cd63b78646c894b781c87f6f9f4bbc6de706f0aa5872b7","ssdeep":"768:GafnAN5a2VF5FWFEHFlp+ZpQNmHYqADNvKJs0Z43NwHhnfw+05C91:ma2Vbsozp+7QNmHz6NvKJsG43NakCD","tlshash":"63f28363e0f114930e03a0747bae270d7a71903b998ade663ddc1b8c5fd3895d8ab359","first_seen":"2023-04-06T02:35:57Z","last_seen":"2025-03-01T10:46:02.156101Z","times_seen":474,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"threatfox","sensor_type":"url","title":"","description":"ThreatFox","scan_date":"2025-01-06","alert":"DCRat","trigger":"baallsn3.beget.tech","verdict":"malicious","severity":"medium","comment":"DCRat","link":"https://threatfox.abuse.ch/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2","fqdn":"use.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.21.27.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:14.284Z","timestamp":1736334074284,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jan 2025 23:52:55 GMT","end":"Sun, 06 Apr 2025 00:52:49 GMT"},"fingerprint":{"sha1":"C3:0F:A8:70:18:47:83:79:64:E6:D2:14:74:73:F9:8F:85:B6:37:86","sha256":"30:36:DE:BB:26:04:E0:63:56:8D:FE:AF:97:93:BA:19:EF:1E:93:D5:C0:CF:05:F9:5B:1D:CD:A1:4D:62:5B:34"}}},"request":{"raw":"GET /releases/v5.2.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: use.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://baallsn3.beget.tech\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://use.fontawesome.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Jan 2025 11:01:14 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 62472\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\netag: \"b75b4bfe0d58faeced5006c785eaae23\"\r\nlast-modified: Fri, 22 Sep 2023 01:45:27 GMT\r\nvary: Origin, Accept-Encoding\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=7RW6FgbJNVxyJbSKphljxI8sg497%2FBKXxWgho1BcO99RSNlvoZB2FHU5NeHRciSW6kkkXZXRXPl6cTAXbrtKfc%2FmdaNvg4NK1883LXmMOzFTPR6ntp6mw2A8OYjcNlcouc9oU5Xd\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8febb03c384b56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=635\u0026min_rtt=387\u0026rtt_var=271\u0026sent=21\u0026recv=16\u0026lost=0\u0026retrans=0\u0026sent_bytes=14853\u0026recv_bytes=1386\u0026delivery_rate=14538152\u0026cwnd=256\u0026unsent_bytes=0\u0026cid=6b1d0110b7d3c3c6\u0026ts=736\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":62472,"size_decoded":62472,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 62472, version 1.0","md5":"b75b4bfe0d58faeced5006c785eaae23","sha1":"92da6e3c7121e21cdfde25ef08797a3937a683e1","sha256":"5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f","sha512":"34abbe454074176ec90d90dd8125339eec1348943ef77c8529c5d0db9df593802a47f6a52cea37e2ed1f7da609893645b561ac0bc0054a06d81d367d2c702ccf","ssdeep":"1536:mt3IPiBbeBXYTcV2uesj65wJ6z4lhTg3Wqo9XsVEV:mNIMbeBIpE65wDlpgO9XsVEV","tlshash":"52530259247d3b87ed7e78c7737242df3490344a6b44c5fa631c705fc848aa6ad1a12d","first_seen":"2023-04-05T15:39:33Z","last_seen":"2026-05-06T11:28:28.323079Z","times_seen":6607,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cp.beget.com/img/icons/new_alert/locked.svg","fqdn":"cp.beget.com","domain":"beget.com","tld":"com"},"ip":{"addr":"193.168.47.247","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:14.057Z","timestamp":1736334074057,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cp.beget.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Dec 2024 23:16:34 GMT","end":"Thu, 20 Mar 2025 23:16:33 GMT"},"fingerprint":{"sha1":"85:CE:6D:D0:B6:E8:CE:2D:AF:DB:E9:27:57:A7:67:66:11:78:C2:4C","sha256":"F1:5A:EC:26:54:F5:6A:F1:77:DA:55:41:9B:5A:CA:87:35:68:F9:2F:BB:3D:C8:97:B0:33:C5:81:76:D0:84:4B"}}},"request":{"raw":"GET /img/icons/new_alert/locked.svg HTTP/1.1\r\nHost: cp.beget.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://baallsn3.beget.tech/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Jan 2025 11:01:14 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 27 Dec 2024 12:48:40 GMT\r\netag: W/\"676ea228-413\"\r\nexpires: Fri, 07 Feb 2025 11:01:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-encoding: gzip\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4344,"size_decoded":4344,"mime_type":"image/svg+xml","magic":"gzip compressed data, from Unix","md5":"bf91820b6ca48a4ff42a7c9995736a4b","sha1":"f409b895c03624fd1c5dd8f772e0d7b3ebdb170f","sha256":"18146cde6277fbdd1bc763c4be92be4120a0633a05b93b475d3e8d31f2752ed5","sha512":"78675cae7893d5f5618a58e63e6115ba941187550320c24078d2bbf33b09e6a7b30bb9c89fab9563fa644f7be2d4d38796357e8b2cdc97639a4ae552f20845bc","ssdeep":"96:iqBeDjK2EatrtPeANPnNiD3ZMb9BKxg0mlrFln2TAlmAk7:UjE4rtPeA1nsDEam1l2l","tlshash":"b5917c8cad496070e1348dffb6f9d4da736b2c5803940f5a7aeb60008e3e1f01a1f442","first_seen":"2025-01-08T11:01:39.469776Z","last_seen":"2025-01-08T11:01:39.469776Z","times_seen":1,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=PT+Sans\u0026subset=cyrillic,latin-ext","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:13.701Z","timestamp":1736334073701,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D","sha256":"7D:F5:AB:9A:97:34:D8:88:D9:F0:60:60:A2:9D:D1:4F:BF:36:29:43:AA:5D:4E:48:B3:17:0C:A5:B7:05:FF:BF"}}},"request":{"raw":"GET /css?family=PT+Sans\u0026subset=cyrillic,latin-ext HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://baallsn3.beget.tech/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 08 Jan 2025 11:01:13 GMT\r\ndate: Wed, 08 Jan 2025 11:01:13 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1352,"size_decoded":1352,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1384), with no line terminators","md5":"b87f38d73796f8018db2bbdbd4982a59","sha1":"d13bf174ac682984783fe1229f7befecb75cff22","sha256":"7e9fe16d8b6f7b9d6c002cdb5d912b83f8669bd0be332ce073a410d38ec6d529","sha512":"d65e62425331cfe035a40ff1e67267cb440b92dda03a36a60cf908330d903f52c046a3fe0d8c41e1c2a6e5dd6100b3d8d7ea9ad5b5e474581c79d525a7040b81","ssdeep":"","tlshash":"ac21dc821417a84467430ed933df7932ae0e674060652133abff1cdaad96d295370b9c","first_seen":"2024-10-16T18:46:50.5087Z","last_seen":"2025-04-06T07:16:50.551378Z","times_seen":197,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":223,"dns":5,"connect":29,"send":0,"wait":20,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"use.fontawesome.com/releases/v5.2.0/css/fontawesome.css","fqdn":"use.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.21.27.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://baallsn3.beget.tech/","date":"2025-01-08T11:01:13.708Z","timestamp":1736334073708,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jan 2025 23:52:55 GMT","end":"Sun, 06 Apr 2025 00:52:49 GMT"},"fingerprint":{"sha1":"C3:0F:A8:70:18:47:83:79:64:E6:D2:14:74:73:F9:8F:85:B6:37:86","sha256":"30:36:DE:BB:26:04:E0:63:56:8D:FE:AF:97:93:BA:19:EF:1E:93:D5:C0:CF:05:F9:5B:1D:CD:A1:4D:62:5B:34"}}},"request":{"raw":"GET /releases/v5.2.0/css/fontawesome.css HTTP/1.1\r\nHost: use.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://baallsn3.beget.tech\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://baallsn3.beget.tech/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Jan 2025 11:01:13 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\netag: W/\"8969f087782a0c46deb8773407768fec\"\r\nlast-modified: Fri, 22 Sep 2023 01:45:25 GMT\r\nvary: Origin, Accept-Encoding\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=AqBjLkOVvek0MlPRxPCoHCTDeDA1%2BhW6EftNsXwRT2T35gkO3Klrhv1TISiO53%2F0PgAgpN8MgwKo4z92Jjxddwddvwd7B%2BK%2F3zpoVPV1uvR9n16Le3TcdiCxwv0IWnAGw2KCM8%2FF\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8febb038fb5856ba-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=594\u0026min_rtt=387\u0026rtt_var=317\u0026sent=10\u0026recv=13\u0026lost=0\u0026retrans=0\u0026sent_bytes=4223\u0026recv_bytes=1202\u0026delivery_rate=7109656\u0026cwnd=256\u0026unsent_bytes=0\u0026cid=6b1d0110b7d3c3c6\u0026ts=238\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45557,"size_decoded":45557,"mime_type":"text/css","magic":"ASCII text, with very long lines (45377)","md5":"8969f087782a0c46deb8773407768fec","sha1":"d861c377454c6c3094d9332f1e38d7fa2b9c66c1","sha256":"15a4b768dcf0208dc3665c311ba8469dcb3a1b3d75d6a1a3ce553858daa2f51e","sha512":"a6fafbc54abed55efb19699956f41b3399a8ce5da2a2e0b3c891b7c71c493e8190dc79711d498c1f1967c38bc550d5f5823f34587e173bb6b6ba7f9741936425","ssdeep":"768:m31EUdlQ62oU2lfQkOt/rMdj3RScMxB8//:PUdC62oLo35sINAn","tlshash":"e0130bb8e58c41d5a731c04fff42b2b861baf73ce5854d95f04e691c2ad22a811c5fba","first_seen":"2023-04-06T01:20:39Z","last_seen":"2026-05-05T21:26:53.998872Z","times_seen":3201,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":49,"dns":3,"connect":3,"send":0,"wait":190,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}