{"report_id":"eea7041c-c08d-40f1-a3a4-4960dd32c009","version":6,"status":"done","tags":[],"date":"2026-02-09T14:31:19Z","url":{"schema":"http","addr":"captcha-krab-3at.ru/","fqdn":"captcha-krab-3at.ru","domain":"captcha-krab-3at.ru","tld":"ru"},"ip":{"addr":"193.105.134.65","port":0,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"final":{"url":{"schema":"https","addr":"captcha-krab-3at.ru/","fqdn":"captcha-krab-3at.ru","domain":"captcha-krab-3at.ru","tld":"ru"},"title":"Нумизматика: монеты, чеканка и коллекционирование | krab3at","dom":{"size":7074,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"42e8344bc51638cd1b45f737ebe670ad","sha1":"59cfa59558afd3546c3b6194b66e4f673d48c787","sha256":"27441fee16b0b24226e3e668be83b29037e55f46f281f87165a12cb42c5f2adc","sha512":"1d5a57c1b6ed8eb9c38e35da0b2e9f7acd34b4958186b63a23a4c41aa9661484774106821b7ba78c363b12a668b4a2ebfa8a8f43f928277721eb3e246872005f","ssdeep":"96:ERHMa+0BDHp/aI8wm+l1fc7dpDiAZ5ANaQsM1QlT0GO8jiHYtRmCy:QsaJ9J/a57sfcLDMaQ9QlT1OaoSmCy","tlshash":"11e15073a9e518966102e025dd007f487db8c03fab9a575535ac1abebfe62d180b330f","dom_hash":"domhash494083811baf9f0ae250cf9bd58b2e39","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"captcha-krab-3at.ru/","fqdn":"captcha-krab-3at.ru","domain":"captcha-krab-3at.ru","tld":"ru"},"ip":{"addr":"193.105.134.65","port":0,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-16T14:31:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"captcha-krab-3at.ru","ip":{"addr":"193.105.134.65","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2026-01-27","domain_rank":0,"first_seen":"2026-02-09T14:24:21.101454Z","last_seen":"2026-02-09T14:24:21.101454Z","alert_count":0,"request_count":1,"received_data":7271,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"b.fotohosting.pro","ip":{"addr":"217.107.219.53","port":443,"asn":8342,"as":"JSC RTComm.RU","country":"Russia","country_code":"RU"},"domain_registered":"2024-12-05","domain_rank":0,"first_seen":"2026-02-09T14:24:21.103527Z","last_seen":"2026-02-09T14:24:21.103527Z","alert_count":0,"request_count":2,"received_data":145960,"sent_data":912,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"captcha-krab-3at.ru/","fqdn":"captcha-krab-3at.ru","domain":"captcha-krab-3at.ru","tld":"ru"},"ip":{"addr":"193.105.134.65","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"98c2e59488849d2dc1dd4891ba31a334","sha1":"fd38594bcde8445cfa9c51468073f6604d8a1b57","sha256":"a0c14daf4e80544c000c23697dd650f9db8618f2f208112a6bb0fe634ad9d53c","sha512":"4d972ed2621c92fdfdc9ede0a6b8974d3793a980ad91fbb4337c3c3385fc74c63fa201f6cae53d7f5132bc6114606292a99183af6f2f25bd96016aa083f75c09","ssdeep":"","tlshash":"e2e0203fa6f5286055f771a317ee5284936101072445c8843e9c40908f10de453f2f9c","size":353,"data":"","first_seen":"2026-02-09T14:24:25.026936Z","last_seen":"2026-02-09T14:31:20.408377Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"captcha-krab-3at.ru/","fqdn":"captcha-krab-3at.ru","domain":"captcha-krab-3at.ru","tld":"ru"},"ip":{"addr":"193.105.134.65","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-09T14:30:58.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"captcha-krab-3at.ru","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 08:30:48 GMT","end":"Mon, 27 Apr 2026 08:30:47 GMT"},"fingerprint":{"sha1":"24:D5:80:ED:60:9B:D1:40:20:00:E7:00:5E:B4:A7:C6:3E:05:66:36","sha256":"CF:F0:C6:F2:E4:F5:47:D8:2E:51:B8:0F:4D:38:48:31:89:6F:68:BC:7B:75:DD:9B:34:3C:80:AC:DF:C4:96:EF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: captcha-krab-3at.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.26.3\r\nDate: Mon, 09 Feb 2026 14:30:58 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7092,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"05d5e4b243e81d976157a5cb4579a090","sha1":"085c53bbafe6812ce0c9855398cba49f0da9d545","sha256":"29465079faabe930944fbc51cf874d5c3315056f98f12212e92ce4a44d3b73dc","sha512":"c3cbb4dd73b21a3c4d25b3af970f500f96ab934b72475e452a2f0e356714c67693b433c3b7132880291c0b5a8a42ffab29d3f5d9278e22a3a0c03ed01721c0fc","ssdeep":"96:yRHMa+uDHp/aI8wm+l1fc7dpDiAZ5LNaQsM1QlT0GO8jiHYtRmCAz:usazJ/a57sfcLDJaQ9QlT1OaoSmCAz","tlshash":"b3e15073a9e518966102e025dd407f487db8c03fab9a575535ec19bebfe628080b330f","first_seen":"2026-02-09T14:24:25.025908Z","last_seen":"2026-02-09T14:31:20.405218Z","times_seen":2,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":39,"dns":7,"connect":8,"send":0,"wait":16,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"b.fotohosting.pro/2026/01/20/1000003519.jpg","fqdn":"b.fotohosting.pro","domain":"fotohosting.pro","tld":"pro"},"ip":{"addr":"217.107.219.53","port":443,"asn":8342,"as":"JSC RTComm.RU","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://captcha-krab-3at.ru/","date":"2026-02-09T14:30:58.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.b.fotohosting.pro","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 08:00:55 GMT","end":"Sun, 05 Apr 2026 08:00:54 GMT"},"fingerprint":{"sha1":"C6:36:62:22:93:56:61:D8:1B:9A:FF:00:68:BA:A4:47:71:AF:2A:7D","sha256":"18:8F:4F:E2:18:1C:2F:E3:8E:19:FF:46:39:30:80:34:46:E1:9E:75:24:39:F7:82:DA:DD:2C:74:27:E4:D7:DD"}}},"request":{"raw":"GET /2026/01/20/1000003519.jpg HTTP/1.1\r\nHost: b.fotohosting.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://captcha-krab-3at.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 09 Feb 2026 14:30:58 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 46744\r\nserver: Apache\r\nlast-modified: Tue, 20 Jan 2026 16:57:50 GMT\r\netag: \"b698-648d4b5321b6d\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":46744,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=0, orientation=[*0*], width=0], baseline, precision 8, 1112x382, components 3","md5":"3cb33c993d8a48226968d5a78da5dd73","sha1":"7a2c133929490c354e6ad9d419560ca90835bbf7","sha256":"2157b965e80d237d9f74f6a089f66f0fcaf03d7652bcff3c817aac0b2f4ca039","sha512":"761d023e89e112eb89ebc70f043ec664cd6b951bf4b63ce4f241114a92c64c25a971bc1451973ca41d9342e9f100f7f1ea4a27b93ab34d8c87e4f35ccb4b32df","ssdeep":"768:6D8ilFA1HCuXRl/UiQAtj+dEU23HEtIZhabmpDOxQQRgdLKPxEGv8da9kW2uDbyS:6D8EAg+yrARcESB3OLUPeZdykfuD9Rtv","tlshash":"4e23e138e187adecfd5396fa438628dde7a1643de4b20e574722c0db2651bdc86c490c","first_seen":"2026-01-19T15:42:31.198553Z","last_seen":"2026-02-27T20:31:26.010401Z","times_seen":8,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":98,"dns":2,"connect":28,"send":0,"wait":53,"receive":28,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"b.fotohosting.pro/2026/01/21/1000004779.jpg","fqdn":"b.fotohosting.pro","domain":"fotohosting.pro","tld":"pro"},"ip":{"addr":"217.107.219.53","port":443,"asn":8342,"as":"JSC RTComm.RU","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://captcha-krab-3at.ru/","date":"2026-02-09T14:30:58.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.b.fotohosting.pro","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 08:00:55 GMT","end":"Sun, 05 Apr 2026 08:00:54 GMT"},"fingerprint":{"sha1":"C6:36:62:22:93:56:61:D8:1B:9A:FF:00:68:BA:A4:47:71:AF:2A:7D","sha256":"18:8F:4F:E2:18:1C:2F:E3:8E:19:FF:46:39:30:80:34:46:E1:9E:75:24:39:F7:82:DA:DD:2C:74:27:E4:D7:DD"}}},"request":{"raw":"GET /2026/01/21/1000004779.jpg HTTP/1.1\r\nHost: b.fotohosting.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://captcha-krab-3at.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 09 Feb 2026 14:30:58 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 98745\r\nserver: Apache\r\nlast-modified: Wed, 21 Jan 2026 07:43:58 GMT\r\netag: \"181b9-648e11648186c\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":98745,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3","md5":"8e7becee0b926dd7a5e345d456f819f0","sha1":"02282aa32f10af75dab1ada03c2f0ddda54e4e58","sha256":"f6c5652e5b4943940e9df4b78847cfa8e16a488fa1d24babaa2ab098225dfd99","sha512":"3a86d28ac6a032ead0629f5fa29fe5813863cd238ad839c704a5eaac493aaad58699dbc5e9d52329e5bec42f9c7b93326444f8f20dee5283318abda7b88fe449","ssdeep":"1536:kv+Xk1zw0kEC6QOwb0MoEbstumMoRw7s9PAcPT02dnAKkcaVcPgqaGCya/vE4:26ktwD5bWxt9M4XPZ02dnANkPgqI/z","tlshash":"31a337139d2c9ad3b52c83e1fe434e9e7b566a4ced8639ff00560ec67e605260c8952f","first_seen":"2026-02-09T14:24:25.024828Z","last_seen":"2026-02-17T09:46:25.334008Z","times_seen":3,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}