{"report_id":"df3fa5c8-e4d9-4dff-94f8-70b3a0656bbf","version":6,"status":"done","tags":[],"date":"2026-03-28T04:13:24Z","url":{"schema":"https","addr":"slon4c----c.ru","fqdn":"slon4c----c.ru","domain":"slon4c----c.ru","tld":"ru"},"ip":{"addr":"178.20.45.8","port":0,"asn":48282,"as":"Hosting technology LTD","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"slon4c----c.ru/","fqdn":"slon4c----c.ru","domain":"slon4c----c.ru","tld":"ru"},"title":"slon4.cc — авторская парфюмерия и ароматы на заказ в Москве","dom":{"size":48705,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (360)","md5":"a866393a6a59695298fbeb98f687a9c2","sha1":"162c2ecdf68b3e8620702e97ef0f941a9caec8f2","sha256":"2c5481009d7a096afddf0552917a0d620516489c2a6bbdd84c4c8a4ab0e671ec","sha512":"410666277dc904483918101fb6bc242665e5e72cb336ff665c5fe8102e78d1cd4d7697b9c296fb670f8c550f2b702ab825d3b13a1dcd7bb847973dc4dc934935","ssdeep":"768:7rr9Wu1vDxPqKdG/IIOavZ9QjCWjCmNlPNOttcl0YL:7rr9Wu9DdEII9vZ9QjCWjCmNRNO/GvL","tlshash":"b423946121f8546a2117f096ed055b0e3ee9947f9f2f533032ac186e6fc78a8c62b71d","dom_hash":"domhashd1d367adf48330e0450d08c51c6eb30b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"slon4c----c.ru","fqdn":"slon4c----c.ru","domain":"slon4c----c.ru","tld":"ru"},"ip":{"addr":"178.20.45.8","port":0,"asn":48282,"as":"Hosting technology LTD","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-02T04:13:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"slon4c----c.ru","ip":{"addr":"178.20.45.8","port":443,"asn":48282,"as":"Hosting technology LTD","country":"Russia","country_code":"RU"},"domain_registered":"2026-03-24","domain_rank":0,"first_seen":"2026-03-28T04:13:24.339777Z","last_seen":"2026-03-28T04:13:24.339777Z","alert_count":0,"request_count":2,"received_data":53929,"sent_data":918,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"slon4c----c.ru/","fqdn":"slon4c----c.ru","domain":"slon4c----c.ru","tld":"ru"},"ip":{"addr":"178.20.45.8","port":443,"asn":48282,"as":"Hosting technology LTD","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"de7fb06634f6f8f73ebb907e95d93144","sha1":"425185a06fd345b47e3c68750f1fc81f281a3bf9","sha256":"d59b439e36974225669385a9933b0f62a2e88336112ae52dc9e9ece79fc935f5","sha512":"3d0f64c059da61c1a11346e817215e8c2dc68c60422e59bda4ab85da4517c9d794aa3cc09d0bb717f5876262daf807f0340045bdeca348c088f25dc8ea84f185","ssdeep":"","tlshash":"b4f027483d68307f50779a72436f13043f2f004a108582233df8a1ca0fe55494ab1aef","size":483,"data":"","first_seen":"2026-03-28T04:13:27.041085Z","last_seen":"2026-04-07T20:25:53.312571Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"slon4c----c.ru/","fqdn":"slon4c----c.ru","domain":"slon4c----c.ru","tld":"ru"},"ip":{"addr":"178.20.45.8","port":443,"asn":48282,"as":"Hosting technology LTD","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-28T04:13:02.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"slon4c----c.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 12:52:42 GMT","end":"Mon, 22 Jun 2026 12:52:41 GMT"},"fingerprint":{"sha1":"E8:A1:39:C4:36:9F:C6:A1:B8:F6:7F:A3:89:FD:6F:22:CB:68:FB:42","sha256":"28:8E:70:9E:B8:54:F3:6D:C7:C4:57:01:3D:4A:8B:5F:AB:B9:D8:30:C1:7D:D0:33:55:84:DC:95:95:33:D9:8D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: slon4c----c.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sat, 28 Mar 2026 04:13:02 GMT\r\nContent-Type: text/html\r\nLast-Modified: Tue, 24 Mar 2026 12:27:25 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69c2832d-bffe\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49150,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (360)","md5":"a00dd50e05a6b128fd89c567d20a902e","sha1":"342ddaf7ce3d518a9d10e4a6fc4076a006f140b7","sha256":"c17e32287391ad5a35cfd775463e6264b04d29f5f4ffdc3a9877df35dfde5194","sha512":"08d3196ed08b2b733bfc5695acc26603eb0943914d65fac1868ac9c9f43707c60ecd28885833d912dd0feb91e16fe8a723922d1d6d4a936141655f48ac71ff9e","ssdeep":"768:B5r9Wu1vDxPqKdG/IIFbvZ9QjCWjCmNlwNO3tc3wLZ:B5r9Wu9DdEIIxvZ9QjCWjCmN6NOd4kZ","tlshash":"4e23936122f8546a2117f056ed055b0e3ee9907f9f2f533032ac186e6fc78a8c62b75d","first_seen":"2026-03-28T04:13:27.037014Z","last_seen":"2026-03-28T04:29:24.30361Z","times_seen":2,"resource_available":true,"data":null}},"time_used":418,"timings":{"blocked":157,"dns":49,"connect":50,"send":0,"wait":99,"receive":1,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"slon4c----c.ru/favicon.ico","fqdn":"slon4c----c.ru","domain":"slon4c----c.ru","tld":"ru"},"ip":{"addr":"178.20.45.8","port":443,"asn":48282,"as":"Hosting technology LTD","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://slon4c----c.ru/","date":"2026-03-28T04:13:03.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"slon4c----c.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 12:52:42 GMT","end":"Mon, 22 Jun 2026 12:52:41 GMT"},"fingerprint":{"sha1":"E8:A1:39:C4:36:9F:C6:A1:B8:F6:7F:A3:89:FD:6F:22:CB:68:FB:42","sha256":"28:8E:70:9E:B8:54:F3:6D:C7:C4:57:01:3D:4A:8B:5F:AB:B9:D8:30:C1:7D:D0:33:55:84:DC:95:95:33:D9:8D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: slon4c----c.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://slon4c----c.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sat, 28 Mar 2026 04:13:03 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 4286\r\nLast-Modified: Tue, 24 Mar 2026 12:27:24 GMT\r\nConnection: keep-alive\r\nETag: \"69c2832c-10be\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 24 bits/pixel","md5":"f90dc97292c61ac05189301568564212","sha1":"f39bd72b576992385df1e1a449b5bdb8b80a3e74","sha256":"c8e72a6a9a55265d389d6c160e1e6c020bbd8c8807a8d538a68f02036ba05028","sha512":"ffe2c11b5190abed211f6465d88712c37bc2ed4d63e3a0727c6971523c2d7be45bb30614eb2d68083d396c99b4f17a08693a3b647fbb180c44f96132e26589af","ssdeep":"12:sH2DbjggggggggPoZA6MrlX0zPAl/Z5+X0tRomEXGqrEscWP17DO2y0zEWCQtVG+:sWP6MrlX0kHec+WqLPxDO2y04WDuPts","tlshash":"73918c40a2d2b699d18967310ca7cf7423719c48c81b1b2b72ed3d973df52c235192c0","first_seen":"2026-02-16T17:49:08.182201Z","last_seen":"2026-04-07T20:25:53.312022Z","times_seen":23,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}