{"report_id":"f5c9e6f4-c548-4dfa-83b8-148500c203d2","version":6,"status":"done","tags":[],"date":"2026-04-20T13:28:50Z","url":{"schema":"http","addr":"slon6k.cc/","fqdn":"slon6k.cc","domain":"slon6k.cc","tld":"cc"},"ip":{"addr":"5.23.52.13","port":0,"asn":9123,"as":"TimeWeb Ltd.","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"slon6k.cc/","fqdn":"slon6k.cc","domain":"slon6k.cc","tld":"cc"},"title":"KRAKEN","dom":{"size":4195,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"4553aaeca677ec286c3010a27c7938c2","sha1":"dd32ae9431a470f5cc1bd83e4eae2e7ec6e01e0b","sha256":"b7ffc55e36627d6f7ba46e5eabc004bfb9079a119d671a0b57720c0298f9ba3f","sha512":"bcac5de9acedabc88218d0effe5228959bcdf37635b17db95bc5bda0d2558d36c0d82d5f2e24f99923d5e223f0a8d41b306f9d4dd2133f0ea037feb48a3a7dd8","ssdeep":"48:nKpNvNpmq3p3r/dKjOThMRoF/8aZ9HVw/WJlQAqFsejr:nonJlKjOThfZZdyu7qFsejr","tlshash":"e981345745a704553942d8743fdb965626498023c209d8a87f9c229ccfcb6d59af3b8c","dom_hash":"domhash7daee4acee8fd89d07cbd3cc302156bc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"slon6k.cc/","fqdn":"slon6k.cc","domain":"slon6k.cc","tld":"cc"},"ip":{"addr":"5.23.52.13","port":0,"asn":9123,"as":"TimeWeb Ltd.","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-25T13:28:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"slon6k.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"slon6k.cc","ip":{"addr":"5.23.52.13","port":443,"asn":9123,"as":"TimeWeb Ltd.","country":"Russia","country_code":"RU"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":5,"request_count":5,"received_data":26578,"sent_data":2429,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"slon6k.cc/","fqdn":"slon6k.cc","domain":"slon6k.cc","tld":"cc"},"ip":{"addr":"5.23.52.13","port":443,"asn":9123,"as":"TimeWeb Ltd.","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-20T13:28:27.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"slon6k.cc","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 10:41:24 GMT","end":"Sun, 19 Jul 2026 10:41:23 GMT"},"fingerprint":{"sha1":"08:D3:14:23:E8:59:76:BF:BC:E0:80:CE:72:D0:43:50:49:8B:F3:41","sha256":"F5:45:B4:45:B2:D5:3C:C1:79:EE:03:3C:9E:75:9A:D2:D6:BB:36:CC:45:AC:EF:CB:47:39:8E:F4:32:A8:EA:F9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: slon6k.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 20 Apr 2026 13:28:27 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: antibot=0cc7ebc7-3fd8-4722-ad59-81f10bb9a160; Path=/; HttpOnly; Secure; SameSite=Strict\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4381,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"a14eddf90a340ebb89a966e582a24d5d","sha1":"b564c4eebf8d87a92fc41d6412269959ee6df1b2","sha256":"67a2971d950fca033e4bf0e0ee8755dbd8cd252a66a914708cdfbadd8be27d90","sha512":"82ebf744c5385beae34dfb50f5be9074c553d5641196995cc4bd89b4fa5f664f154f9476f2f155ce5b2fed49eab83b9039e99f3fb3ad8a255e84089f3b8884bc","ssdeep":"48:tfJNeN8yrpxhHEddIjPaKow5KX8zXtiXttPIv4WBf3P:py7uLIjPaKRPXMC4WBPP","tlshash":"8091212585451445313296b47fd256aafb8a0123c30250a87fdc33964ffba5896b3fcc","first_seen":"2026-04-20T13:28:53.869549Z","last_seen":"2026-04-20T13:28:53.869549Z","times_seen":1,"resource_available":true,"data":null}},"time_used":435,"timings":{"blocked":152,"dns":16,"connect":43,"send":0,"wait":130,"receive":0,"ssl":92},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"slon6k.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"slon6k.cc/antibot_generatecaptcha?VHUmvuqS6B","fqdn":"slon6k.cc","domain":"slon6k.cc","tld":"cc"},"ip":{"addr":"5.23.52.13","port":443,"asn":9123,"as":"TimeWeb Ltd.","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://slon6k.cc/","date":"2026-04-20T13:28:27.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"slon6k.cc","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 10:41:24 GMT","end":"Sun, 19 Jul 2026 10:41:23 GMT"},"fingerprint":{"sha1":"08:D3:14:23:E8:59:76:BF:BC:E0:80:CE:72:D0:43:50:49:8B:F3:41","sha256":"F5:45:B4:45:B2:D5:3C:C1:79:EE:03:3C:9E:75:9A:D2:D6:BB:36:CC:45:AC:EF:CB:47:39:8E:F4:32:A8:EA:F9"}}},"request":{"raw":"GET /antibot_generatecaptcha?VHUmvuqS6B HTTP/1.1\r\nHost: slon6k.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://slon6k.cc/\r\nCookie: antibot=0cc7ebc7-3fd8-4722-ad59-81f10bb9a160\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 20 Apr 2026 13:28:28 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 11850\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nCache-Control: no-store, no-cache, must-revalidate, private\r\nExpires: 0\r\nLast-Modified: Wed, 14 Jan 2026 16:48:55 GMT\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11850,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Blender:File:C:\\Projects\\captcha\\captcha-3.blend\", comment: \"Blender:Date:2023/02/14 23:00:32\", comment: \"Blender:Time:00:00:00:00\", comment: \"Blender:Frame:000\", comment: \"Blender:Camera:Camera\", comment: \"Blender:Scene:Scene\", comment: \"Blender:RenderTime:00:00.08\", baseline, precision 8, 380x120, components 3","md5":"d3263f36a7c18d52b06742d72686f2d1","sha1":"b7a7b5259bbc8ae262e837ad2f8db185cb1c0004","sha256":"0b43cb2c131252384c75beaba7c308037ed3ffe6291e88ef2c126a4917ab6729","sha512":"a4ab2893fc81b82a6d0751120aaf00beaa44dad991008f9ff8af5d60a6111aec71c58a837bb3411f3be65ca60d2420e4d4cbf8fbcf38b9af6fedfb79a6eaf691","ssdeep":"192:ajyzEQjkm8g4omgFMmgP2O+oKe+ZQJRH19FEiOE+njmbvFjfZIdCREGAyH6NC4u4:OyHgHtHvJJNE62jmbN0CR3fH6NCV0J","tlshash":"eb32cfdfcd438698be6265bbe71916e0c8207403f93fb424489b90e6d18e5994ae84e3","first_seen":"2026-04-20T13:28:53.870459Z","last_seen":"2026-04-20T13:28:53.870459Z","times_seen":1,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":244,"dns":0,"connect":0,"send":0,"wait":98,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"slon6k.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"slon6k.cc/antibot_assets/css2.css","fqdn":"slon6k.cc","domain":"slon6k.cc","tld":"cc"},"ip":{"addr":"5.23.52.13","port":443,"asn":9123,"as":"TimeWeb Ltd.","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://slon6k.cc/","date":"2026-04-20T13:28:27.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"slon6k.cc","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 10:41:24 GMT","end":"Sun, 19 Jul 2026 10:41:23 GMT"},"fingerprint":{"sha1":"08:D3:14:23:E8:59:76:BF:BC:E0:80:CE:72:D0:43:50:49:8B:F3:41","sha256":"F5:45:B4:45:B2:D5:3C:C1:79:EE:03:3C:9E:75:9A:D2:D6:BB:36:CC:45:AC:EF:CB:47:39:8E:F4:32:A8:EA:F9"}}},"request":{"raw":"GET /antibot_assets/css2.css HTTP/1.1\r\nHost: slon6k.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://slon6k.cc/\r\nCookie: antibot=0cc7ebc7-3fd8-4722-ad59-81f10bb9a160\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Mon, 20 Apr 2026 13:28:27 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 19\r\nConnection: keep-alive\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-20T15:59:59.186893Z","times_seen":13981133,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"slon6k.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"slon6k.cc/antibot_assets/kraken.css","fqdn":"slon6k.cc","domain":"slon6k.cc","tld":"cc"},"ip":{"addr":"5.23.52.13","port":443,"asn":9123,"as":"TimeWeb Ltd.","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://slon6k.cc/","date":"2026-04-20T13:28:27.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"slon6k.cc","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 10:41:24 GMT","end":"Sun, 19 Jul 2026 10:41:23 GMT"},"fingerprint":{"sha1":"08:D3:14:23:E8:59:76:BF:BC:E0:80:CE:72:D0:43:50:49:8B:F3:41","sha256":"F5:45:B4:45:B2:D5:3C:C1:79:EE:03:3C:9E:75:9A:D2:D6:BB:36:CC:45:AC:EF:CB:47:39:8E:F4:32:A8:EA:F9"}}},"request":{"raw":"GET /antibot_assets/kraken.css HTTP/1.1\r\nHost: slon6k.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://slon6k.cc/\r\nCookie: antibot=0cc7ebc7-3fd8-4722-ad59-81f10bb9a160\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 20 Apr 2026 13:28:28 GMT\r\nContent-Type: text/css; charset=utf-8\r\nContent-Length: 4768\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nLast-Modified: Tue, 06 Jan 2026 17:09:55 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4768,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"75fd64fc8e99dc317f41914081a03352","sha1":"97c20a567cf31b997322b3228838ae44b1394233","sha256":"db6ad8d74f75b4ec10be88cbf8dcf0134d1f63f7126accf2b375a0833aba0028","sha512":"9b8c26c9e7b3ca6fbdd5337dbbe2a6bfa06cb476355406f010cf4ea09438a406c804f5c56577e7b68b11870ee8fedb397ffd11a72ab2036c5485175779aafc99","ssdeep":"48:W3AtE0JlzWvwIpQnStqoemMHmGmRm6iRtmQmHxa9uuuma86cPBmJz9K+N3z+0hCK:/zGwIU2jMxALy63zD2s5","tlshash":"78a1df9e16022b5083324f3463979b15b72402768e4530edb8d04ab9eb96be686d0fcf","first_seen":"2024-09-22T02:59:45Z","last_seen":"2026-04-20T13:28:53.871991Z","times_seen":203,"resource_available":false,"data":null}},"time_used":378,"timings":{"blocked":124,"dns":1,"connect":40,"send":0,"wait":124,"receive":0,"ssl":85},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"slon6k.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"slon6k.cc/favicon.ico","fqdn":"slon6k.cc","domain":"slon6k.cc","tld":"cc"},"ip":{"addr":"5.23.52.13","port":443,"asn":9123,"as":"TimeWeb Ltd.","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://slon6k.cc/","date":"2026-04-20T13:28:28.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"slon6k.cc","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 10:41:24 GMT","end":"Sun, 19 Jul 2026 10:41:23 GMT"},"fingerprint":{"sha1":"08:D3:14:23:E8:59:76:BF:BC:E0:80:CE:72:D0:43:50:49:8B:F3:41","sha256":"F5:45:B4:45:B2:D5:3C:C1:79:EE:03:3C:9E:75:9A:D2:D6:BB:36:CC:45:AC:EF:CB:47:39:8E:F4:32:A8:EA:F9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: slon6k.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://slon6k.cc/\r\nCookie: antibot=0cc7ebc7-3fd8-4722-ad59-81f10bb9a160\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 20 Apr 2026 13:28:28 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4381,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3f9e4a11031e68e0d22f37085b51d0af","sha1":"74c44fc29ce288ac3b0fa9349a0699a1057de386","sha256":"e2de1a7aa9ececea4c899a39c53795f2b514c3c779a44adf1160be3a169d8d9c","sha512":"e2cfcc1b7ba6fbd8a3c4a8498e429372c9c7d84e693a7251f44d699fc94a728e0a8960517c136961558756fdadc748ce223025f7d2f5143ad56b75175d1bc98f","ssdeep":"48:tfJNeN8yrpxhHEddgjPaKow5KX8zXtiXttPIv4WBf3P:py7uLgjPaKRPXMC4WBPP","tlshash":"6291212595851445313286b47fd256aafb8a0123c30651a87fdc33a68ffba5897b3fcc","first_seen":"2026-04-20T13:28:53.872493Z","last_seen":"2026-04-20T13:28:53.872493Z","times_seen":1,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"slon6k.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}