{"report_id":"35d88e26-8beb-4160-aa01-965f613f2474","version":6,"status":"done","tags":[],"date":"2026-04-22T13:15:13Z","url":{"schema":"http","addr":"saviledger.com","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"saviledger.com/","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"title":"Saviledger - Secure Crypto Asset Backup Platform","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"saviledger.com","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-27T13:15:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"backupcash.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"saviledger.com","ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":29,"request_count":29,"received_data":2159308,"sent_data":12161,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Alpine.js","description":"","website":"https://github.com/alpinejs/alpine","common_platform_enumeration":"","icon":"Alpine.js.png","categories":["JavaScript frameworks"]},{"name":"JivoChat","description":"JivoChat is a live chat solution for websites offering customizable web and mobile chat widgets.","website":"https://www.jivosite.com","common_platform_enumeration":"","icon":"JivoChat.png","categories":["Live chat"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}]},{"fqdn":"img.icons8.com","ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2011-10-04","domain_rank":218854,"first_seen":"2017-05-26T09:10:54Z","last_seen":"2026-04-16T15:08:07.847325Z","alert_count":0,"request_count":12,"received_data":1739417,"sent_data":5036,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"node-ya-5.jivosite.com","ip":{"addr":"5.252.32.145","port":443,"asn":59796,"as":"StormWall s.r.o.","country":"Slovakia","country_code":"SK"},"domain_registered":"2011-05-06","domain_rank":1947235,"first_seen":"2023-01-18T15:13:00Z","last_seen":"2026-04-21T23:57:41.406372Z","alert_count":0,"request_count":1,"received_data":772,"sent_data":460,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-19T22:16:46.237507Z","alert_count":0,"request_count":5,"received_data":246835,"sent_data":2770,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-19T22:20:23.925162Z","alert_count":0,"request_count":1,"received_data":18375,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-04-19T22:35:51.253585Z","alert_count":0,"request_count":1,"received_data":703,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2026-04-19T22:44:19.012253Z","alert_count":0,"request_count":1,"received_data":20321,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"code.jivosite.com","ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"domain_registered":"2011-05-06","domain_rank":232952,"first_seen":"2012-07-22T02:03:39Z","last_seen":"2026-04-16T00:13:26.426619Z","alert_count":0,"request_count":8,"received_data":1734992,"sent_data":3529,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"backupcash.pro","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-07T02:03:14.459765Z","last_seen":"2026-04-07T02:03:14.459765Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":404,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"3d29d3c18c4805af49b1e70252041bf0","sha1":"d08e6dbd11c7b365e5c11e88a9bfc01c4ada3f01","sha256":"ede138cbf754d989fc45ec2795a39f3df9841372c019d5c1f8a69d4885460cb9","sha512":"0c6e97b77896a4e72d390d928d0b2ce0ddd47bd4e6afc31c2682f1200720cfeb8d07cc3eba8ef626f9d20e7e705798a0c03bbb75f8b1b32b38a1da3785d15b8f","ssdeep":"","tlshash":"5bc08cd4c8c71d00c3033591c036a43b213c1622a27f84691b3ca398807302be02cc6e","size":156,"data":"","first_seen":"2025-07-04T20:25:19.331528Z","last_seen":"2026-04-27T00:53:12.526055Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"6ae07297dfbac66721670c40da98ac30","sha1":"55351f07004a6f4854e203e74ed81ef41a0a6b77","sha256":"9df739d35ec2a0758cac0e556bbf87953542112ace4188c9047a55f6be697d81","sha512":"d52b5f14c91f5222e1b33fa3fd1dcb0fcc8af6165b4af5c5398629233da45a165abe5e851339427d532e7ab56159e0ae20007192f615a3772e5f0e84b887c344","ssdeep":"","tlshash":"79c012d4d8c61e00831776928066643b112c5511716e48655b3da7d880b302ae11cc5a","size":183,"data":"","first_seen":"2025-07-04T20:25:19.308675Z","last_seen":"2026-04-27T00:53:12.52656Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"673e48d802b82599ccf92366cb750f6b","sha1":"20987b019988b3c1664a3a6a4088336ff7c9e03c","sha256":"b236a878a9140d8c22869d6d38ae5f4142764c044cc1e2816316d9f4c17e14ec","sha512":"e9667686c7678e931112f76ec435824268585715fc383f934341d528cafb231c73681366bfcfecbb4e741544726fc6145bdd81530e9031104e5d6a7e648e6409","ssdeep":"","tlshash":"29c012d8c8c65a0083537692c079543b612c5911627e44669b3dd79480b303ae11cc6a","size":181,"data":"","first_seen":"2025-07-04T20:25:19.317057Z","last_seen":"2026-04-27T00:53:12.518011Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/bundle.js?rand=1776174542","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"9d302eedc3f49e8d0de23349016a8a6d","sha1":"84388f7190efc5c290823dd127aad9cdf62de31d","sha256":"7bd5d05576c280363505db6b88d2fd45a5b17d2df2c0738e97a06c915416f360","sha512":"f2f035e6d5fa1caa1ab89269d22b02e84651d1de70924e09f7f59c0c2a11b51fa00e5213acc9686daecacaffd53e7fe79fed04bbb9a222d3a7e4a023fb1e4765","ssdeep":"24576:DcdR2+482k9n4pzCuZlhEacrkPGukiE8SBC2tzPSigPgYlFqnH7XhHX6mW93:DcdR2982k9n4pzjcrkPGukiE8SBC2tbo","tlshash":"35656bc5b2c5f06103d355e6a03b2005b33a2859340da068bbbcdddbe95a98e6377f79","size":1549192,"data":"","first_seen":"2026-04-14T13:14:24.994799Z","last_seen":"2026-04-28T09:36:47.773346Z","times_seen":1125,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/ef9fe7c/locale-en-US-json.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f87471a3d1fb33be6a51912861776bb","sha1":"8bb52b99066392f10ab336b980dfbe0b8fb4dfc6","sha256":"34e2fac9b502488543160a64f763a23608d196acf4dd0c4fecd57ef957572fcf","sha512":"a363d37884af6c3b20e287e9324a16055968acc28d04f79d7acb9b5f8a0cc67e7edf70d05495a9e9dbe14996e704484d9b710ae06e12bd6d87d9d68b515a54e0","ssdeep":"192:xbPfmk/7Obf14M6dOIpUTPqZ8BijFLeEJK:x7fH7ObdFWOIphZ8wjFCmK","tlshash":"a222d71ee7017f360fa613c3744f7b5376a480e592646c75d89c826943b9bcab217b8c","size":10670,"data":"","first_seen":"2026-03-31T14:01:24.495424Z","last_seen":"2026-04-30T18:42:58.764497Z","times_seen":647,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"287b5f3afa24d79e35e345e7239f2429","sha1":"ad2216293e8861f1612f22e474a9326211225ce8","sha256":"f30e6d341c183b46f6ddb8f82e6a1f639f2539b3ea969b10cf7149a446d673ca","sha512":"bf61ccf5f2f79795e84ee1bf1fc8f5845f64defa13530b05794c4165ba995f0a9910829594f1dc043e79293ac1f25d905f75b1b7ad72f2c8374b2d11e9c2f948","ssdeep":"","tlshash":"b0e0d8a41581092082cf30a4dd1ea76736361113956e18457e1c5ba85f3277ee1a4edd","size":406,"data":"","first_seen":"2025-07-04T20:25:19.296246Z","last_seen":"2026-04-27T00:53:12.534092Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"d51550285496a207c25c6c7ef447914c","sha1":"22df306448b9c5c626f1c3981f97a58929772b6e","sha256":"86809eb4df5a409d3526bff26da99700227efcf89f5db109c905f7029e7dae38","sha512":"e9e093b353b6970d35b31dad977a3ca3f5531b0141726636f9d9090cec065f7dac3038c1d1180bf4c67047e1eea7d347b7dad9148f1d72ec07e96a2708e68575","ssdeep":"","tlshash":"a6c09bc458c65900c2133591c0369c376134176191be54e5173da3549533116e15dc7e","size":137,"data":"","first_seen":"2024-12-03T16:26:22.908591Z","last_seen":"2026-04-27T00:53:12.531612Z","times_seen":116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"6a87bab717aeeb14dbb45491334868bf","sha1":"ac8145dc4225e17a0470df02983dbb00def4f7e8","sha256":"ff326926978bc85478b0099b3e689602d6b3943bdd6bdd08d5f08f14c1f450f4","sha512":"60ae5205459458a0c53b5ec760248c0c13ec516ca5e2775811df7bbb1feddf8858754c67561391aa44b86688bf800a5132aa04751904f00245cd92cf97dd7e40","ssdeep":"","tlshash":"cec08ce4c8c72900c3033591c036a43b212c1632a27f84691b3ca398807702ae01cc6e","size":156,"data":"","first_seen":"2025-07-04T20:25:19.322492Z","last_seen":"2026-04-27T00:53:12.527048Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"c3ba17756b528fb05729e3b39fc56659","sha1":"dba5b2b9e1225f0746a3bea9400fedf154435030","sha256":"b1bf6993ff546c43e95cc3899a04a11bf6c8d170069be62147f5ae5b3046ff33","sha512":"3a003d3e209be3e94e62e1dce19bb76cd1d490793d2613ec969df7dddb2cb299161e146bc4d582b4ef4b44ee14ed250b7d424434503bdbf12cf161ff57b52f66","ssdeep":"","tlshash":"5ac09bc458c65900c2133591c0359c376134176195be54e5173da3649533116e15dc6e","size":137,"data":"","first_seen":"2024-12-03T16:26:22.89416Z","last_seen":"2026-04-27T00:53:12.519576Z","times_seen":103,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"de6fa25f73a0766b627540d66ed5d61c","sha1":"47a8d4b1b9f54a433987e68edcb0238a9ef1b068","sha256":"06390544377d0aae4c5dc99fc782ea07e6cb514bfc1178b6a9ccf876155c68eb","sha512":"f12ca4c1a42cb51b6a01cbbac011b91a8831f92e9b260c8c04319ec9958281f9bc23a67462382c2284da9e4beac20fee35972b15f2fef74cbf053e54ba563b50","ssdeep":"","tlshash":"18c09bc458c75d00c3173991c175543761341661917e4475173da394d53715be15cc5d","size":136,"data":"","first_seen":"2024-12-03T16:26:22.89052Z","last_seen":"2026-04-27T00:53:12.535246Z","times_seen":95,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"a09397505a4620789c2cb6b5d6e865d2","sha1":"97ca3ff3c1cb5126c2cc7dc4b2834899c00e9e55","sha256":"90a1d8a8e6e5c788a0f37b6e2de52e5b7dc07e68065d21ede761e75454c39bd6","sha512":"7abf9f6b4e0907881392898eb749011dbe0f2b7dbf56f2aea3c319174d2fe4c17dcdd8055bf7b5bcadbde7c2f4ef5fce32f595957aeae3aad67f6278235f6a76","ssdeep":"","tlshash":"2ec09bc558c65a10c3573591c03a543761391661a17e44651b3db764953315ad25cc9d","size":134,"data":"","first_seen":"2024-01-31T16:47:57Z","last_seen":"2026-04-27T00:53:12.503323Z","times_seen":151,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"f3ab257071af2b1623160dc5888270e2","sha1":"b8f26ed9a2b4d87a9d5c421bb5fe5497808c65fc","sha256":"322015d955a3a6e578e9129779685993dabbfbcefcbbe1a5d17fb3c6054ce2a3","sha512":"cba479a62b15b43e79983bbe84c8ba60fd4e062737c2dbb045747ecce11054da0022aa6bd64c6e11f7a0a7a8b65c3673a6044b78f10f288879fd2577a2d059e8","ssdeep":"","tlshash":"79d0c98848c50628d21b38a18a75a17ab3392954846e446eb62ce79064b3119e54dcae","size":215,"data":"","first_seen":"2025-07-04T20:25:19.340271Z","last_seen":"2026-04-27T00:53:12.536355Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"5c31d0b291c4e2465a70b272b45130fc","sha1":"571d9e894cae34213e7b9b1acc95835af4e63634","sha256":"f046539c7e47304ae2e60b30e0c25c2f631dd1e16720efa9ce029bf9e62204df","sha512":"3dd2a6b0ed8404411c40b0994581c8e685a418f79863ff3e8f00aed9808ce8e62713a21852454b7b63550c263b8f2800bccd9c84dc70dcbd15454255edc2a0a9","ssdeep":"","tlshash":"98c080c444865904c1133cd1c37558af112cd760837d48753b389754457311ae24ccad","size":174,"data":"","first_seen":"2025-07-04T20:25:19.341675Z","last_seen":"2026-04-27T00:53:12.50452Z","times_seen":72,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"a7226f7304850d00fdd10676a2c26643","sha1":"e9422e0eee6439f811cd0723a85db9b8328179d4","sha256":"9de75a45c792f1238054c7f2aa4b92031f13998840143590c19b34e263c9b7db","sha512":"657545e1a12f5569cb6e580dd39cbd37ef3f1959c331d3624328ae244b222b6d651d7ac4bbf7962475a556a2bc1f765c38330acab8d7f59b46ac624a67e7e8a6","ssdeep":"","tlshash":"2fc09bc458c65a00c2533591c17a543b62351661917d4465163db3549573116d15dc5d","size":134,"data":"","first_seen":"2023-07-06T10:22:53Z","last_seen":"2026-04-30T16:51:55.456244Z","times_seen":446,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"26d3bbe2473e9a2a54b2032fc0b50a31","sha1":"f59aaa2d005ebf62b987c7f47791947ba80217f7","sha256":"cafd953d0aaffdab93e2712c95523abdb088876637cccb6c37755fbb7974a015","sha512":"65e4489a8ab49fc663fb874a6e57c965100c2f2bb17d7c32a06d381c1fb7ec8d771023eb6480c9273ce8670134c68e642dd0effa98fc78bb0829e949217c825f","ssdeep":"","tlshash":"13c09bc458c75d00c3173991c135543761345661917e4475273db394953311bf15cc5d","size":136,"data":"","first_seen":"2024-12-03T16:26:22.909974Z","last_seen":"2026-04-27T00:53:12.516547Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"fbf3135122373345d9ceb71df3f52bfa","sha1":"d9d636e31367ad494b89a3f72010f56fe41f2955","sha256":"38a3bd88353cbf0ad11cc61074655354cd5364a990415e450eb1f0201b362690","sha512":"9bc3c6c2dc0f52e7a606dd9509c4d8ca475eb36589018d94c3b087d58bc28e5773992822d22ac6fd969983eac24610a48da427118d4dc8dbb415a5b51391f76b","ssdeep":"","tlshash":"5dc09bc458c75900c2173dd1d136543f623c5765d17d4465263db3a49533116d15ccbd","size":134,"data":"","first_seen":"2023-05-28T02:08:42Z","last_seen":"2026-04-30T16:11:01.685273Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"26cb0708f17436468b6eb88418063ba1","sha1":"fb2ba412da83dd7d9c362b2b483c8576509caf77","sha256":"c3632b520c26420c324b9a18ab3dc7471007c6f9239892c014dcbf4960c61b7e","sha512":"1307066876a80eb7a2cb0e4e56315ed5506c70c191ebba665c556b005efa51d48fe49cb79cca8a7edb6959cb12cd68be5ae921f33d7e8183a470dea1fe8f4bbb","ssdeep":"","tlshash":"04c09bc458c65900c21335d1c0359c376134576191be54e5173da3549573116e15dc7e","size":137,"data":"","first_seen":"2024-12-03T16:26:22.937708Z","last_seen":"2026-04-27T00:53:12.519053Z","times_seen":107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"0814a3a3ece2737d07f82f5d47cf136a","sha1":"92d499e36b99a84c5111ea748fb0814353b962d5","sha256":"3ad9e88a466c1b036d3ef9b828b4024b9d7f49304e1f85c25a1853bea000d3e4","sha512":"756af0ac3b2a0e7f2b9f2b1b97ec0efcd1a84bcf573276678a8ee61265709dafa90527380a94f85576b168a0448643bc3897fe9276abb455128f20a9b0fdbf78","ssdeep":"","tlshash":"c7c09bc458c75a00c2173591c035543b62355661917d4465173db3949573116f15dc5e","size":133,"data":"","first_seen":"2023-07-06T10:22:54Z","last_seen":"2026-04-30T16:46:54.242172Z","times_seen":403,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"2ba07767e2d85aced7d10fb6e7fbaccc","sha1":"c1d67bdf33b8f97c55fcdcc6414a01aa2e82909c","sha256":"b7c639e9ac352480d74c34c235f534a1d16bdc9ef5e57c53441f1775f8c05e72","sha512":"ae39571bd9c39cc2a6050b5f6a9ba4ee3d60b4485ff2047cacf8137168e395438f468408844cfb9735816223eb9a2b707aa13281eb79b37ba656cf0c1c202d63","ssdeep":"","tlshash":"c4c02bc00cc20900c24334e0c036a83771381661c1bd44be263cf3508033016d10cc5f","size":142,"data":"","first_seen":"2024-12-03T16:26:22.902071Z","last_seen":"2026-04-30T16:51:55.463157Z","times_seen":304,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"b30d025c2535ae71b99ce714556d4ddc","sha1":"01aada84e2c9a8071bc7e42d8e5051c5f6da0cbd","sha256":"f35067b0072a28522732dc2cc95575a2dda4913c05f63aa2abf8c2117d1e92bc","sha512":"421032794673510fe2bae467ab7af4232b45218d4c3af3b17127c7ac12ef9b928fe19050fcd610a48193889aad28639a28d5052aca8ef5859dee6e6939ff457a","ssdeep":"","tlshash":"bfc02bc448c30900c2033cc0c037483f623c5b20c17e4466263ca3549033006d09ccfd","size":142,"data":"","first_seen":"2024-08-20T06:35:05.414875Z","last_seen":"2026-04-30T16:51:55.506211Z","times_seen":256,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"7a5b348f557795380871b3a76d049172","sha1":"067a5a651e2551eec32c5e19c27b7c9eca723481","sha256":"bae0750cad9faa490635db6c1a6babc384e1651673ae2f876af71c33ffb2fffb","sha512":"1f5077ea42aae7348f490e83964404707e003d5a190d2779a25fe5a4f7c69d1d5e1b021b70f61a7dae0645a1f27eb4ecdee94f77e46721053dbd5a5b5dee85a5","ssdeep":"","tlshash":"91f02ba918d1042042df7221d92fc36536391143616f2845be2c4be44f22a7a90b8ec8","size":454,"data":"","first_seen":"2025-07-04T20:25:19.346578Z","last_seen":"2026-04-27T00:53:12.522706Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"6cb21876ee46b123366834d3c2286a54","sha1":"9ed9be5e12556584cbd31ecf80cbd9de23dc790c","sha256":"f6ac6459abc34684e3c21cf8b55cd89cd4a2d8d7a923282234279aa6a431d06e","sha512":"72b820fa670b7cf1a0a332a1cdde1bd24e8ef4ec57b3ad16295faa20fcefca0dd1e4bba2b846f09f3bb02f80d14f5fac01ef91cec1653c34687caee76644e121","ssdeep":"","tlshash":"c2c012d8d8c65b0083037692c06a543b512c5911627e44669b3d9798907302ae11cc6a","size":181,"data":"","first_seen":"2025-07-04T20:25:19.312583Z","last_seen":"2026-04-27T00:53:12.515155Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"1ea0d3bc1d2574e80d7b6979c7074321","sha1":"c3cd45a21db4ff9bcf4c3ad8e3b82b7b697b1484","sha256":"305d5f6b1ab160ad36550fa076348bb65cb42ba2b86b76454159cbb1642f531f","sha512":"f81e338e74d3f23c56aaef80f737f91557c26f26296d008d093c6783545d015acdfc0cc1adda8985f4cf8faafe4cba37ca732682ccf8eb203091e305ba44b5e0","ssdeep":"","tlshash":"5dc09bc458c75d00c3173991c135543761341661917e5475173da394953311be15cd5d","size":136,"data":"","first_seen":"2024-12-03T16:26:22.913994Z","last_seen":"2026-04-27T00:53:12.527519Z","times_seen":96,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/widget/HLFwe8KOMK","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc36f9b94a67eb56edaa3da5e250a105","sha1":"4945c36abe783ea673212487adfdd2260031dd5c","sha256":"47057cbd0c948be21fba80fdc675d5da2d4adaf86e78115733dc75832769786a","sha512":"fb44e5e62125b354d76e3e79c184e2d936a3730e1038344f9d3e683175c7849d84001a54f45b321c80c5a7e41d5aebb5a762292bbc7c2ae6803aaa28c8663242","ssdeep":"384:boU+JvepohmPF0jbrArr0aX55Mf7qISOqrebz8sROweqWcPdv:UI/UAjX54cr7sXWcPdv","tlshash":"a8823b6e7959b97743b218b9516f6209733549ebd404c920a401e98d7cb8ace813fef8","size":18118,"data":"","first_seen":"2026-04-14T13:34:30.591514Z","last_seen":"2026-04-28T09:29:37.713367Z","times_seen":1204,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"0b5dafcee18f6c74361001ef1a036103","sha1":"84f098ffdd74f8c328e80370e6a7f5412b378873","sha256":"e99ef113d711b6e928b2c9ad9edc9911314a12625591103fd7c696d38cc1c010","sha512":"01a84ae5e981ac455afb56038728a3359c6c5c7d4078fdef49cb2780565a2e15e17316a3dc4ce4e561ac4815e010ac95c1eac21860797c3718fecb276681328f","ssdeep":"","tlshash":"b6c0129084c65920c25334908066552a21382666916e55656a2ca7549173116d058c6b","size":170,"data":"","first_seen":"2025-09-03T18:03:04.143668Z","last_seen":"2026-04-22T13:37:20.182631Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"808ff3ea9561e88042a44659d872fe2a","sha1":"0aa7e55cc0f522ccbbeacb6bbd94d5f36a2b1ee5","sha256":"03e526b6ebe9c08030bd3f5197860c59eb7f6ec038fbf1c7249ae70d1907ea6b","sha512":"37214635ebdbae9baf7746329b7e6c0d66505b20f34d2672c03581b366a00b14c259782edcdfa8f099adde4498e5f78e7b7e5e7a93cf538b7e11dc6f58eecc4c","ssdeep":"","tlshash":"55c02bc00cc35a00c3073480c036843722351221827e44641b3dbb50853302ad30cc9d","size":136,"data":"","first_seen":"2023-11-17T22:21:07Z","last_seen":"2026-04-30T16:46:54.262825Z","times_seen":377,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"a593a5836449f1e33b161f0764556bef","sha1":"74dc07dfa334fc6cf6087d98d3a1b60a7fee3f87","sha256":"bfb63d21718a5a07c7450e0a5fd6c4515395c699477fed52dc8f27efa1dd3a52","sha512":"79926d3c0ba301e0fde0d6960169bc0972e1ea192237f43cad29e177a056bd784fc5a632ad1ceade7cdd553c85c913c2c05d4337a16f17cd44984bbfafac5ab0","ssdeep":"","tlshash":"f1c08c8088830900c2073cc0d136483f222c9b28c17d44662638a3a88033106e0cccbd","size":148,"data":"","first_seen":"2023-05-28T02:08:41Z","last_seen":"2026-04-29T05:45:15.604376Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"65689afb2deee1ec0982fcf00424c27b","sha1":"953670f6e01e24668851a1b4d6e0df884f11e8f9","sha256":"61709a5761425894b4bcbf58c1bae0aae074031656a8622d92beee7eaa71f047","sha512":"b068d2d82538bf5ba8c2f1e891299a851685cf4cad554c8e70390e33673d9ca10a359b2cbdf20a8db4f7d296d0b64df8a05758caa16dc7bb8b96425ac3d1eba4","ssdeep":"","tlshash":"9ac08cd4c8cb1900c3033591c036a43b212c5622a27f84692f3ca398d07302ae11cc6e","size":156,"data":"","first_seen":"2025-07-04T20:25:19.333581Z","last_seen":"2026-04-27T00:53:12.532141Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"a957fc76fd4101dd257335330482b24e","sha1":"5c05c9afbb4e21815c145b2cbe89fa7ce48b0eec","sha256":"06fae9d1819a3fe1a29b72cff2205f8ccbcdab790fbf9755293f791f3d8b81fc","sha512":"ddd9f6e59cc6a9258594e6ddcec00339dadfa6bedbf0ceb5cd40fef739e7748cf9d4676b7552b0d245da85b50883417d4d77dc344b4b6a49e4676eb09716e6e6","ssdeep":"","tlshash":"6ec09bd458c75d00c3173991c135543761341661a17e4475173de3d4953711be15cc5d","size":136,"data":"","first_seen":"2024-12-03T16:26:22.88499Z","last_seen":"2026-04-27T00:53:12.522192Z","times_seen":102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"ca7ffdaea11ac263d0e83d19e66c1b72","sha1":"4fc614689f63804acf6f9280196e2909e70739e0","sha256":"7b4526d4dbc360ce285133807b464b3bf5517539e8bc453b47261b2ee5208b4e","sha512":"8ff22f6619a625a7862a391a860c8ec7272f21dcd5012a1855593a72d38e5e2da4296ff775a11c67083cda62e1db4800ab4d4d2b3f742b6f2ed52a2f2894db11","ssdeep":"","tlshash":"91c09bc458c65900c2133591c0759c376134176191be58f5173db3549533116e15dc6e","size":137,"data":"","first_seen":"2024-12-03T16:26:22.905697Z","last_seen":"2026-04-27T00:53:12.532661Z","times_seen":95,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f93a3557bf452c01f11b671c0a2dd26","sha1":"fa958273063b57885af8236902e70297cf8bd757","sha256":"a5a480b9d059fa398462ef255d4dfa8a93f0dce8fd1f8b011ada5ed00679f04b","sha512":"2b771ad867a4570da31933c0a5a09a6bab0b7cfc579db452769be1650ba072c0458f35f9614c6713c1a40257a0cb140793af89a3c8cbcb061b25bb9b83ab2e22","ssdeep":"6144:GxCze25xpE3zk5lbr8hW42OwGMwYWZw7+W5:GxL25xpEMR5","tlshash":"ab44704662f224345263f07e1a5fc41a7729940f2d88fd943a8c42a55f8c93c97f6fea","size":277308,"data":"","first_seen":"2026-04-22T13:15:28.110101Z","last_seen":"2026-04-22T13:37:20.168414Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-30T18:37:05.689998Z","times_seen":334319,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"db3372f5ec3fe346ebb5167a8ec9b6bb","sha1":"e42c721552d7827713889ad6f800391d6cfddfb2","sha256":"fdd7135c9170dc258aad15955de54d2cd4e60c8f9846bab802e74863f29ae10c","sha512":"fc510d09a06c0227375e40328d93bbaff3f22816aa10dfada504d938ed2640234cd7f7e3d1e204e42fee9906645e698c127915d2ecc996bd2df071c39e9be33d","ssdeep":"24576:qCGs0WFmBI9PLn/l6Fxhv9cCig53l3SOzjdAp/l:qCGs0WABI9PLnN6Fxhv9cCig53hSOzjo","tlshash":"74656cd5b2c5f4a507e301e6a43b1002a33a1c1a740da468fbbcdcd7a95a58e6337f79","size":1516742,"data":"","first_seen":"2026-04-14T13:14:25.006045Z","last_seen":"2026-04-28T09:36:47.78569Z","times_seen":1126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"c31900c1795cb42daed33901a6178184","sha1":"f4afa40853ca770896de083da1cce90fde5e6444","sha256":"00c6cb4fc95ddff469614afc4a435aabde6acd6ab8e1730ee87a39a7093ce61e","sha512":"d7b6a105513dbcd118eb563322a2c649996b5bd891666cbf3b308dece6cf0495d9d1aeab816233e7e9ac4cb970e2b4b5b3dc7c2ac154cafa09a1aab1b1feee95","ssdeep":"","tlshash":"74c09bc45cc65900c25735d1c035543761341661d17d4479263df3549533116d25cc9e","size":130,"data":"","first_seen":"2023-04-12T21:12:17Z","last_seen":"2026-04-30T18:51:35.075751Z","times_seen":1959,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"3d7191ae7e729143ac4707e42f031e25","sha1":"22978596c152220e44a1c374622302ff30cdf60e","sha256":"399ca8e5b904fe579fd780ad0c69864c0f2083ef8b1210a7e1cd34b7b4fd3cb7","sha512":"4da4f5a0049204696dbeed9455c60c4e253ca739f0136c33ed072773e1fbb0b1c8095c4c27b80d50d175d254dccbc3535e2d39e74bbfb8ecfe6260d46d3a6e20","ssdeep":"","tlshash":"3ec09bd458c65f00c2133d91c135543771351671957e44e9173da354d533117d15cc9d","size":133,"data":"","first_seen":"2025-07-04T20:25:19.294663Z","last_seen":"2026-04-27T00:53:12.528615Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"dd6d4f87362ffa9266daf49a110fe810","sha1":"6b0f47b11fdc9a514efe1234b2a71f95e3d7d6ef","sha256":"5e7b4df689554400d72371e0367ba8c25cad73c351c43e14db484277427c4ae3","sha512":"a1b899760d192b15ff61fe07cd628a159a7360b8de222b24bd1c834fa02d37e0b65b46292073fd46723b81822f230bb2a35033d34c941f46dd047a035d13ef42","ssdeep":"","tlshash":"3cd0c98c85c68d98c3163541c975843661281aa4a16f48b9373cd3d8687301fe22dd6b","size":210,"data":"","first_seen":"2025-07-04T20:25:19.299616Z","last_seen":"2026-04-27T00:53:12.534687Z","times_seen":65,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"6e5d92233ddba3a89a840a580df773aa","sha1":"bd7604afc877dfe4ddfb0988032bc36e04c3437b","sha256":"521b8823528f79ed198a9166922b45271fb75ccce62018cc18363aecd03b8897","sha512":"b884cc351c88f028a239b058772b8beeb67c6d1f9440faa0b4800beaafe2c5f12059783544fe247b519b0def580dddcab55245a3c6d120c817fda2e03d114f3a","ssdeep":"","tlshash":"5fc012e4d8c62a00930376928065943b112c5522a17e44655b3d9794807702ae15cc5a","size":180,"data":"","first_seen":"2025-07-04T20:25:19.337643Z","last_seen":"2026-04-27T00:53:12.517515Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"9a11b49d579f6eced1051b61a9533a61","sha1":"aa792511e6e0a8c54a242170c4494254d2d063ef","sha256":"56ca886d3a7d442dc106cc8c53271d08be5410b57d9da3e2bf77de7e35637fb9","sha512":"0b969f25d11dfd89603dc65fc057b8d33886683b6de5088440dca9db088aa3cc33f1b1fbaaeb9280df5938a45cb4ca5ab350b17f44d5d98eefd866c48a631761","ssdeep":"","tlshash":"76c08cd4c8c71900c3133591c036a43b212c1622a27f846a1b3de39880b303ae01cc6e","size":156,"data":"","first_seen":"2025-07-04T20:25:19.344169Z","last_seen":"2026-04-27T00:53:12.535816Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"50487c500270653f5eb0ac8bd759da55","sha1":"d57e7e2fbb314ffddeab9e1696e5f253c476e729","sha256":"36b758661d5589365fe217d2aecea14a06f76ded72bf46b5ec7f50b26ab3fb86","sha512":"d458358836b011d4c5e57a30de1ea7cad410438c54701c3f6b232127c4d4acd8bad8934928d8e377bb64dcf06ecfcf446138049f87de059705277eb747c69a14","ssdeep":"","tlshash":"6ec08cc12cd66a00c2973890c1b9997b31ac6622827e48793b3ce364887322ed35cc5e","size":174,"data":"","first_seen":"2025-07-04T20:25:19.329995Z","last_seen":"2026-04-27T00:53:12.523192Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"8ceee436e6126dc8b82ca73e5251e11a","sha1":"b80f795edb446a6ec84e8d669b8f2d4ca0371476","sha256":"f7b05f4a82a13e31f02c2f2dae23ce0693647ab44cc862e7c8c321b90d87d959","sha512":"06b2c43551463eb6e8e8da0a3a261bffa6f23609b75fcc91e378a4a35191d2ca9e6de7aa0fc1101deb993d2a4537055a24f157089817be7c46b6b024bf1f4888","ssdeep":"24576:ECGs0WFmBI9PfXXlwFZEuicCig93l3SdzjdApfx:ECGs0WABI9PfX1wFZEuicCig93hSdzjW","tlshash":"48656cd5b2c5f4a507e301e6943b1002a33a2c1a740da468fbbcdcd7a95a58e6337f79","size":1514941,"data":"","first_seen":"2026-04-14T13:14:25.020142Z","last_seen":"2026-04-28T09:36:47.793249Z","times_seen":1106,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"saviledger.com/cdn-cgi/rum?","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:54.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1019\r\nOrigin: https://saviledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1019,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":1391,\"startTime\":1776863690694,\"versions\":{\"fl\":\"2024.11.0\",\"js\":\"2024.6.1\",\"timings\":2},\"pageloadId\":\"1a48b93c-3c94-434f-9f9e-898dd7256605\",\"location\":\"https://saviledger.com/\",\"nt\":\"navigate\",\"timingsV2\":{\"unloadEventStart\":0,\"unloadEventEnd\":0,\"domInteractive\":958,\"domContentLoadedEventStart\":1668,\"domContentLoadedEventEnd\":1720,\"domComplete\":3373,\"loadEventStart\":3373,\"loadEventEnd\":3373,\"type\":\"navigate\",\"redirectCount\":0,\"initiatorType\":\"navigation\",\"nextHopProtocol\":\"h2\",\"workerStart\":0,\"redirectStart\":0,\"redirectEnd\":0,\"fetchStart\":40,\"domainLookupStart\":40,\"domainLookupEnd\":44,\"connectStart\":44,\"connectEnd\":436,\"secureConnectionStart\":210,\"requestStart\":436,\"responseStart\":761,\"responseEnd\":761,\"transferSize\":13264,\"encodedBodySize\":12621,\"decodedBodySize\":84912,\"name\":\"https://saviledger.com/\",\"entryType\":\"navigation\",\"startTime\":0,\"duration\":3373},\"siteToken\":\"7fad7a543d424c8f842cdecbc811e487\",\"st\":2}"}},"response":{"raw":"HTTP/2 404 Not Found\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer\r\nx-xss-protection: 0\r\ncontent-security-policy: default-src 'self'\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 151\r\ndate: Wed, 22 Apr 2026 13:14:54 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":151,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"65184a8141d79bb1cf319ff7cc78048f","sha1":"6f93026b0097dd610ed8816ce9af3c453bf78601","sha256":"b39228e900915911268684712748db85ce5e8f7e3cd1e85bab3d6856ddaea149","sha512":"1362703401a4dd9bcc9d468fb1b54d70cd28289583f8e8091af998ee0c64e109cecbdad4507b30560d9c69d7fa2dfc230c440d56d4dc5c97d67af62c9f2e43f7","ssdeep":"","tlshash":"e1c02bee101111050d308b083fc222f834d73bda20e6c9006bc2e017edd4b17c8c7188","first_seen":"2024-08-20T01:11:59.056105Z","last_seen":"2026-04-22T13:37:20.137743Z","times_seen":15,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/ellipse-1.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/ellipse-1.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:35:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 8193\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":8193,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 121 x 250, 8-bit colormap, non-interlaced","md5":"00d4e5fc01c9ea8b0569a6d3678eca09","sha1":"835a59d478df751db868394b738f7f3be6a9b51b","sha256":"5f9d3180c4a98e7ea2c76bdaea709a90ff311e90feebdc383c16558972689217","sha512":"15ab95c87c4eab36da753fe3d4284de3e81700b9612c02631efcd80bed0c70b2aefa528339b4d22f1f025ecd2f9f5ede1afbae786e8b4b476dea6b4639a66ba2","ssdeep":"192:zQPNHqh/nPkJjCwPxCf1wArr6wN/rE3FQrU5aLa4rCK:EPNHqhfWXxowArr6wxrsaLa4GK","tlshash":"bff1af2dbb142e7353a4aebc87ce2e44a622c134a2bfd54e5c8948e1f72c554fd422cd","first_seen":"2024-12-03T16:26:22.386356Z","last_seen":"2026-04-30T16:51:55.396181Z","times_seen":398,"resource_available":false,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/globe.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/globe.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:36:44 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3753\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":3753,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 107 x 104, 8-bit colormap, non-interlaced","md5":"3ebfb76aba65ba06b960c330ea5978cd","sha1":"0fd9ef4ad7f944c0419f9113088e58abb8bcd37a","sha256":"f84514c87d0542f1deadf327d1eed886df5f903159a035c2f7835623ab111aac","sha512":"1538fbc486a39b35847bccad81b65c6b5b6187cdce21b31505c7c0d406706b340d9a7ab883c161ffb04ed0fe7de602f51d6ba8e20dcc6a37c749e369f357e2b8","ssdeep":"","tlshash":"0a716c77f316e324d2ec4771645187c7b81c883dd543c9c8583d957beac7b994240235","first_seen":"2024-12-03T16:26:22.381022Z","last_seen":"2026-04-30T16:51:55.36868Z","times_seen":398,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-1.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-1.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:48:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2590\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2590,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 194 x 60, 8-bit/color RGBA, non-interlaced","md5":"58a7ee87a92c6a6b651d43fe01c33b55","sha1":"439da7f0d16c3c730986ed71974a334822b214d8","sha256":"1a14de2eef17d489690cd8394300c718e616b61ebf46f1ece49b45ca376620df","sha512":"fcfe4ca60137cb158fc5f5105d917b1bb3e0bc69b2a98523b083eac5f7e2a4a4840b875a704ec79ad1e9cd1a2d5d2f8165cdc21ad217c3706b2983756e792adb","ssdeep":"","tlshash":"ea511aea1138127ca54d074eade1319ff526b475893e5db0fec3a2fe50da503c2a6622","first_seen":"2024-12-03T16:26:22.413967Z","last_seen":"2026-04-30T16:51:55.399649Z","times_seen":371,"resource_available":false,"data":null}},"time_used":490,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":490,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-5.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-5.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:50:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1631\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1631,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 97 x 44, 8-bit/color RGBA, non-interlaced","md5":"343610828d6cd2bffbb6f705fed5b679","sha1":"2d71831c4513f746ad9d291c0295db9e7bd91917","sha256":"adc6bfa2e50c97a33131055209ff6b8da262d0573c118fc3b04efdbce0b7cccc","sha512":"48ba8d011e35ff05ccd1015f3abc45c102d873ebd5b0630d910ae50fed500bf9d8c983975664c3fb4387e37d52f9fdc23f48ff46cf65241e92d37fdde59ebe9e","ssdeep":"","tlshash":"fc310ae4af273cf7822ad5378bea1c44989214153127aaf9390c624c456dc8897757e9","first_seen":"2024-12-03T16:26:22.367724Z","last_seen":"2026-04-30T16:51:55.373732Z","times_seen":354,"resource_available":false,"data":null}},"time_used":484,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":484,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@tabler/icons@latest/icons-sprite.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/@tabler/icons@latest/icons-sprite.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=30, s-maxage=30\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"44-1xb2HfJAJYxfzJR06IZ4HVchJpU\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 23\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nx-served-by: cache-fra-etou8220101-FRA, cache-hel1410027-HEL\r\nx-cache: HIT, MISS\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 66\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T18:35:16.871426Z","times_seen":14435417,"resource_available":true,"data":null}},"time_used":182,"timings":{"blocked":64,"dns":32,"connect":14,"send":0,"wait":39,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/css/custom.css","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/css/custom.css HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 28 Feb 2026 14:14:12 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1233\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":7936,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with CRLF line terminators","md5":"be4a83d6b74ce6a4350b4b3d97f753ef","sha1":"0632e15fcd1a842d2816312ccedd9db33158f784","sha256":"59a54e273fedc847f42c5f989efcf59dd1cf26cec273ee3149b8fdcb5ba15933","sha512":"0473c03c63e90a87990bed3a4180de5b2d651d8a998bc34154dd9ac2dc9b09f3fd01c097379005fcf26c18666a36f65d9fb5aa198554e86b3f6c5c0c418a4972","ssdeep":"96:3D0jkcYXCI3LfMYpK/uITneOAJ7/qX7BFV7x4IKVb:AS4uITeX1Cr9qb","tlshash":"f0f10d2ec18369827237c6e4d733152aff2e8a1fc50aab5cf6ec75e2af321d44411a14","first_seen":"2026-04-22T13:15:28.101885Z","last_seen":"2026-04-22T13:37:20.148711Z","times_seen":2,"resource_available":false,"data":null}},"time_used":348,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":348,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/?size=512\u0026id=z45DhmPMJKKx\u0026format=png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /?size=512\u0026id=z45DhmPMJKKx\u0026format=png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 16368\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: z45DhmPMJKKx\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Tue, 07 Apr 2026 13:27:46\r\nversion: 0.0.29\r\nfrom-mongo-cache: true\r\nfrom-redis-cache: false\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k5MR9VzQuCB9SwL6lj1xT5S7pSffvyzMJD0y3oTASlrEV0c4HWMjr0NAViLK\r\nx-77-nzt-ray: fdb54123863f674bcbc9e8690d18b12b\r\nx-77-cache: HIT\r\nx-77-age: 43011\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":16368,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"8a8d1edd1ecc37050f33be788f2d3b60","sha1":"e12f81d6ea57b5061e278eeb171c00b61719ba8e","sha256":"32c19271d961178a986b68aa2db40149a1d100b365e34ebbf9c33be30b34fb6a","sha512":"42b0c21dae092059f8c838907c078e34381cfd1946ddb239eaf01a6508ea123f90136d746f20d5e57e5b3fd75451fdebd4bcab30d1a17173a8a41fdeefb01653","ssdeep":"384:S9aqqhEXjm84m5dYYQjy0WPLodnXt/sopxZ:YaNsj2m5WVWPLopiK7","tlshash":"5672bf3532ce79e5dc9a10b0e2b7904d01fb569ea2671f9b63807b3190fa8144daf7e4","first_seen":"2026-04-22T13:15:28.102948Z","last_seen":"2026-04-22T13:37:20.150773Z","times_seen":2,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":56,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"node-ya-5.jivosite.com/widget/status/2722246/HLFwe8KOMK?rnd=0.09047202486289874","fqdn":"node-ya-5.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.252.32.145","port":443,"asn":59796,"as":"StormWall s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:54.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /widget/status/2722246/HLFwe8KOMK?rnd=0.09047202486289874 HTTP/1.1\r\nHost: node-ya-5.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://saviledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: sw\r\ndate: Wed, 22 Apr 2026 13:14:55 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-credentials: true\r\naccess-control-allow-max-age: 1728000\r\naccess-control-allow-origin: https://saviledger.com\r\naccess-control-expose-headers: X-Geoip, X-Botmode\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-security-policy: frame-ancestors 'none';\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-botmode: no\r\nx-frame-options: DENY\r\nx-geoip: NO;03;Oslo (Alna District)\r\nx-powered-by: foxy/6.0\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":149,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"dd131346154ff6930b92ce2e9586aab3","sha1":"7b66852996e89a2e38b60f386da6d08120517189","sha256":"5e55ceb4d6f718f4a7e8186246287bceb453215cdcccba88ee24ecba787cea51","sha512":"15ffdd69adff597e2ec0febdd58bf4d0fafe9df2817389070c0220eb0bfd98fdf55ee8d77452dd16622574a59ab89dde71cfd1a90bb508df7dcf583cb0545f19","ssdeep":"","tlshash":"57c08c6b423a98e906888650a1da670a053502222ac25718e2919200b0ae990808f017","first_seen":"2026-04-22T13:15:28.104153Z","last_seen":"2026-04-22T13:37:20.14713Z","times_seen":2,"resource_available":false,"data":null}},"time_used":861,"timings":{"blocked":394,"dns":304,"connect":19,"send":0,"wait":72,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/3d-fluency/512/combo-chart.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /3d-fluency/512/combo-chart.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 174551\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: DAoPjn2XoTUN\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Mon, 20 Apr 2026 10:45:58\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: true\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: kziAaAkAY0hamFNVZiausKgcKNxftNyYi5ZUA78MAxUb5/cQ35cMlo0eFRzQ\r\nx-77-nzt-ray: fdb54123863f674bcbc9e869b210622b\r\nx-77-cache: HIT\r\nx-77-age: 60980\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":174551,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"a5d99c783adc58e8c6285d606a9ac84c","sha1":"df3c64966ff05dca19149121b4480677f6a30bdd","sha256":"430f0efa96c61ff7e0d84b8f96762db71ab02f58a299fe871cbad89ad406f11a","sha512":"8472d31dcc1c531eae70ee337c9c725768d27dd0e91819cd84ce04e69c7744e69f941d7db2d33f7072279169de95831b477b9556ba3f169997dc8007c5b69e61","ssdeep":"3072:RYdurkLmRY72aUMz5fR9VH4rt19Xu38TBlJJr2+E2cl+zgWba8o/W7QN68rt:RdOYHczZRfu1BzJyN2z+BW+6yt","tlshash":"3004125fa802e594c227a1f6625afe27827f359c07e533a0c70c0f1d1697edd94ab293","first_seen":"2026-04-22T13:15:28.10554Z","last_seen":"2026-04-22T13:37:20.141098Z","times_seen":2,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":44,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/3d-fluency/512/lock.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /3d-fluency/512/lock.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 164536\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: bRPNFtJ7l8ok\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Mon, 20 Apr 2026 15:13:03\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: true\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k7oeO9LdIDAFYpuYfgpr4hbMyA3tkqa99Zs+yYQJ0/VkA18l4CxP7JirGwOQ\r\nx-77-nzt-ray: fdb54123863f674bcbc9e8694abdb82b\r\nx-77-cache: HIT\r\nx-77-age: 159\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":164536,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"bd60fd4eed0b2e726b83f20e0dff3ff9","sha1":"34209743589c86b94e7e9c4f3a3fe48ab65c30a2","sha256":"cf3035c94add11010ac0e5652e2f6e43d83c77c6c4245a542e983044996f0b97","sha512":"23dd4c85926292b6a441d793b86467dc751d50a49201663479d947d028b208f7e1b4eb2a031b75b0be3a4106fb117346ad3c914e58e6c1d4689d82d227de0fc5","ssdeep":"3072:jkPgVOUvk0IxEvWw4wM/6gSWTFpVqVh/rTikyui9P9O+/0:j6uk0cVyS6HWTHk7I5z/0","tlshash":"2af312e7c8de22a55569ffb0992016b443730b3ccb3a5b41c6366ae67f980fd8d00b61","first_seen":"2026-04-22T13:15:28.106731Z","last_seen":"2026-04-22T13:37:20.158147Z","times_seen":2,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":54,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-8.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-8.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:51:06 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2241\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2241,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 154 x 36, 8-bit/color RGBA, non-interlaced","md5":"9e10c7024b49623d2977cd1409f72ac5","sha1":"553b32193ceee392b8dd2d3495d0040e7cfb3f7f","sha256":"a03188d6bc5231c45f58605d7895441cc89bcfea62bbcae89388e2fd7310b749","sha512":"30725fd01c3c7516cb4805037254b1632a16ffcdb20527488c68e9001c9c79c0f6878f5768ed1c766512f778c8179f655fb753c6de88d12041d0385e742334d3","ssdeep":"","tlshash":"414129bf060f737f834de4171e4fa0f232ba259b94a55641a9caa740385a0f02b83166","first_seen":"2024-12-03T16:26:22.371476Z","last_seen":"2026-04-30T16:51:55.374353Z","times_seen":372,"resource_available":false,"data":null}},"time_used":637,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":637,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:52.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://saviledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 22:33:37 GMT\r\nexpires: Thu, 15 Apr 2027 22:33:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 571275\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-30T18:33:48.435559Z","times_seen":160733,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":65,"dns":1,"connect":20,"send":0,"wait":8,"receive":4,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/coin-1.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/coin-1.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:37:18 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3300\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3300,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 75, 8-bit colormap, non-interlaced","md5":"53f8f7d0e5d8c94bd7fce3a68f1a84c5","sha1":"a2a8e4ea1bb9e332f987abed6620fe2fe132907f","sha256":"4d554e7641ff6254dd78fb7a952a980ac2fe0548b39fcdd29da30b87fa1f3f7a","sha512":"9c02f187b82b222ed6e41ffc74c06995f59a272011164cd17ddf7bdc6c773b9590d7170755f941691c3d0cfc4f7e446de8822011d088f472e98f83f874ee3bc8","ssdeep":"","tlshash":"40615c85b61f9a64e019e92d7f3880d11110b0bb92b4fea732fec69624b1d36860bd74","first_seen":"2024-12-03T16:26:22.384555Z","last_seen":"2026-04-30T16:51:55.378795Z","times_seen":397,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:52.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://saviledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 22:33:37 GMT\r\nexpires: Thu, 15 Apr 2027 22:33:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 571275\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-30T18:33:48.435559Z","times_seen":160733,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":83,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":65},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/js/backupcash1.js","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/js/backupcash1.js HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 23 Feb 2026 15:44:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 71699\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":277308,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"4f93a3557bf452c01f11b671c0a2dd26","sha1":"fa958273063b57885af8236902e70297cf8bd757","sha256":"a5a480b9d059fa398462ef255d4dfa8a93f0dce8fd1f8b011ada5ed00679f04b","sha512":"2b771ad867a4570da31933c0a5a09a6bab0b7cfc579db452769be1650ba072c0458f35f9614c6713c1a40257a0cb140793af89a3c8cbcb061b25bb9b83ab2e22","ssdeep":"6144:GxCze25xpE3zk5lbr8hW42OwGMwYWZw7+W5:GxL25xpEMR5","tlshash":"ab44704662f224345263f07e1a5fc41a7729940f2d88fd943a8c42a55f8c93c97f6fea","first_seen":"2026-04-22T13:15:28.110101Z","last_seen":"2026-04-22T13:37:20.168414Z","times_seen":2,"resource_available":true,"data":null}},"time_used":348,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/3d-fluency/512/fingerprint.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /3d-fluency/512/fingerprint.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 188727\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: dFG7xszHcT9z\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Mon, 20 Apr 2026 15:16:58\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: true\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k3ZIN68gQcuSUsHjlb+rBOP0k5bdC26q9zB95Bwrqvag5v//Qeh/37OgciaO\r\nx-77-nzt-ray: fdb54123863f674bcbc9e869e58e512b\r\nx-77-cache: HIT\r\nx-77-age: 159\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":188727,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"d83e4776d5694c3a4921a41ebfd75474","sha1":"ec832388a5b030b77535d2fa9e503799669bf13a","sha256":"1584a6e3ab6f0f30aaa547dd9975b95140ff61ae4968be8d2f58faf381d58153","sha512":"49964fd42b7a230a5fe90d68c89a2a5d071b55a1ce3b2feeccf8c816fb2717f9358ceeb8a2cecc211a72afbd6ee2ea3f3ed40f47ca3a74aa885fd15e747bdabf","ssdeep":"3072:DbaPCYT/8YXVx3NB3qP7Sn4+/kKjGzxdp+BFoih0wSXNtg/j0g8nBC0VUoyNfblt:DgCknx3X3024MG3pkF2Wj0g8nBCU5yNn","tlshash":"eb04129aa0d9478bc6e2b7a4ae3c9a94330d0117e110f540fde75deeade48fd08a5319","first_seen":"2026-04-22T13:15:28.111086Z","last_seen":"2026-04-22T13:37:20.171675Z","times_seen":2,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":17,"dns":0,"connect":0,"send":0,"wait":56,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:52.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://saviledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 22:33:37 GMT\r\nexpires: Thu, 15 Apr 2027 22:33:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 571275\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-30T18:33:48.435559Z","times_seen":160733,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":70,"dns":2,"connect":21,"send":0,"wait":14,"receive":4,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/css/app-B_l4pjL9.css","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/css/app-B_l4pjL9.css HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 28 Feb 2026 14:17:12 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3849\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":13173,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13172)","md5":"ff283908c35a664e15b664ff19f87541","sha1":"d16d35f95b4ef495a80d69efbe760108dec892ba","sha256":"34df391b0decd1e5a1646951402fd03e1577a9b70c2adafa038b20c4252cb340","sha512":"3dd4ec1219da0e9a4f1af6a2b773ca9e07e69998cac945deffd034f8f71d455c1a611643cef5f18d2c6b769facf8a6171a2e275781e798341da521aabf39d35b","ssdeep":"192:fmUJbiKnehJTJdKSme+jeH1ZpbwAr3zL4vIfb6913ZvOvY:+UbehJFdKW+SVZpbzr3zHfOZmvY","tlshash":"974210a85300282753130f3647758bb4ed74488247d3ce6e91c0ad98c6fbcb9136f6b9","first_seen":"2024-10-25T06:28:56.946596Z","last_seen":"2026-04-27T00:53:12.452262Z","times_seen":131,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/icon.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/icon.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:39:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2379\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 49, 8-bit/color RGBA, non-interlaced","md5":"e6bd6ddfaa17f736ecd7f570827b3486","sha1":"040e975eb4c8c979415663613b6f4562a4c475fa","sha256":"8197b15b5d84ebad1c40f807e5f2cd8520076fab2df968ef922e556cb00bb8a6","sha512":"3124b9297311d678a9a0c485668a794bdc5820fb9c5c152ad9b86466dbc39162452238ddbe705dca8c2b3129510c5e811eee7b453cef63ba192450d9ab4ee89c","ssdeep":"","tlshash":"12411b1e5fbb8f2e6c60839f83fe93cf11b7494c9888bb00403593e19208d597a54a8b","first_seen":"2025-07-04T20:25:19.257103Z","last_seen":"2026-04-30T16:51:55.390678Z","times_seen":293,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/3d-fluency/512/hdd.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /3d-fluency/512/hdd.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 114170\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: O9pZv9tHbizl\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Mon, 20 Apr 2026 09:11:50\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: true\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k+BtkyhhSqpvSgsmsU4/pHy6Hh9Sgk9JXHguF3suYef8NOog0TcXko/nJjxV\r\nx-77-nzt-ray: fdb54123863f674bcbc9e869307f4a2b\r\nx-77-cache: HIT\r\nx-77-age: 159\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":114170,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"fa9b2f2dd5a9578f24b8e9caf1515dd7","sha1":"04add2e3af6e562b3d8d23b7303fe37fb0209acf","sha256":"38a4329ceaefaf289b43ee8935fe7d2fb2b8e2a6c6ab6332b5ea5bab71388d2f","sha512":"b835069fe9226e66042f319aac76ec24c462c3040f0769e5f39cd83b3104819b61a16ee348249f9242ac77f7336a9b64495c9a9ca8c70ffbea6ca017ca7487fa","ssdeep":"3072:DeVKvnlNkMOufJahr27PO3bidBV2lwdHvWrlEDxP1a:C0lNyuhah67+MVpdsgna","tlshash":"77b301e74604c761c790ae3033585aac7be1a1a47005e036c7e572c3a66cfbeaed1ac4","first_seen":"2026-04-22T13:15:28.124411Z","last_seen":"2026-04-22T13:37:20.170526Z","times_seen":2,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":18,"dns":19,"connect":7,"send":0,"wait":64,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-11.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-11.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:52:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2766\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2766,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 181 x 32, 8-bit/color RGBA, non-interlaced","md5":"cd0159fd7a72155bb7de40309800a9b9","sha1":"39feaa84604e62e23e4fa6f90058a2b8ae10b212","sha256":"b4e2387e01d4fd21ddca87ab71f1543e34a613e489a91eb5cf085dd5649df869","sha512":"dcd63c568c0ca1a60993b253ce3362d242aa71ed4a9b94b9f521a745dc940fda207db4f35e6f327c135da074c29c1e719f8549478a928f1befbdf3e2ed8539d7","ssdeep":"","tlshash":"cb515ba0432df4baac29560127f6a0bbb41e122e0461ab276e7f481061981dc3c4ebec","first_seen":"2024-12-03T16:26:22.424234Z","last_seen":"2026-04-30T16:51:55.386303Z","times_seen":368,"resource_available":false,"data":null}},"time_used":636,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":636,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-13.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-13.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:53:00 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3283\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":3283,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced","md5":"a5b7a3596a5a9bf9a0f6d98434f5872b","sha1":"952a2cfde97a073c15f5f98a0708c06cdf6869a4","sha256":"011b438c658d3c1bb9f01f6e6dd244bd40e4409b0266979efe771c1a92dd94f8","sha512":"f4a271ccc6f788e8afd6a8b1031cd941467084929a47ec2243a10e584fb4abdc5322cc76999548ad3bc3c2b43f09fdbcc68653fc4bcba3ef234cff25d25e91e5","ssdeep":"","tlshash":"6d617dbec551f1beb0eded62376913280d73c9cda2084133e5f4d4dc321b0488668a4c","first_seen":"2024-12-03T16:26:22.427381Z","last_seen":"2026-04-30T16:51:55.385174Z","times_seen":368,"resource_available":false,"data":null}},"time_used":634,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":634,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Apr 2026 18:57:25 GMT","end":"Thu, 16 Jul 2026 19:57:22 GMT"},"fingerprint":{"sha1":"AB:25:45:8F:55:B6:2B:26:B5:B1:EF:90:E0:60:64:9C:56:47:0F:B5","sha256":"47:83:31:CC:5E:02:0E:51:A7:52:AC:83:1B:8A:A8:4C:74:11:A5:F1:61:8D:C5:6D:29:3C:9D:6A:C9:29:AF:7F"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://saviledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 19 Feb 2026 17:45:24 GMT\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9f04e4d95b260afa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-30T18:37:05.689998Z","times_seen":334319,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":12,"dns":7,"connect":5,"send":0,"wait":11,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/outgoing_message.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:56.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/outgoing_message.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Wed, 22 Apr 2026 13:14:57 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 5014\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69ca7049-1396\"\r\nexpires: Fri, 01 May 2026 23:29:43 GMT\r\nlast-modified: Mon, 30 Mar 2026 12:44:57 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-04-01T23:29:43+00:00\r\nx-node: m9p-up-gc68\r\ncontent-range: bytes 0-5013/5014\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5014,"size_decoded":0,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo","md5":"7bf3e4962a5ecf1f8cbcc2ff3428f531","sha1":"f75c694461a643d2e096ae8d0f6c1a9d19602eee","sha256":"d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11","sha512":"53fb17ca3361636acb0b80107f66810150a8bbed9aa5f878c2b1fb5a23ddf7fd349b30eb082b05efb3c0d08dc5383d30ef15d0ca99ad98d62e0a9a335112ed6a","ssdeep":"96:nKEOyBuK+1D2sMVx9FX7+0YQQinefV/1gr/EaadKXdGdimO1:K2QhGvYinsLE/SUdUime","tlshash":"5da1399616202262f6090cbf124ec2f4e3996f6b39044726b67cd290f46ffa25366983","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-04-30T18:52:44.013483Z","times_seen":14251,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/rocket.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/rocket.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:36:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 9382\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":9382,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 190 x 190, 8-bit colormap, non-interlaced","md5":"707a79c292684e9b5f923454698ba2ba","sha1":"891cb10727d95009f8a0ae716e52299aad057ede","sha256":"a03285eeb5d6f97835a4fe1674db232f80f3ab6d01c2cb61bd387a7b0a7a2472","sha512":"38c84ebb9e67c8c838a05e108c75c174587ef8ff80433c3e1af3a807438734c9e88cb65153ce5d08f6252e1b99ffb9461169ae9c13a60be34b016f5c71835e94","ssdeep":"192:8ooL+JyS/T49F93GH2+7ilWQ7bRQVP/4KHiC3Nd+yK7lre4:loL1SUT93Tsal7bRQF4KHNrHK7lS4","tlshash":"8912bfea80d9f4e5c2302af71450a727529c90c035b19e4be2ab5615783b2be14e76ac","first_seen":"2024-12-03T16:26:22.379427Z","last_seen":"2026-04-30T16:51:55.365912Z","times_seen":398,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-10.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-10.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:48:38 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2620\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2620,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 153 x 40, 8-bit/color RGBA, non-interlaced","md5":"e969e5e4b1a71f337aef65b877648208","sha1":"21bc8818827cc8576b1413d19a5ae791c586714e","sha256":"d4f1d6330da8406fe1cfc5e4a9d0f51f047a46d226817bd162948676c36a5188","sha512":"75112c07d2d5f0bc790be94e15db508fade5dcf6f86fc59da4cc60358c9c6c7340c95c10bcb4dc78a3fce296aa3e0d9bdeee612f3778bca4a35b3064bca462b1","ssdeep":"","tlshash":"00514ceec1289d27f9b89f5d13a00d290f64e76223ab3d7a3c84160d777185cab490d2","first_seen":"2024-12-03T16:26:22.422731Z","last_seen":"2026-04-30T16:51:55.384386Z","times_seen":370,"resource_available":false,"data":null}},"time_used":490,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":490,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-6.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-6.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:50:36 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2862\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2862,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 178 x 34, 8-bit/color RGBA, non-interlaced","md5":"1e58985d34e2487cd4938065dce36ccc","sha1":"d989faf08f38ff1c760f07ed5e9c0d6723de342e","sha256":"36ff1ace52f798558c3382eadc34a9aa9794459130f948d8978ccfbece00a15a","sha512":"c04765824ab4efb6468597d3ff11d70b4080ada7652d844b4f86a13c9053662df4ac52ae254789d34b3008d7b7d76ceb7ec206ee56c647529c6b353dca439144","ssdeep":"","tlshash":"42514bdab1df157ca01ab56b3944191a30a484ac2c85780b72c73df8d15c0a6525fb26","first_seen":"2024-12-03T16:26:22.419076Z","last_seen":"2026-04-30T16:51:55.36731Z","times_seen":370,"resource_available":false,"data":null}},"time_used":637,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":637,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-12.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-12.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:52:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2312\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2312,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 42, 8-bit/color RGBA, non-interlaced","md5":"870d166c8fb352aa7890e387ec05fcf2","sha1":"2fc77674a9fd2da48612908ae7f470e5d4a2bad1","sha256":"038673a1e98d22bd488fd918e9a97ee5caa5f73ddac8b7dbc748b5bb802b8b5f","sha512":"783120e08b02c67505bf3deb78e6d6175dc0fdb44cf7c512561fc3b74e2dadb99b33e070301111f3f5d8446bfbf2e1d2eea9070705f7e42f12aebde6d4f4dbe2","ssdeep":"","tlshash":"61411afd0255e13b59204af4363a9b249a9fb32931170229c0ac2f3f367dbc9008d2f5","first_seen":"2024-12-03T16:26:22.425809Z","last_seen":"2026-04-30T16:51:55.389643Z","times_seen":366,"resource_available":false,"data":null}},"time_used":635,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":635,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/script/widget/config/HLFwe8KOMK","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:54.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /script/widget/config/HLFwe8KOMK HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://saviledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 22 Apr 2026 13:14:54 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 729\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7200\r\ncontent-encoding: gzip\r\nexpires: Wed, 22 Apr 2026 15:14:54 GMT\r\ntest: azazaz\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: MISS\r\nx-node: m9p-up-gc7\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1458,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JSON text data","md5":"c265cf59503262a0fc964d5e2d65a669","sha1":"51361bdbd318f1fbb4d64e91e65981551ce01655","sha256":"cf318aa364931b09412632d5b9f239a667538c18c1d3ce35fd60be6697fedb03","sha512":"0231e375e5083dd4e45552b73dd404647cfef2973294807b1252ba73fd927d4a226401d76b334377d13e9d72c9331dd95876f3607f1b78d8398184ff059ffe17","ssdeep":"","tlshash":"4d3114f60d485c6b49867ec3a26bae13693c87a6eec50f71cb985d2c10663d5130b64a","first_seen":"2026-04-22T13:15:28.130519Z","last_seen":"2026-04-22T13:37:20.134566Z","times_seen":2,"resource_available":false,"data":null}},"time_used":976,"timings":{"blocked":301,"dns":1,"connect":143,"send":0,"wait":372,"receive":1,"ssl":155},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/ellipse-2.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/ellipse-2.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:36:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 9089\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":9089,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 127 x 250, 8-bit colormap, non-interlaced","md5":"a2410e4d287312c29a998c9625fff63e","sha1":"dc078dea24fbf7d6cf0dd6d49b58c9bd5ff1377d","sha256":"58c651018743cde0a222aa7b664305763848a4d047a406648fa82f405189d782","sha512":"61ac3a9cfc9ffd4e5455faf1238697431e8e45c9dc2995619a2f682c11287c54d723817912640faff4419726bac075a537c797a69267103b9a204cddcad5d874","ssdeep":"192:b6Cb9DchWIaitqgB3kic3OCo6j3U71TVX1rLkuLouVq22:bN9ohn50fnyPLkuLouVd2","tlshash":"9f12bf4603263a7881d54ef5e6cb82f204f0d689e9af41ceef9d3555be447323792358","first_seen":"2024-12-03T16:26:22.388742Z","last_seen":"2026-04-30T16:51:55.416072Z","times_seen":398,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/3d-fluency/512/networking-manager.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /3d-fluency/512/networking-manager.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 97298\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: IFybWKn8Vo3Y\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Mon, 20 Apr 2026 08:49:36\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: true\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k6PzC+8Fk4CzzA9qN7n1HA7QNxfAwUsXHygK1RzlxZG72hHM6TVnbIpyBeUN\r\nx-77-nzt-ray: fdb54123863f674bcbc9e8696787552b\r\nx-77-cache: HIT\r\nx-77-age: 159\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":97298,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"9095253757d507f681670b842c280d8c","sha1":"4e9c280210e16da7f839ba68718a120e89db0f52","sha256":"a3ab34be542ff542665a22aed5d094583058bb704742ef7010dbf7a9c2a51c04","sha512":"47a38d1232a4212629e62899ceeb028930d8b66a544f7a9fd9e9ebc0af3449a9b9d9d5bb2ac71d29d9dd1cf3f7cd68f6a08d71ea48d7f44e9dc87cf5e2939d12","ssdeep":"1536:HWmvNWkOtjBqh4g23dV51MCQ/jnWWGBxazpV10w5/KMwk2RzgruR0L1E47AqAEC0:2WvWBqlKTMZCLWPWPhzgKRA13Eqqrr3i","tlshash":"029312fce4ceb8a7c5865078563a386d34c2d30b964f2a16c47abbd1aa554194fbf202","first_seen":"2026-04-22T13:15:28.132581Z","last_seen":"2026-04-22T13:37:20.136523Z","times_seen":2,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":50,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/3d-fluency/512/link.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /3d-fluency/512/link.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 207444\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: xPX4qmtKvtBp\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Mon, 20 Apr 2026 15:10:10\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: true\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k5UTHrkCUzypm48RKUOG/b9c2R7gXi6EEy1ApFJ1wJfb0/NiGQqiNNrc2JdX\r\nx-77-nzt-ray: fdb54123863f674bcbc9e86954c14e2b\r\nx-77-cache: HIT\r\nx-77-age: 159\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":207444,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"e3974c82b5bcfb4167e7e95d62e1f0b5","sha1":"56b5afb4abd9abd0af88d9634e2ec17871dc2571","sha256":"0653bac62c9b9efee3e2c0bf7f97562554879cbc67a47a23dd47b4a9cb463f69","sha512":"04b589ebb400ee85c2f1523ba31b21fbfb6fb5a1b69e4e1ba2a5196836935925fa800d9c1bdcee2f88e9caf6613cf6ca33cc6a4f2c43dec60d90e9233fd754b7","ssdeep":"6144:SRZzrbLCw/Z6yTISRUk42o7A02/5+wdV1:SRJrb2e6t2o7A0W+Q","tlshash":"37141239b19448efdfb372d59d90386c666693faf769a87ac2c1a3b3110550cc821f4e","first_seen":"2026-04-22T13:15:28.134173Z","last_seen":"2026-04-22T13:37:20.17111Z","times_seen":2,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":17,"dns":0,"connect":0,"send":0,"wait":60,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/css/ef9fe7c/widget.css","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:56.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /css/ef9fe7c/widget.css HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 22 Apr 2026 13:14:56 GMT\r\ncontent-type: text/css\r\ncontent-length: 25412\r\ncache-control: max-age=864000\r\ncontent-encoding: br\r\netag: \"69de0593-6344\"\r\nexpires: Thu, 30 Apr 2026 10:16:59 GMT\r\nlast-modified: Tue, 14 Apr 2026 09:14:59 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-04-20T10:16:59+00:00\r\nx-node: m9p-up-gc54\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":137129,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"61690c6f4b544189c62d56da27ccef4e","sha1":"ec19d64de187dbbd2d1d178689fa0ec4bc150a22","sha256":"a34c2b77d49c19b654d8b6dc09dbb3a5c7284f456d4441f9c35aa5e23320f7d5","sha512":"4a07472b18bae495cdf7c9bfb8b6fb8b39eb05083ec915c7fa7bdf7e1091b0821bcf41b1ee3e8070e5d182d2676b22aa6245d96b48bfd22ec8895e8ac898dde6","ssdeep":"1536:GL5MTKByi6q65rhYDuZy/2o2uSAptyJ6w69+/lF43UW63FFPQvipOeOEDK6hcboT:laTM37F","tlshash":"7fd3f856ead2953cf91e951ac9c5aa3ca63dd102cf330dbff340a3d443caad21276949","first_seen":"2026-04-14T13:14:24.987139Z","last_seen":"2026-04-28T09:36:47.685978Z","times_seen":1142,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":185,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/agent_message.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:56.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/agent_message.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Wed, 22 Apr 2026 13:14:57 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 3760\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69de0593-eb0\"\r\nexpires: Wed, 20 May 2026 11:27:32 GMT\r\nlast-modified: Tue, 14 Apr 2026 09:14:59 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-04-20T11:27:32+00:00\r\nx-node: m9p-up-gc8\r\ncontent-range: bytes 0-3759/3760\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3760,"size_decoded":0,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo","md5":"8e9a165c4cb185ffd0b2658fa088e43b","sha1":"195873e5e8bbb2f5ecc32d95f90d6fb75817a649","sha256":"ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43","sha512":"6ef9fac16ac2835ecb95ab077270293a95a3597fd28fb053b32cfeb6b0a72b52c0ee51b0504a463ac9db1d8a3b2c6c41f113012d6364d16feb8e01821a3221ff","ssdeep":"","tlshash":"c771295c69348528f80b31b89f4b765ac1512c19a8f2ddd4a62818e7377b36a678820e","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-04-30T18:52:43.973437Z","times_seen":14252,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/bitcoin.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/bitcoin.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:37:00 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4358\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4358,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 97, 8-bit colormap, non-interlaced","md5":"e4506ff1445aecbf9674103cda1c019e","sha1":"45fa57690cd03838cd1cc7d40653cf0cde59d67a","sha256":"99b75681fdb03e68c762059e0ecd00196bc84a727eca75e2c94670e9a3771d34","sha512":"d68136b909fe553283f00331290aa3cbc9e34749cfff6744e924f06e2c8fa5ad99d48b95db1a09f9538abcf9eb8e84850d3f17ee1357171969886b9106ed602c","ssdeep":"96:NoDOFoNnnPByosGcwvslWqS2kpQU8FhXqd1TY3wVNRX:3oZPQgcPlPS92nC1TY3oNRX","tlshash":"8b917ead07a2e1d117286dec61289395139e750cd75cbd280f04dfbc55903aedd157cb","first_seen":"2024-12-03T16:26:22.382561Z","last_seen":"2026-04-30T16:51:55.416934Z","times_seen":397,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/css/app-CGpQ-zyW.css","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/css/app-CGpQ-zyW.css HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 23 Feb 2026 18:31:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 10322\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":67457,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a4cf5972675a206c709126fc7d2d7efa","sha1":"0ed00b85bed95abcf465990c244d3a2f315ed760","sha256":"7dba5d9e52e4b2b49e1f2c980d5fbce832003757799847e799949326cb8b0377","sha512":"bb9eef21e38e03773f9a40175b35039f5ee88539109acb2901bbd4e3c8169ccc882faaf5c319627cdfbe4f867e038ef5b9b6665db7c2fb8b38aabf12d3b88337","ssdeep":"384:k2fkzJxw1dtB3aDj6HaqczHMgmy0nTh/y/T/HZNUrAOSK3vvOiGD4nkCKHIw:0vw1TB3W6I7ZNUrAOt3vvORD4nkZ/","tlshash":"f963213d6b90003b7c6390f9d698fa5de61bb0c1df3a5aaabc8211209bd63f35c57614","first_seen":"2026-04-22T13:15:28.136886Z","last_seen":"2026-04-22T13:37:20.161521Z","times_seen":2,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/3d-fluency/512/security-checked.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /3d-fluency/512/security-checked.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 214602\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: SwvDja4ryubi\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Mon, 20 Apr 2026 10:07:18\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: true\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: kzsHc3o5HBullzIfTc6k2pGcl9HwvyAtVoJ4nYXu9OvK48qBZhbDNnGVbwJD\r\nx-77-nzt-ray: fdb54123863f674bcbc9e86985ab572b\r\nx-77-cache: HIT\r\nx-77-age: 61380\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":214602,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"45b8bafe30e9d4fa0c0b92fe3102e69a","sha1":"e7fd431be7f8453498c269e33d7e0b02dbce4d39","sha256":"85aa945bb857dca72f216718e1d054570f723d31c1e753b199bd4fa0d0cf980f","sha512":"030590fd7b75823a60d69bac53a8b1eb62e63dd074ffb72d182a2c22c1f47c6cf7292f3d7b0add1f2dfe1690aa2dde59a8b71525f7a362a61fb0bd07d683bc4f","ssdeep":"6144:QYam4BxVnM18tTluq+qfigpec6ow17sKqIeEG77:QnmwVPAq++ps1wKlk7","tlshash":"282412e357e9c4b9b27906209d25e48d3a622befe8d7f48f607c7ac00e112d75dda205","first_seen":"2026-04-22T13:15:28.137783Z","last_seen":"2026-04-22T13:37:20.156877Z","times_seen":2,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":50,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/3d-fluency/512/verified-account.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /3d-fluency/512/verified-account.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 211952\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: IFyb9G1c6yAC\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Mon, 20 Apr 2026 08:46:56\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: true\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k2/M3jDloYl/ImdyUGZ7ij/RWysk5znQ7C17cghj1jLzDX80jWoVlPml0ZND\r\nx-77-nzt-ray: fdb54123863f674bcbc9e869bf61b32b\r\nx-77-cache: HIT\r\nx-77-age: 159\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":211952,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"02f23af9ea8e36945709602994d0104f","sha1":"279c72f8a3ffd30518cff76694bf5bf9f5ab702f","sha256":"cb2d082914cce443efe5f8a6c873fecf7e75e888cf44c74cecc68461860a121e","sha512":"06590f4cde5a0385dfe3e16bb38bca50a9e5defad3077ea1b686becb73e5fc3bd5236318cc290625051ef634c36a9909ecd0552ac5863e4664b2026489b11c31","ssdeep":"6144:IC274pE4NRWOFBGxX8Q4aVuMNmMqbJXZigb7kDUQ1:jJpPDWO33DaVuMoMKZFXEP1","tlshash":"3b24128fe85467d934aa33271d437dbbcdc4a4608fef54db58c9da702a85062cfad680","first_seen":"2026-04-22T13:15:28.138824Z","last_seen":"2026-04-22T13:37:20.157551Z","times_seen":2,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":76,"receive":104,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/3d-fluency/512/source-code.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /3d-fluency/512/source-code.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 63290\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: i1DTRHrbIVcm\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Mon, 20 Apr 2026 14:25:55\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: true\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k8JnpsKWwtuTmOHv0qAXpTNC9ViGexuMWHeu0tpM3e3xgPE2hpDL+vUfIZzg\r\nx-77-nzt-ray: fdb54123863f674bcbc9e86970d14c2b\r\nx-77-cache: HIT\r\nx-77-age: 159\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":63290,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"a12a2aa59d2a6221942d43ae22f26859","sha1":"0d51b4e874a61b7229d41ba4b92d4f92f0851ec0","sha256":"910c2939c158d2d9fcddce42ec20f043984ec84721b815b45d47d1a04687294b","sha512":"e63dda792f1c370beacda0108ac102ee4cebee20be3a4dc98ce14cb822161ee712c406560b5aa086fab5b709cb84de9a55a1637aa8531d5799aefd0146bf9698","ssdeep":"1536:7rUC39NEwcW13uWc2ksw5jxEnRi55BcCaQ:75tNEvW13umkpXO0TBcCaQ","tlshash":"b553f20de5c0ca32eed606b6402360b4cfbec9548fa66b0e675167b4ac9653dfd1824f","first_seen":"2026-04-22T13:15:28.139823Z","last_seen":"2026-04-22T13:37:20.14556Z","times_seen":2,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":60,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/3d-fluency/512/password.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /3d-fluency/512/password.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 171219\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: 8OdwzXFjBVH2\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Mon, 20 Apr 2026 10:09:53\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: true\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k683HsjnIMtwDF7HQPlUAMY6DIPLwbQ4byCPhHQBmv3RY9wk3GU6LnJjTX1r\r\nx-77-nzt-ray: fdb54123863f674bcbc9e869a40db62b\r\nx-77-cache: HIT\r\nx-77-age: 159\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":171219,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"5720d269bc3b2f91c0ce90ec869a4857","sha1":"aad82341876d06f63858994eccd3e761d774a5cf","sha256":"d23bc3d5937867c3fa80fa2ddefdf303e9904dcbfd317bac8dff3075b5b76c0b","sha512":"a99fd6b72cfa8c7ea04c4cc64d6337450be4ee3679c51ac99ed551559e1ca49e72f47ae68c0a00e05e162857d1c9755526df75b6ac8bf048bcfbec537fb24f88","ssdeep":"3072:hkXu/Xa9tdHtwj5iFXILWXxtx8Y6ln5zyd5ZffajjV2fx/cucLIyBDzDd9:CXWKPdHtwFixILK65zyxfajZucsyBHDj","tlshash":"e8f3131a204cc97d3c465de795aa061cda8df6604b9a2cfbd6e08340b7ca4a2ed4c5b7","first_seen":"2026-04-22T13:15:28.140622Z","last_seen":"2026-04-22T13:37:20.16897Z","times_seen":2,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":52,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/ef9fe7c/locale-en-US-json.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:56.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/ef9fe7c/locale-en-US-json.js HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://saviledger.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 22 Apr 2026 13:14:56 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3431\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"69de0593-d67\"\r\nlast-modified: Tue, 14 Apr 2026 09:14:59 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-04-21T22:02:59+00:00\r\nx-node: m9p-up-gc53\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10672,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10645), with no line terminators","md5":"0f87471a3d1fb33be6a51912861776bb","sha1":"8bb52b99066392f10ab336b980dfbe0b8fb4dfc6","sha256":"34e2fac9b502488543160a64f763a23608d196acf4dd0c4fecd57ef957572fcf","sha512":"a363d37884af6c3b20e287e9324a16055968acc28d04f79d7acb9b5f8a0cc67e7edf70d05495a9e9dbe14996e704484d9b710ae06e12bd6d87d9d68b515a54e0","ssdeep":"192:xbPfmk/7Obf14M6dOIpUTPqZ8BijFLeEJK:x7fH7ObdFWOIphZ8wjFCmK","tlshash":"a222d71ee7017f360fa613c3744f7b5376a480e592646c75d89c826943b9bcab217b8c","first_seen":"2026-03-31T14:01:24.495424Z","last_seen":"2026-04-30T18:42:58.764497Z","times_seen":647,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/notification.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:56.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/notification.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Wed, 22 Apr 2026 13:14:57 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 5808\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69de0593-16b0\"\r\nexpires: Wed, 20 May 2026 11:29:57 GMT\r\nlast-modified: Tue, 14 Apr 2026 09:14:59 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-04-20T11:29:57+00:00\r\nx-node: m9p-up-gc7\r\ncontent-range: bytes 0-5807/5808\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5808,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural","md5":"9aa341af370c4e59155717260ba0f282","sha1":"0c1216ecead8d1409557c843d96202c063f3f252","sha256":"1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab","sha512":"e6663f8406d859a7ae65e6eb9512ed1e79244b8f5b2119823f80fed99c17dd4a086cc17083f3cd70b6dd990c39b3be80142f303a7c2a9fbb9302147e700fa5cb","ssdeep":"96:XYLRSqytFnbfWnHBaSvgEyZMZuiusJ0jQDrrQNw:IMTnbfGhaSvg/inqc0m","tlshash":"cac1297acc3c146fd81e88b53f3bb0c9421c61803a00d8e61c99bb5bd6b2ba975468d2","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-04-30T18:52:43.996025Z","times_seen":14253,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Inter:wght@300;400;500;600;700;800;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 22 Apr 2026 13:14:51 GMT\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17689,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"30e76aaeae29f594433bc728a08b4d8f","sha1":"ac1b677b4d702295e7802802376ddd8c84acbc13","sha256":"395e51e3dc84faf99710da8cf316e573703addd6eb598e1b334eff76653e820d","sha512":"93b1661d34210abbdb2c6cca46bb229254b615ba07c05dbcadb65199b9d1e61e18dbb4302236e89188ddc34be20528f503f6140358f82385b1f0e621f93ec4d8","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGfNx0NO3kV:8KYXuM0p2+g7GQK","tlshash":"b1828892002ba400ab971dc233cf7f3aaece10896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-11T05:09:40.151737Z","last_seen":"2026-04-30T19:09:06.116318Z","times_seen":2910,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":111,"dns":0,"connect":7,"send":0,"wait":18,"receive":0,"ssl":114},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/widget/HLFwe8KOMK","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /widget/HLFwe8KOMK HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 22 Apr 2026 13:14:54 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 6194\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7200\r\ncontent-encoding: br\r\netag: \"69de0593-1832\"\r\nexpires: Wed, 22 Apr 2026 15:14:54 GMT\r\nlast-modified: Tue, 14 Apr 2026 09:14:59 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: MISS\r\nx-node: m9p-up-gc71\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18118,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18118), with no line terminators","md5":"bc36f9b94a67eb56edaa3da5e250a105","sha1":"4945c36abe783ea673212487adfdd2260031dd5c","sha256":"47057cbd0c948be21fba80fdc675d5da2d4adaf86e78115733dc75832769786a","sha512":"fb44e5e62125b354d76e3e79c184e2d936a3730e1038344f9d3e683175c7849d84001a54f45b321c80c5a7e41d5aebb5a762292bbc7c2ae6803aaa28c8663242","ssdeep":"384:boU+JvepohmPF0jbrArr0aX55Mf7qISOqrebz8sROweqWcPdv:UI/UAjX54cr7sXWcPdv","tlshash":"a8823b6e7959b97743b218b9516f6209733549ebd404c920a401e98d7cb8ace813fef8","first_seen":"2026-04-14T13:34:30.591514Z","last_seen":"2026-04-28T09:29:37.713367Z","times_seen":1204,"resource_available":true,"data":null}},"time_used":4578,"timings":{"blocked":2192,"dns":931,"connect":135,"send":0,"wait":172,"receive":1,"ssl":1144},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/Web3-removebg-preview.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/Web3-removebg-preview.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 13:47:36 GMT\r\naccept-ranges: bytes\r\ncontent-length: 151418\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":151418,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 601 x 415, 8-bit/color RGBA, non-interlaced","md5":"c4d37867f4b8f86b8777d31c3c0d11ca","sha1":"3360e480a4122baba0da3a59fe3fbe8a6e024199","sha256":"eca74dc4682cc245b7f85669d0002439057363f97f94553f99b7979d67826462","sha512":"d520a2ddec4dd5d6b16281e25724bca0633e1f198ea9ae3d705da9e86d2ce282714e92db3663bf70f4d2a9ba66ecc69e2a0fa6e64f5765b397d107ee01574f8b","ssdeep":"3072:FovnvUY3XwR+gRxAnv/RwxfJd802nTBXShIdiT6GpmM8KQaetNfTwMtuPv3p6:evdH8BzAv/RUfX8xTB4IdC7pmM8KQaAn","tlshash":"b0e31200f2c4c963ccea26506ca6cd5b60e77794c6b6afd59989337664cef6d9030e8c","first_seen":"2025-07-04T20:25:19.276615Z","last_seen":"2026-04-30T16:51:55.387387Z","times_seen":277,"resource_available":false,"data":null}},"time_used":829,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":327,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/get-started-recovery-phrase.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/get-started-recovery-phrase.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:47:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1468425\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1468425,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1432 x 806, 8-bit/color RGB, non-interlaced","md5":"09af3d784a23d6fcf2c6b87b8e308f95","sha1":"39ddd5e5addbacebd5a809671adc24546f55f8d7","sha256":"1a7d347aa2070dc1e30a6f81ee47f27ceecf1c30ea517f5b01781a584bc2ba63","sha512":"20ecbf0e65a19f32cdc3d14a77cc99aa882545be091b1375dff205a2a86672df94e28a3a07942a6b4ee36d25c6d869b99a83d113a052373385f4be595468a2e1","ssdeep":"24576:Vzd/tfLcjQQJRhNsHXXPy6sEFRSZUkyZFUJE+Qx:9xtfLcjQQzsHXX667FRS6noJEx","tlshash":"d525339a7d06d9e7f742c3a47f1a6e0e20c7d61f0b31cabe4890214d13ae67866797d0","first_seen":"2025-08-04T07:01:28.337589Z","last_seen":"2026-04-29T14:13:20.440662Z","times_seen":229,"resource_available":false,"data":null}},"time_used":1163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":649,"receive":514,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-2.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-2.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:49:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3464\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":3464,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 194 x 60, 8-bit/color RGBA, non-interlaced","md5":"150b1dd3c9ed5e94193d8a089114b8e0","sha1":"2b4cd54a69280f5ccc96d613289726e8a944756b","sha256":"ef3822fb6c16fbfd51fb868fdf7bfe44eb73a6a08f720c5056f65ce57ca74eae","sha512":"d4df18c5eee33a2f2241201d6aa7c42bc9bcf8597b7480534e1d1fd33c89591b8b68d821c1fb94d9cb430b5e36cccbe45d4957015a464ed37b840b1335ab5d56","ssdeep":"","tlshash":"78614d4776d0450ef45ea251ae82b7d1f4fa5f38b2279cd4b47aa03acc09dd9c097a10","first_seen":"2024-12-03T16:26:22.415688Z","last_seen":"2026-04-30T16:51:55.426701Z","times_seen":371,"resource_available":false,"data":null}},"time_used":485,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":485,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-22T13:14:50.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer\r\nx-xss-protection: 0\r\ncontent-type: text/html; charset=utf-8\r\netag: W/\"14bb0-QzLouu/84RYnqsAjSkWVpUdXUs0\"\r\ncontent-length: 12621\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alpine.js","description":"","website":"https://github.com/alpinejs/alpine","common_platform_enumeration":"","icon":"Alpine.js.png","categories":["JavaScript frameworks"]},{"name":"JivoChat","description":"JivoChat is a live chat solution for websites offering customizable web and mobile chat widgets.","website":"https://www.jivosite.com","common_platform_enumeration":"","icon":"JivoChat.png","categories":["Live chat"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84912,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (536), with CRLF, LF line terminators","md5":"1c60afb65d49f6343d3b2f5db148795c","sha1":"4332e8baeffce11627aac0234a4595a5475752cd","sha256":"0178351606740d23c57246d83ec581479cd425acb4b6954b83132712f91e8b9f","sha512":"3c5d4a81d61ebc4294c4d83ed246ee30adbc1eec5e83ff9c5e89fab55e677899c4731687af991aca12bde7cfa3d2b3d8758ca82bb53017aeabecdca8986ac4fc","ssdeep":"768:xVmsq0uSF4hSAZfcp0f2A1tFAm624jl/GzQPF0KhZagnNELvLhJ8sowT:N4Iu2A1tFAm5+xzSea7J8sowT","tlshash":"2683a56453f0157701a381a2fa72af6eee95c643c71b494a73ec8687afd6c05cd43298","first_seen":"2026-04-22T13:15:28.145204Z","last_seen":"2026-04-22T13:37:20.138296Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1116,"timings":{"blocked":395,"dns":3,"connect":162,"send":0,"wait":325,"receive":1,"ssl":226},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/3d-fluency/512/blockchain-technology.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /3d-fluency/512/blockchain-technology.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 106471\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: OfULsxLTqVmm\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Mon, 20 Apr 2026 09:52:45\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: true\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k5nsP9HZwAI6lLlKy7ZN7Y3ut9+0KdRwWJpC8hB3p7nC55EmP9iLmyIV21qX\r\nx-77-nzt-ray: fdb54123863f674bcbc9e86951bf532b\r\nx-77-cache: HIT\r\nx-77-age: 61380\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":106471,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"4a960ab4eb17128ceccb811fd7f52090","sha1":"eaed277d0fa2b1428986040b26eeebd29e3b8d98","sha256":"5d8dda2e16d39253ef9dc12f3db41a03efbbaf9e0dfd7a9c76adb687ba3ddbbd","sha512":"7441c115a12f2cac1a7692fb2042c91f2f869015e80e4b821bba6e9e1d42b24d73e557e90392be8dfd870372c5617dca25053394812af69b8f9b6c9d6715191f","ssdeep":"1536:+3m6ec6ymnMPsG3H90ZdSp6zmFRdC3llGCvRLAzQEeWdA9sOpnLg6XvjeUY:MmpqPVH+ZdSICc1lrKOVDvyUY","tlshash":"8ea3029d8a3f6f418877c3771889cd88c6f20b7349651d29050b6fbdae19b764b884cb","first_seen":"2026-04-22T13:15:28.14595Z","last_seen":"2026-04-22T13:37:20.161006Z","times_seen":2,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":36,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-9.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-9.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:48:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2900\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2900,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 182 x 38, 8-bit/color RGBA, non-interlaced","md5":"63d3e3665e680525abd91ca053f96c97","sha1":"e99f89896954ea3e0722b61a0e5e9f3887e0d9e0","sha256":"6cae3bc2c8e8123733dba1735f041bc4521277250e0d500bdbb7e475543e0aa1","sha512":"996254e5f5be80ff11f05ce7bb85c1d1fc4c3043fb313409cfd5eaa1aa369e05404673485a6da6e88d8787cdd62e2f377ff3b46c01df2447c652fa5b4960ebd2","ssdeep":"","tlshash":"a3512a5659153d26e6c34aae2a840a257f828f37e00f4ed229293196db67080bb6d720","first_seen":"2024-12-03T16:26:22.369579Z","last_seen":"2026-04-30T16:51:55.375657Z","times_seen":372,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-7.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-7.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:50:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2901\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2901,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 206 x 36, 8-bit/color RGBA, non-interlaced","md5":"b7cae4a6dd38d6aab4a2d8d52a91071e","sha1":"3a9deb5ca09f8ff2273c1ab383244c4373787a0d","sha256":"563d56c3ebacb8492f2c3c097ca637591b9c2301eab88d4e3d0293fcb6e7de2c","sha512":"a95641797b9265b83a551b6de90ec537279ac162a0437619a0bf00f915d1469fe03a3cb9dd0321c9f45dc680717937b4af3e6afd956c8404dec85f695385fe55","ssdeep":"","tlshash":"5c513b488606de2566ebe8b38393fd7cd12e41fd5109d389979e1974004e8d27176234","first_seen":"2024-12-03T16:26:22.421103Z","last_seen":"2026-04-30T16:51:55.404339Z","times_seen":367,"resource_available":false,"data":null}},"time_used":637,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":637,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"backupcash.pro/images/icon.png","fqdn":"backupcash.pro","domain":"backupcash.pro","tld":"pro"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.722Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/icon.png HTTP/1.1\r\nHost: backupcash.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T18:35:16.871426Z","times_seen":14435417,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"backupcash.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:52.061Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://saviledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 22:33:37 GMT\r\nexpires: Thu, 15 Apr 2027 22:33:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 571275\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-30T18:33:48.435559Z","times_seen":160733,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":58,"dns":3,"connect":7,"send":0,"wait":10,"receive":12,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:52.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://saviledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 22:33:37 GMT\r\nexpires: Thu, 15 Apr 2027 22:33:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 571275\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-30T18:33:48.435559Z","times_seen":160733,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":52,"dns":0,"connect":0,"send":0,"wait":18,"receive":7,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/img/identity/website_favicon.jpg","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:52.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /img/identity/website_favicon.jpg HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:52 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 28 Feb 2026 14:07:44 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2720\r\ndate: Wed, 22 Apr 2026 13:14:52 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2720,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"33bf17aa9bd55c3f8bcfdb401e7d19a0","sha1":"c2bb3c80927ee3038c25514033bd596804155094","sha256":"553e9f6c1ed7f89366db8afc0af8fb44fafe9f6795ee0147f4b1cff205c95265","sha512":"e5952b2dd7866ed4497997f6c32a308595c30fec32918c749764a5f8b479561e3198c1d58dbfaf56482163043ec8d50ef7cd8c9cda656098a9847ea2a9cc5f71","ssdeep":"","tlshash":"f6512905d6c66e80414893bc7efd3db4a29ff6a4b014457da3fb5705e82d62025ab0a8","first_seen":"2026-04-22T13:15:28.148555Z","last_seen":"2026-04-22T13:37:20.159721Z","times_seen":2,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/bundle.js?rand=1776174542","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:55.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/bundle.js?rand=1776174542 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 22 Apr 2026 13:14:55 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 341846\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"69de0593-53756\"\r\nlast-modified: Tue, 14 Apr 2026 09:14:59 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-04-21T13:51:26+00:00\r\nx-node: m9p-up-gc58\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1549192,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e65f2c7a3f9ae403172c361239b6148f","sha1":"a581e66ca2d069253183ef0aa358bb27bcec33a7","sha256":"59d650389f7b09ad4bff086ffed009298381e5845b08d882ea7a39c69ebd8e52","sha512":"1f64d5b0e0e7410ec1f14f630c8c12c95db3419082d87b651652026320689a50e144b89c743b10f751ce9811c0b6ee8463c576513dca2e0e6e0aa66d912379d5","ssdeep":"24576:DcdR2+482k9n4pzCuZlhEacrkPGukiE8SBC2tzPSF:DcdR2982k9n4pzjcrkPGukiE8SBC2tbi","tlshash":"43254ac5b1c1f46502d355e6643b2009b23b285e3809b064fabcddcbfa6659e6233f79","first_seen":"2026-04-14T13:14:24.867791Z","last_seen":"2026-04-28T06:38:58.956913Z","times_seen":1127,"resource_available":false,"data":null}},"time_used":665,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":160,"receive":505,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-3.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-3.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:49:32 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2987\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2987,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 188 x 36, 8-bit/color RGBA, non-interlaced","md5":"2c831ef2783a43a4a4c00276aafe6ad4","sha1":"2d1b9aa8ce2a99041e5a9c57ad80b75f7b25b776","sha256":"3bbb499d32174a425e86e1eb6dcc5f39240e6c33c61692b3235a048d94b7a846","sha512":"8c54bc545566ef9a49ef8f76e9f05967e2350953a4d16e0b31d0411c87f706f095b0210966636c16907a310a72e9651afc465abfa8a09ddd660965647286c655","ssdeep":"","tlshash":"29515dea2308831b14ec44d1ccbcdfc76e1f254606adf0736f11902611c17e45bd11ab","first_seen":"2024-12-03T16:26:22.417275Z","last_seen":"2026-04-30T16:51:55.410235Z","times_seen":355,"resource_available":false,"data":null}},"time_used":485,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":485,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"saviledger.com/general/images/item-4.png","fqdn":"saviledger.com","domain":"saviledger.com","tld":"com"},"ip":{"addr":"67.223.118.14","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://saviledger.com/","date":"2026-04-22T13:14:51.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"saviledger.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"11:90:B9:D6:44:70:53:47:FC:15:7C:69:98:08:EF:33:3B:71:91:D9","sha256":"05:49:E2:CC:62:C1:E3:AB:FD:47:86:C9:23:DA:8F:75:D9:87:BC:02:B2:F2:77:CC:14:5C:39:33:6F:95:CC:B3"}}},"request":{"raw":"GET /general/images/item-4.png HTTP/1.1\r\nHost: saviledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 29 Apr 2026 13:14:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Feb 2026 14:49:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2847\r\ndate: Wed, 22 Apr 2026 13:14:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2847,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 154 x 34, 8-bit/color RGBA, non-interlaced","md5":"d1c0995c14c5d9c20add14a4c6fa0b00","sha1":"de1ce5e9186b465750ac180a1d48579cd57b0dfc","sha256":"025b3f7e35e1ef612d16c2e3254f3fc2764cb660e6ec40411ec51d93d1621c16","sha512":"372931d1b2f90a68f284db84c536917ece723b2a2273b1ebe1d4174aa40b3042b1b0720322c06a6dfbad03d1ef1748d4cdd5efd98b45c32ed19668d684b5b1a9","ssdeep":"","tlshash":"6d513acc8064d978b2635011bd4caa8404e718b2f985384ba42e8268d38cc2e34c7fbe","first_seen":"2024-12-03T16:26:22.365691Z","last_seen":"2026-04-30T16:51:55.372294Z","times_seen":372,"resource_available":false,"data":null}},"time_used":485,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":485,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"saviledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}