Report Overview
Visitedpublic
2026-03-18 18:34:01
Tags
Submit Tags
URL
shapespace.icu/lander/sssr_zarabotok_stupid_land_nqzo_gazprom_001_target_35_55_thank_sardelka/
Finishing URL
shapespace.icu/lander/sssr_zarabotok_stupid_land_nqzo_gazprom_001_target_35_55_thank_sardelka/
IP / ASN
158.94.211.139
Title
Событие года: Всем рожденным в СССР
Detections
urlquery
0
Network Intrusion Detection
8
Threat Detection Systems
1
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
shapespace.icu 45 alert(s) on this Host | unknown | 2025-11-26 | 2026-03-18 | 2026-03-18 | 27 kB | 1.1 MB | 158.94.211.139 |     |
cdnjs.cloudflare.com | 1222 | 2009-02-17 | 2012-05-23 | 2026-03-15 | 1.4 kB | 301 kB |  104.17.25.14 | |
code.jquery.com | 4915 | 2005-12-10 | 2012-05-21 | 2026-03-15 | 422 B | 90 kB |  151.101.130.137 |  |
get.geojs.io | 99948 | 2017-02-18 | 2017-03-30 | 2026-03-11 | 446 B | 930 B | 104.26.1.100 | |
Nginx (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.jQuery:3.5.1 (JavaScript libraries)
jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.cdnjs (CDN)
cdnjs is a free distributed JS library delivery service.Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.jQuery CDN (CDN)
jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.Varnish (Caching)
Varnish is a reverse caching proxy.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| medium | Client IP | 158.94.211.139 | ET INFO Suspicious Domain (*.icu) in TLS SNI | |
| medium | 158.94.211.139 | Client IP | ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.icu) | |
| medium | 158.94.211.139 | Client IP | ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.icu) | |
| medium | 158.94.211.139 | Client IP | ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.icu) | |
| medium | 158.94.211.139 | Client IP | ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.icu) | |
| medium | 158.94.211.139 | Client IP | ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.icu) | |
| medium | 158.94.211.139 | Client IP | ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.icu) | |
| medium | Client IP | 104.26.1.100 | ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| OpenDNS | shapespace.icu | phishing | Phishing Block |
JavaScript (9)
No JavaScripts
HTTP Transactions (50)
| URL | IP | Response | Size |
|---|