{"report_id":"673ac4a2-ec1a-4970-95cd-6333716e069b","version":6,"status":"done","tags":[],"date":"2026-01-07T11:17:27Z","url":{"schema":"http","addr":"gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":0,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"title":"Оплатить онлайн | gematologbindasova.payform.ru","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":0,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T11:17:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-07T11:17:05Z","timestamp":1767784625,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":37952,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2026-01-07T11:17:05.574517+0000\",\"flow_id\":1846274381962805,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":37952,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":911,\"bytes_toclient\":3425,\"start\":\"2026-01-07T11:17:05.515637+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"stat.prodamus.ru","ip":{"addr":"158.160.71.54","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"domain_registered":"2009-04-29","domain_rank":0,"first_seen":"2024-03-26T11:21:11Z","last_seen":"2025-12-01T17:57:13.279937Z","alert_count":0,"request_count":2,"received_data":842,"sent_data":1080,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.25.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:8.2.17","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-04T22:21:06.427471Z","alert_count":0,"request_count":3,"received_data":97541,"sent_data":1416,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":1,"received_data":11460,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ipinfo.io","ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2013-04-23","domain_rank":1327,"first_seen":"2013-12-16T07:25:53Z","last_seen":"2026-01-05T10:28:03.370205Z","alert_count":0,"request_count":1,"received_data":755,"sent_data":464,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"gematologbindasova.payform.ru","ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":51,"received_data":2813580,"sent_data":34208,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.0.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"jQuery Modal:0.9.1","description":"jQuery Modal is an overlay dialog box or in other words, a popup window that is made to display on the top or 'overlayed' on the current page.","website":"https://jquerymodal.com","common_platform_enumeration":"","icon":"jQuery Modal.png","categories":["JavaScript libraries"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"FingerprintJS","description":"FingerprintJS is a browser fingerprinting library that queries browser attributes and computes a hashed visitor identifier from them.","website":"https://fingerprintjs.com","common_platform_enumeration":"","icon":"FingerprintJS.svg","categories":["JavaScript libraries","Browser fingerprinting"]},{"name":"Bootstrap:3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/js/stat-fingerprint.js?v=3","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"99eed266b11347f0f31b9eb61bc20688","sha1":"c80e27d395a2b9bbd6a5f1156854b28fc7584f94","sha256":"1cf2f388e5a408b740268cd525f2c39ba0402395efb8c731fccaa6f4a997a9f6","sha512":"157700759abd68b086b1e64d745e32412d9866544bb708a210f90d464b286d6ee069256b7fbb2bdc616db9648adce8d832810194b268897c456a3a81038ba5aa","ssdeep":"96:8fe81AEBtaHRJC8XXjT+GiuaNQCJJMQoWyqS:Yd1AEBtaH28XX+A8vQWyqS","tlshash":"d4a10c49f8f799e165ab75ae4bff9404b6e3e0032448dd017c8e96008fda63c5198bdc","size":4769,"data":"","first_seen":"2024-10-26T12:11:27.907975Z","last_seen":"2026-05-07T10:30:00.796579Z","times_seen":53,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/intl-tel-input/build/js/intlTelInput-jquery.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"b505fd89167f1bc1b5fab1e24508b9ba","sha1":"5d8c2d6d475d515c13736b4175dc1f027012316a","sha256":"4fedfdef2e4144de36672a06d27bde5a38d56ac7711c82c423eed38bba39d059","sha512":"5cc4178788742a7d44cba21c54a737d651839265d5dc5c4c9a5574be659e53f3844ee49f054ba78c07ede5789c4e21977e3b807349fafff7506eb7d124ee5167","ssdeep":"1536:DoOHUQMt49TjqAHSKWG6oF4J9x2d2VnDkSr:jbrjqAHSKWGjFld2Vnxr","tlshash":"e983c51ea7eb03279cb3e16a2faf514e626445174606cc043c9c9bc81f4e87596f6bf8","size":83080,"data":"","first_seen":"2024-08-19T14:03:54.688742Z","last_seen":"2026-05-07T10:30:00.749059Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/jquery-mask/jquery.maskedinput.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb2a5846df151c66877e0c198b61b684","sha1":"95a26d7d09bff3cf0c3a8a3b75056c73410e90fc","sha256":"fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62","sha512":"7782a4428864f87b301ace80d5de866a4e816fdacc5adc6339ad08898e3d4374de15de710338d65c30815bd452ee6f3a150e11cccd8174799d2679ca458927c7","ssdeep":"96:rNYaTbFaRZqD1B7sfha1s+Gib2V81qJQOPG:KaQRZqKhadGib2VyO4","tlshash":"a591c999bdd0710361b308e500bf861981395fea542f95d2a021f9dcbd38e2921e7d7d","size":4324,"data":"","first_seen":"2023-03-07T01:16:53Z","last_seen":"2026-06-03T18:03:17.470136Z","times_seen":3464,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/classie/classie.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"a9df1cfb76ce492afd9d13f3320272fd","sha1":"782b9564f015a2ec7bdf9c89e238fab9b44bd587","sha256":"717ad22aa426d024f6c9942949b49d9a20f4239b94dfee34f94c96d8778f2144","sha512":"af0a8d2bdd0b1b4d5a45bc8bf586adcbc644a87aa5fe8287c63db2759b155efdd56d7288bba700f5aee57ee26dc603e18f9867505a401309b96dab7ac16b0613","ssdeep":"","tlshash":"9231684c71b728fb95e3b1af125fa02432a8c451e3085d22a4fb91401f395a9a0f9ffc","size":1835,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-06-03T16:11:50.214789Z","times_seen":13000,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"3c7ea36f778b78fff5b5b0bc89d48416","sha1":"bc5328327037d5df78c43a0bf7917371769291a4","sha256":"83f7165cbae71fd4dae0e228ff6b28febd74481bbbc059140665030f321a0e4a","sha512":"72e8d83714bc94b30b2f65757cd36810015eea1df7704bb452ddeceee5c38fd9951008adbcfbf90ab636490bc8a111345c88b3449752832707745af3b22506fa","ssdeep":"","tlshash":"a490040f5053dd13107031c55f333f003c00135d75c11140010cd355f504c03cc041c5","size":45,"data":"","first_seen":"2024-08-19T14:03:54.68462Z","last_seen":"2026-05-07T10:30:00.832678Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/js/detect.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"43805e47b7707f74eb54d49cf1cb5a51","sha1":"733d2f72901a42ec70cf738dcacd8666022e089f","sha256":"22a67790ce6b6632c0c1780e5c9edadfd7b5e306705213dfa36979d9508fe645","sha512":"88db8c3397268970ef9385424e9e9411b0f0632fdd0370854d360a07afd5f8b0fad92e7c4d067eb32917ce19954f542fa870f7f5985e72c3c65e3654688b9259","ssdeep":"384:WLcreJZ3lxNgU2H/6qG8erf0l/6n3vE2ORdTonl+A0k:uw6qG8mcl/63fjlok","tlshash":"05c2df6431d6b9d3881a704224272e27623a1df197cee26c9301c80f796d9fd6a397fc","size":26227,"data":"","first_seen":"2023-03-07T18:38:07Z","last_seen":"2026-05-27T05:08:31.205476Z","times_seen":377,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/js/site.js?v=37","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"17707df4243f30fbe5ea4bbc14bb693d","sha1":"ce8ff0e809171f0044779d74ce55a16594e51e16","sha256":"a09b5433726e840d9a8e135a7350574d4882f2de56609b554f1ec110f35cecb8","sha512":"b62bcb3f29c9869009e1564f693dc554dd5093154e651397416b2a4167bf883d22067f5c32fb83d5c6869629a5ccd9dbe690a1ee855674740eb054bcdccfd438","ssdeep":"1536:d8q4MaWcK4ku6j3Sv4MjFdAXQO6pjtcrVhSAUENaT8q:d8q4tPOWj+vSAUEi","tlshash":"5563824971f714710037b07b8bff65042636402b590aca207dad17a46fe5a68a7f2fbe","size":70386,"data":"","first_seen":"2025-12-01T17:57:17.056476Z","last_seen":"2026-02-18T14:42:00.583642Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/intl-tel-input/build/js/utils.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"b7188954eaa4059b0ccf280e90a3664b","sha1":"acd2cc648b43a6aa7a93c6b84a0ffc344e29c313","sha256":"03691eacff9666b010172f9860a7a647003ccc7198a4bec5667bfbde2f52374d","sha512":"b821ce96729d1495b1f4bda81f1ad6b18bc97b555666d433bcc96569ed8e3b645ece5899304f0d412f018d0edf77b38d2872f3b5c86ea744fb04864397eaedf1","ssdeep":"3072:yxJ0KSjvUhO58hzL5+L5kWCHe3JSZn1YpuwGXLXnRqLo7cZ5rzS0:yxJ2CL5+L5/CHdyV","tlshash":"b924ceebd63c973aa1d97b359a8eb7cd1a8cbc93c45856782ac3b54f537c4e07128201","size":222687,"data":"","first_seen":"2023-07-16T11:29:18Z","last_seen":"2026-06-03T17:22:47.535732Z","times_seen":1421,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/getfile/widgets/jquery.allwidgets-1.11.1.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"e0f9d80d7a80cfeefb4de89c9cca2d5d","sha1":"d8d9e4246536eec42a17fbed0c5f3f4c2ee560db","sha256":"9a5761fa50aef633bec19bf9c67f14415ad21f6eb3cd6d275879b71269964874","sha512":"e0dd699d9d25f8291b0cc6a9c99cd603d7f11f0b9ae37790ce409656edc3922d286ffad97f9c3d3b25095dc099f1fb6c9b9e94c8901e792dcf2467fb4222ef6b","ssdeep":"3072:MNMyqhJvN32cBC7M6Whca98HrPxDk6UPS1lippePIlYI7pSDzOyAskRsPoeQ9+SJ:Mq17hbvca98Hr3U+lgtYIUGeQ9Xu89","tlshash":"6da4198cb3a5363281ab6079157f550bb136846ee509881cb43c8edd5facd1821bbf7e","size":452672,"data":"","first_seen":"2024-08-19T14:03:54.67215Z","last_seen":"2026-05-07T10:30:00.821507Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/bootstrapv3/js/bootstrap.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c237312864d2e4c4f03544cd4f9b195","sha1":"253711c6d825de55a8360552573be950da180614","sha256":"d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8","sha512":"e18a5959736a9ceef67b40daf7964c519c678d680bbda8d2c7679281f5d349a286c99b96ca24e7a8e64ce987d372d74ae12da7255c606ccfe27ac13a35b5a3d2","ssdeep":"768:b8lBD27UwlNBMl9/qahC2+jS1g8ep0skCXFXflcKGf3Z1RQ:oe78+S1Klvla3ZrQ","tlshash":"f5f29606b23031a107dfb1e5515b020b72396a6ee90690bc78b9dae53db9c48717bf3d","size":35951,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-06-03T17:04:38.727873Z","times_seen":10031,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/js/site-paygoods.js?v=13.1.14","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"f19df9705e5d40873e17333ffe207036","sha1":"56a439d17fc152652063320101c21ef1be3ba7bb","sha256":"369014876b97881a367940a4c363baa4cfe208d559b3746cf305d33b4de827da","sha512":"491a9b8a7c1141a34d07da88aa0e1bdd6551fe62140c88d78c96f6a79323ff577af5119829d2c7f52b7b682446f9793982f9168974ad87f396d0ea71a9dac49c","ssdeep":"384:4DBWdKrH4gXTto3HjgsYM8n+0l2UyFSzhYU:sQdKrYeTtmHE3MhU40hj","tlshash":"52b24380f7bc38f1597b3129482d76cd767e2175d401887afd9ca3642bc9e24a72683d","size":24492,"data":"","first_seen":"2025-11-03T22:18:26.128472Z","last_seen":"2026-05-07T10:30:00.843249Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/jquery-formstyler/jquery.formstyler.js?v=2","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"edef2ae0a2e3925a6416d025badfb05c","sha1":"593e7f0b8316d53835c1502652d23e114a06cb89","sha256":"53731680507ba63d1d80adb79cfd67f810a1c8a2c9c4e6c8ed4d760c67ef66aa","sha512":"938190c041d4c8e78efb1696fec11ef92ba5d8a5b0330bab17dfc90fd33e57f15711a2f12cf06a32d467c68a3beac34ff0cc389b33aa75070886ed950344fb87","ssdeep":"384:INQwdJCU98J5sOOtEBubtkycNeVaUIvYWj8wTTCFRT+FUazYSsN93D:kQwiUeZO5v21zj8w3+RIz0","tlshash":"d71354e1f76c24bf847b31978c1c65cc653d40baaa124977bcb8497c26d282ca36197f","size":41540,"data":"","first_seen":"2025-04-02T20:10:59.206046Z","last_seen":"2026-05-07T10:30:00.841616Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/js/popper.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"31032b08bd8e72220462d3f54f8bd69a","sha1":"871d6ef1070bd363ea390e0c8c384e47dce7f389","sha256":"c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782","sha512":"4cf8763b1960d73a7e933de7140d02e6f542ea5786ffa9a6d73f7e980f35308e5e69456a6ac3cb3bc0ae93880c1788147cfe5eb51ef7ae053ff0f34cb127aca1","ssdeep":"384:PZjckOxmemwN3igs6HdfGmLmnNV5LrpfV1Nn1K4kwTiO6rg3MI/9NUmJ/aZg:uxmemg3igs69TYf/pd1Nn1uwXSg3MI/9","tlshash":"f392d7dc3a94f0e5167b52bac03f011fb2379524218ee510a255d6c92c74ebba23bd7e","size":20122,"data":"","first_seen":"2023-05-30T11:24:05Z","last_seen":"2026-06-03T17:27:51.642116Z","times_seen":10974,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/jquery-inputmask/jquery.inputmask.bundle.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"c52fad4d7dbf444f77e3658e7aaefe82","sha1":"046e457f8f1fdc9fd8be3dfb15efc5229856903c","sha256":"d968d975caa66d734019396f7052b04904029d606f1a9d20e5b5417578eebdd5","sha512":"f0bac5213ad929cd1a29939fec67c914a76ccd96a977c250cc2857fe109cdb4a2813a150d706e91710c0a0e89cfa63fce41a158b946807a2eefb3921042bda83","ssdeep":"3072:Yh+fDnD8D8ZDcKv91C3a+M/gM1kr6Fk9sZ4XLlBSW/e:YUfDnD8D8ZDcKv9151O6GsZ4i","tlshash":"82b329283e81e01396ea70fe55d701062e378b3719dd40e0a8bcd6d05676a464bbff7a","size":117229,"data":"","first_seen":"2024-08-19T14:03:54.659756Z","last_seen":"2026-05-07T10:30:00.78976Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"a218af3ebd1d857982f3926b9ba33930","sha1":"ea24ae73f49a51d07a5453b31676236974de8335","sha256":"ccd3a549cf91c164721135390cea2090466909770b37bd12ddca8a5b191e6121","sha512":"f7a08552313747e5172e69b8259de9907a16d8ac22081406d4135ac72e87a6439e9804cebff97099c75f6ba8081f38ef930a6e0b58e2d8a42c6c59862c2950c9","ssdeep":"","tlshash":"d690021a21450b8890e145bdad817554d03f1052541ed225a45367003c8511a866498f","size":56,"data":"","first_seen":"2024-08-19T14:03:54.685563Z","last_seen":"2026-05-07T10:30:00.836522Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c8f50397e0560719c62a35318f413e16","sha1":"a643db87287e6e940fbabe6d8cfee5a8775692d8","sha256":"a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655","sha512":"fcf2d708251c814a4b84572e7c2f6ca64c0162267f7f5a6007e94e7a475abb4b9ee36da58a91a19196c451bf6ef223b6249d9171bb620b2bdb50fa11d88bc2a0","ssdeep":"96:jPCbS/KZzQeF0VczC5x4MIKG3okQ9vGmzSUXd7INVdYH9LzYIED1OlX:jKbS2QeqV3v4MdG3zQBHzS+PYIED1O","tlshash":"65a11f0beebc635902ff90aa3d9e1d394135a2b06407448c7578cbd979a8c08606fe7a","size":4953,"data":"","first_seen":"2023-03-07T01:17:29Z","last_seen":"2026-06-03T16:04:41.158173Z","times_seen":8958,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/clipboard/clipboard.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"61d57f8e4b5605e9f610e2c72adb2cb7","sha1":"b311093792c37c89af109e497b3c5cef87449916","sha256":"439bfdbeb10063daed4d62ef7f6d893d650385407e8affe59df237c4e3de6313","sha512":"39006588d3cb61d2e57c693f8aef2aacb4800b32b7f94402e74106bc0f73b93d34f9b8777f12d2506c280bceb0ff0ffeb0108bea4205da5dc4b7e7f40ad43974","ssdeep":"192:00Z14dXk1XSHkKpI/230xlH3G4Ly9+vxo53CoD87JxKllkvc363Pw/3JyUZu5MpL:1ZCNfI/wsXCz3rbllC3P83JVu5/Gz","tlshash":"7222a68cb29071b156eb50ba802f420fb271c42db06e40a8b61de8f56c7de9d4627f3d","size":10112,"data":"","first_seen":"2024-08-19T14:03:54.697102Z","last_seen":"2026-05-07T10:30:00.845039Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/authorize/script.js?v=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"7070b84292dc98ad21dbfbbb09d769f4","sha1":"d6fcf5536a586fbdfae5234068de22cc2c99f38a","sha256":"0d9f3f2eac2e13c6bf68900176a9ace00e05ae7453f5e0f8abc07e208f471fdb","sha512":"da809f9e4b2ea5f3e5053f7de3176297272a557f3a08b3a997f7091b92cc8995a8e2f2bc50065ae4255bd6b44af51cae94d0fc797c1072e398f6fe733add7c4b","ssdeep":"384:CWhE+0AORumwy8pYT3uTw5FSwMIwwUs3w237Qb8MWo2+bDZdnQQnYoIpIb:XhEpjRsbGh5FSwMIHUsA2rQb8Bo2+Z9j","tlshash":"4513f8c0f21d764f83a2321790b6a5096e3ec4b50645097ef6a528fea8d500dc37eebd","size":45223,"data":"","first_seen":"2024-08-19T14:03:54.697803Z","last_seen":"2026-05-07T10:30:00.790907Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/fingerprint/iife.min.js?v=2","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"d44f25d737eeec9f79865ae2ad3478a5","sha1":"b70c65cbfb3d9b05416a92ac00ac2a8a77c5232b","sha256":"4455daac65bf91a90f2a0949b855d1b409e9ecc460ea24db2f0bd00a6177ed9d","sha512":"2ab9530629ae54ff1fdb092896403c7bb549e1687c5bbe0f0ac2501787f940cf72a4fb96585828089567fd073ce095b952c58fd749e0a28ceb1d14cbff924380","ssdeep":"384:chQYSwHRBcifEJzXhGUa4LdsF7wRuCfLVg5+pCqNFaiE8E0QIQfJb7us6RfGDUPX:cSMHRU7Lic9NwlJb5iffPREA75","tlshash":"4ae207d8b2c3b029227378b6497f6007b63abd15242d4843d57be4c17ca5e5a813bfb9","size":33790,"data":"","first_seen":"2024-08-19T14:03:54.699901Z","last_seen":"2026-05-07T10:30:00.847239Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"f5bdb17e9ede78577985a98499912676","sha1":"4e58daf62e9205e715a08b161dd0c6c4b084d18f","sha256":"f47244a55754a08beb6873b9c8e0deeb0b49f86658e292efd93f5c29968a8f20","sha512":"272d417070fc95612d2075d873230d9e99a3ed0a52c9de4c514e2b70cf49b7ef5add934bb2b0b9eb165120fc53edd9b0124b0cd04dc58087100b7a8c1d91cd46","ssdeep":"","tlshash":"9b019e93bbbe207d8849b4da176522cb363d022a5d122602ad6c231502e09ad5e39a60","size":669,"data":"","first_seen":"2024-08-19T14:03:54.68626Z","last_seen":"2026-05-07T10:30:00.83756Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"f762576140e0f26a2283e996b5b8badf","sha1":"d67e2cf0de4f5f334a258a0a1ab39a593f4a7ea5","sha256":"d91792f3ce9930ef41c3b68e7e6d48fc6261e34597d43d12f23d28aefaca6b88","sha512":"cd98a6727909767654ea36ae7a9f4707c2705bc8c8f7d6d188f78157ade0633496212e4096c012cf5aa477e86c7a73bd9f5ea0dc72a34d4960283b4b5c4984ee","ssdeep":"","tlshash":"d8017366e6247236576a325bbae8d2df3834542064c22d02c56f00ede47fcedd05cd4c","size":685,"data":"","first_seen":"2024-08-19T14:03:54.689412Z","last_seen":"2026-05-07T10:30:00.839217Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/switchery/0.8.2/switchery.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d55d2c0b4666c3ed46ddfaedcc820b3","sha1":"9bf64ec3c3d4ca056a5692fef53e395a2f201546","sha256":"9f975700df649ea7090b2194630225b3fb50424d91b564fa391d304ba35dd079","sha512":"2f03b798451b6ed0abd561c24dea35dc2a507f0e8958abfdb3caca5ff3b4205af8103bb04e0b6757c6d7810b19ece4760ea6bbf80bb067d3246b94913144b411","ssdeep":"768:xLAIfz0XuDE38lSs/2yZ2NvSKmPhRJfa8oFX21ccGVcG0dwf3GMcGC75poVAee2T:RANuDEslB2yc1Qh/fan26nCORwAtlB","tlshash":"f923a59a73d92033419f617a968f92897279c0ba251b04cdf49e8dec3e9c97443f1eb0","size":48570,"data":"","first_seen":"2023-09-17T07:30:25Z","last_seen":"2026-05-07T10:30:00.743877Z","times_seen":85,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0212568ce69457081dacf84e327fa5c","sha1":"d6702a1af0378b2342f6a0692e77c169f580aed7","sha256":"266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d","sha512":"9738a50be24577a615f3ebd044d46d53b0ceaafe526bd124e77957b7f93dd47653269cad1d2d4bea5d6630a47d2ba555a03b782e211769ae9706b624d588464d","ssdeep":"1536:u5hEyisTikEJqRdXXe2pP7lgoVMEXvdVhvLHSh4xzAdXtqTyZSusjvKx/w7Ug2xC:0QGvHhvLJzuXkTSc6//MTDU8Cu5","tlshash":"5f83d5d9b2c670529b7730b850bf450bb17a98dab44c8c60f1a8d5d57db8a8d807bf2c","size":86341,"data":"","first_seen":"2023-03-07T01:03:28Z","last_seen":"2026-06-03T14:29:04.098735Z","times_seen":12153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"4aec77640dc3750bebb04e80e568ec77","sha1":"7aa7c0a30db5b710de1b0a55ffb680e33a75bc84","sha256":"fd3c8daeaa00b10bc208a589325d4c9e851b1b3313467895266d97e07f41790a","sha512":"92d9e9d2de00ad7225d93b5e159791c60beac3ee3e79204c90600c20ce2ec1421a53bb70b03620b5b980e168c5c7f4bc827adf1a949a36948e624e0d897e4f76","ssdeep":"","tlshash":"30800400d7071d1133c4030551c001717d45141551d0541050014705057541cd044f54","size":37,"data":"","first_seen":"2024-08-19T14:03:54.690792Z","last_seen":"2026-05-07T10:30:00.84419Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/js/tippy-bundle.umd.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"be40939a1df8aa4cec53fb6ae572df26","sha1":"189159143337e0bc08ce30b8b8a59a5e935335fe","sha256":"3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de","sha512":"81baeeb9cabf3a9c7d8e51dfaaa65e020d8b34add8e016e95c72838510bcf3fb4044bfe2ccf384e19b76c3a5fd4a7d547966866cbdfccd6ee790bda3767e4923","ssdeep":"768:m4OeYE0+LOdORk89IOlyOdh5+3W5FEounZt/2ozZ9+Hsyhp+JjOtkq8Ggrj9cFQP:tAVYem5s/2PHFhpa2XgF","tlshash":"dbb2d699f69171791b6b2176c06f9619727b396d244fc420f033f0c82c789ae629bf2d","size":25717,"data":"","first_seen":"2023-03-07T12:03:05Z","last_seen":"2026-06-03T17:27:51.54644Z","times_seen":3724,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/jquery/jquery-easy.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"dbd3e5c2c2dc73a6c2c618aa8fbde827","sha1":"5249ba97aa63b8555f1629d6470fd5223e818ead","sha256":"a3d2fcbf7f555be0b9983d1453526049cfa01f951c5aecaf83348c970417ea34","sha512":"ac8683998fff0b6e1c2b0b02152f7e759b092ae7990657efc24d9ff003a459770f4c89984a48c7e6ce27097d9fd7250c6990a5c357d95024dc12209df3cb55f4","ssdeep":"192:pv+Or8ur83V33R3hqRAsfAy46Or8ur83V33R3hqo:pZr8ur83VHBhmYr8ur83VHBhL","tlshash":"0cf1f38963c0631b4359f270aa3e5e4ff268642b566e681fcc5c5084bf7d339c27ad68","size":8101,"data":"","first_seen":"2023-03-07T15:27:02Z","last_seen":"2026-06-02T02:46:00.479428Z","times_seen":269,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/moment/moment-with-locales.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b1c80b617bfcaf8c0766d41c4a3c680","sha1":"6319f4a7d5f345583a730ab527704ff2491a9043","sha256":"01d40df7c31566ce3812adb24f0b682ae7e19d4fae67bbf69179c3e6fab3655a","sha512":"8652e0221e279dc6f6c9ce183ed5a4e703b291c1711747c1779ac77c9eb1b002c8da4858dc7f0b6e2becc09139169cfb870b3b0890aa3b37728d61e2289625f8","ssdeep":"6144:7W3FUoAhVuhioGf6Qt/b03TSZWkcSO2dpMGFVJ9tFFxWD4lei+FAkWT6DBTmpjFB:GAhVuhioGdt/Y3TSZWkcSO2dpMiVJ9tp","tlshash":"4e64d6cf63aa6b9e0a546116cc3dad0c284d0f80d079d735ffba5187f51ca2846bab71","size":336451,"data":"","first_seen":"2023-03-07T12:11:45Z","last_seen":"2026-06-02T22:41:38.194059Z","times_seen":1769,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/bootstrap-datepicker/js/bootstrap-datetimepicker.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"6cd3c1d3500963b51a023474f6951345","sha1":"8d3cb2f81b5b0ceb6a8071870c4e537dfef449ac","sha256":"6ede8dbf3a4dfdab853b7580e07c42c5f5ff86c6585c03702f2eade538d4b032","sha512":"4a47bdecba227b3fda40eea3c97abeeab6ab9160291955553130a7388c5add7767c407e771804c74a9845f043e5310b79af5d2a904cdebe56b6527d193ae3f60","ssdeep":"768:+85tRKDmhd/onYDM38NvdyMmpu3II1R+qlyTo/KR6MJodCBSEpfh6Aq8Sd4KI+po:z5UrsNvdyoII1llyTjpWnvAMLI+p+7","tlshash":"d203b604b1b1729795bf7495102e6507e266cc3efc59487168ce10b83dbec89a1bef2b","size":38512,"data":"","first_seen":"2024-08-19T14:03:54.667872Z","last_seen":"2026-05-07T10:30:00.690831Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/jquery-cookie/jquery.cookie.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5528dde0006c78be04817327c2f9b6f","sha1":"31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8","sha256":"b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8","sha512":"69484bdb1382ae92c4b860f97fab601db2d8117469619f06e720fe5a516b5eb3f2d88ad6065bba6e28790bd1faa86b20aa753a9a0c7a2ad53c4eb787a404a9af","ssdeep":"","tlshash":"ff516650b7cc361e06ab22516b6f10ace63cff721158449d881965f82cb0c7bdb6bd6a","size":3121,"data":"","first_seen":"2023-03-07T01:06:39Z","last_seen":"2026-06-03T17:28:10.389843Z","times_seen":17078,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"0b92a6d97c4122528e0b027f07073ec5","sha1":"f9e7515eeaa8009662fd3df5862948230631e2c3","sha256":"db2c4b8ce1996380ed18abafb735484bde6b7a2eacd1c3576487cd5612d5ab3a","sha512":"ace05e203d2cfb1f309a418d4afb6ae6beb72528888d7bdf9acfa332fbb6274eedf2c002481fccf698ab0d0ebfd7273f23d109a5b18e2d33fed4e0c26f837021","ssdeep":"","tlshash":"7301260de69c7abbd7be6201792844863c6cbe1e6c11bc467c893b56d6e0d10892487d","size":817,"data":"","first_seen":"2024-08-19T14:03:54.692221Z","last_seen":"2026-05-07T10:30:00.845779Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"d73a76deb2fbe858c84dd6d3a4b3f2ff","sha1":"b3e942a21a2e7cd3ed3a857110bb6584eb2a9405","sha256":"b1fa43a8370c9020ce81b0058bdb705c6444cd0a184930c19f5194690c8cbd6b","sha512":"ae271916bb8c91f8441d01def21fa558c7c5183914ce98fa40a6d81f17ceffefa90164cb628e34585757e38d542a33f8200c9bbe16a95552a2c62373326f5dce","ssdeep":"","tlshash":"c1e0f166384c0034c37a235662af218ab40a79392d4fbc6bc02dcc55156ec7f449f91c","size":413,"data":"","first_seen":"2024-08-19T14:03:54.695602Z","last_seen":"2026-05-07T10:30:00.846504Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/bootstrap-datepicker/js/bootstrap-datepicker.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d903642fc80091866df8dc2e8f259ee","sha1":"c6ebd667396068347b6ad460f65efa28dd66634c","sha256":"d7db7f4778dd64256d35f042d55d8005791225b97837cf0e89fc7ef2528219de","sha512":"f45946e33d00fa771e3b671053167678c8ac731cfeb2d850ff35c5b6d15482b7a6fd0efb8729ca1ea773cd3bc8237eedf6a6bb1c7af8fb7b001c350b4c549ff3","ssdeep":"768:VZruSkKniAzzy44tWEh+jVruaLjgFKVJJPVEx5iisx7F5y3MNrQlMNrq93jDz3o7:VZruQz0VazEzsUz3HU","tlshash":"062375c9e74d159b9276206d882e12caba3dc0779d454c3bbcac51e82494d2d93fcfb8","size":46822,"data":"","first_seen":"2023-03-07T01:19:34Z","last_seen":"2026-06-02T02:46:06.649018Z","times_seen":118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/js/popper.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/js/popper.min.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 20122\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-4e9a\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20122,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20033)","md5":"31032b08bd8e72220462d3f54f8bd69a","sha1":"871d6ef1070bd363ea390e0c8c384e47dce7f389","sha256":"c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782","sha512":"4cf8763b1960d73a7e933de7140d02e6f542ea5786ffa9a6d73f7e980f35308e5e69456a6ac3cb3bc0ae93880c1788147cfe5eb51ef7ae053ff0f34cb127aca1","ssdeep":"384:PZjckOxmemwN3igs6HdfGmLmnNV5LrpfV1Nn1K4kwTiO6rg3MI/9NUmJ/aZg:uxmemg3igs69TYf/pd1Nn1uwXSg3MI/9","tlshash":"f392d7dc3a94f0e5167b52bac03f011fb2379524218ee510a255d6c92c74ebba23bd7e","first_seen":"2023-05-30T11:24:05Z","last_seen":"2026-06-03T17:27:51.642116Z","times_seen":10974,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/js/site-paygoods.js?v=13.1.14","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/js/site-paygoods.js?v=13.1.14 HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 24147\r\nlast-modified: Sat, 01 Nov 2025 16:05:22 GMT\r\netag: \"69062fc2-5e53\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24147,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"0b07e27513b693d4b9fad670dc9979c9","sha1":"ceb2bffc350f1ed87e61a1f86255eb76d3d7e144","sha256":"bf5827a23a284250e591b59cd83410ff41cffe16b91a2bc5b7c2a4290281588b","sha512":"1200eeb6742173aabfbfe303c4fd98612e2b363208b6944b98946685d4297d81ebe31e4b593ac999617422390b217c30d94e3af4db7708071d976776ed74e2e3","ssdeep":"384:bDBWdKrH4gXTHho3HjgsJM8n+0VbeyFSzh0U:fQdKrYeTBmHEGMUbe40h/","tlshash":"8fb24180f7bc38f1597b3125486d26cd667e2271d40188b9fd9ca3642fc9e25a72e83d","first_seen":"2025-11-03T22:18:26.103606Z","last_seen":"2026-05-07T10:30:00.700953Z","times_seen":19,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/js/stat-fingerprint.js?v=3","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/js/stat-fingerprint.js?v=3 HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 4769\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-12a1\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4769,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"99eed266b11347f0f31b9eb61bc20688","sha1":"c80e27d395a2b9bbd6a5f1156854b28fc7584f94","sha256":"1cf2f388e5a408b740268cd525f2c39ba0402395efb8c731fccaa6f4a997a9f6","sha512":"157700759abd68b086b1e64d745e32412d9866544bb708a210f90d464b286d6ee069256b7fbb2bdc616db9648adce8d832810194b268897c456a3a81038ba5aa","ssdeep":"96:8fe81AEBtaHRJC8XXjT+GiuaNQCJJMQoWyqS:Yd1AEBtaH28XX+A8vQWyqS","tlshash":"d4a10c49f8f799e165ab75ae4bff9404b6e3e0032448dd017c8e96008fda63c5198bdc","first_seen":"2024-10-26T12:11:27.907975Z","last_seen":"2026-05-07T10:30:00.796579Z","times_seen":53,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/img/icon-cards.png","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/img/icon-cards.png HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 6642\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-19f2\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6642,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 95 x 80, 8-bit/color RGBA, non-interlaced","md5":"26d71fa6312a08de83f173d9529060a1","sha1":"8363e85d1d3c6edf946db4421ad0fdcfbb23828e","sha256":"5950fcb8b6dc4379f48dc1fe274df5b2841632e97077cb323546d119794adc9b","sha512":"0779e08acd48408cd43d2db24f0c2cc501bfe8253622105680591c2baf0f117eb6ca1279568a6bda6a933c9d670ca2008ad256fb5f99ce17e2a328abf9ef70d4","ssdeep":"192:4SxZC0wwwhr5S7VNcr70R8dgqe0ed00KbK:/LCLcNcrAR8vXeh","tlshash":"0cd19fd2817035f0f2a21b8b626cbb181bdf64343604736658cb8dac4aead21576b6d3","first_seen":"2024-08-19T14:03:54.669566Z","last_seen":"2026-05-07T10:30:00.788557Z","times_seen":53,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/img/icon-applepay.png","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/img/icon-applepay.png HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4773\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-12a5\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4773,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 127 x 83, 8-bit/color RGBA, non-interlaced","md5":"9436d2c02372306bc9e14dd2018417ab","sha1":"536c52d835d7172a6d207297c00fa3dec6ee2d06","sha256":"a6225ee8341fc1d43634f3ad896fbe98961ae0b30e16589c8b2e4715c1f9d38e","sha512":"041a320839bc3cd7728ad03f3e2576407a4d3452c0eaceb4c000335772b0ce2e7e61d64ae406760e48752684c828a786b2ffdc9c2f457b72c113662ac41ff022","ssdeep":"96:ZkGBlq0l/xn/Fgy5NuiPQxFWiILnpsCDzGIrXjWRKIgKBj1FXD74y6UI:B9lZn/VNTyWiIpsCfnsgK5DHeUI","tlshash":"67a17e17e2990d004bad59da389bcd2a2d4b1ac04ee156927ecfec085e3d2f510783fb","first_seen":"2024-12-06T22:54:30.629814Z","last_seen":"2026-05-07T10:30:00.742256Z","times_seen":52,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/js/detect.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/js/detect.min.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 26227\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-6673\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26227,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (26227), with no line terminators","md5":"43805e47b7707f74eb54d49cf1cb5a51","sha1":"733d2f72901a42ec70cf738dcacd8666022e089f","sha256":"22a67790ce6b6632c0c1780e5c9edadfd7b5e306705213dfa36979d9508fe645","sha512":"88db8c3397268970ef9385424e9e9411b0f0632fdd0370854d360a07afd5f8b0fad92e7c4d067eb32917ce19954f542fa870f7f5985e72c3c65e3654688b9259","ssdeep":"384:WLcreJZ3lxNgU2H/6qG8erf0l/6n3vE2ORdTonl+A0k:uw6qG8mcl/63fjlok","tlshash":"05c2df6431d6b9d3881a704224272e27623a1df197cee26c9301c80f796d9fd6a397fc","first_seen":"2023-03-07T18:38:07Z","last_seen":"2026-05-27T05:08:31.205476Z","times_seen":377,"resource_available":true,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/pages/fonts/PTSans-Narrow.ttf","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:05.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/pages/fonts/PTSans-Narrow.ttf HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/style.css\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:05 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 262012\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-3ff7c\"\r\nexpires: Fri, 06 Feb 2026 11:17:05 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":262012,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"FFTM\", 32 names, Macintosh","md5":"388e95a4321755a4b8f818ae4d54227a","sha1":"e7cb62be56c1bec63b5e70c01df7b5a49045b4b9","sha256":"8ee49c7e6e31dc6ac03d14c16931cb9cee58a98aec3eb37d4f423667a1ca8c28","sha512":"09481718c82dc14a897b3e67837c033382f44758eacbd5753c2d6d9ea8d37f471ba7af06b961b8fa6796e7e0512b32b520951c802501566f3e0be68674fd8b17","ssdeep":"3072:CDWIQxGkq+vSqNUIE+b0CZ3NnwoO+DsN/6166IrUSuWYVwaqW3eAXurxUInZLE/:CDWIKSqNUIE+I891FSKW5W5XMRk","tlshash":"1644e85fbaf99d23e3174b768ef3c7340d62ac01ffa519052a88b541deda1608b23d85","first_seen":"2024-08-19T14:03:54.660397Z","last_seen":"2026-05-07T10:30:00.800031Z","times_seen":54,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stat.prodamus.ru/api/v1/customers","fqdn":"stat.prodamus.ru","domain":"prodamus.ru","tld":"ru"},"ip":{"addr":"158.160.71.54","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:06.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"stat.prodamus.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 03:02:15 GMT","end":"Sun, 15 Mar 2026 03:02:14 GMT"},"fingerprint":{"sha1":"90:9E:B9:5A:69:88:52:2D:00:EB:BF:5F:39:69:AB:4D:4E:72:6F:18","sha256":"0E:B8:86:B2:01:A2:C3:F3:52:8F:85:42:C6:E1:C6:AB:3E:C1:CC:C9:AB:C1:5C:68:E1:09:56:CB:53:91:0C:16"}}},"request":{"raw":"OPTIONS /api/v1/customers HTTP/1.1\r\nHost: stat.prodamus.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: PUT\r\nReferer: https://gematologbindasova.payform.ru/\r\nOrigin: https://gematologbindasova.payform.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.25.4\r\nContent-Type: text/html; charset=UTF-8\r\nConnection: keep-alive\r\nX-Powered-By: PHP/8.2.17\r\nCache-Control: no-cache, private\r\nDate: Wed, 07 Jan 2026 11:17:06 GMT\r\nAccess-Control-Allow-Origin: *\r\nVary: Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Methods: PUT\r\nAccess-Control-Allow-Headers: \r\nAccess-Control-Max-Age: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.25.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:8.2.17","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T17:55:46.471571Z","times_seen":16085743,"resource_available":true,"data":null}},"time_used":305,"timings":{"blocked":132,"dns":22,"connect":35,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/jquery-formstyler/jquery.formstyler.css","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/jquery-formstyler/jquery.formstyler.css HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 13468\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-349c\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13468,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (504)","md5":"a419ea5d1b0afcb54c471659b611a5c9","sha1":"9f0da3d676bc178d42dee4a2faedbfc0d76e8fbf","sha256":"128e9ebef65e68aff6420b1035dae7909965be5e6be81f322496402bb53ba05a","sha512":"4cc24e8cf0e15606c4da2040ad5d3d7d3bac33d2679debc1ed2bbf08a86fb542b4b53468ccd2b5f71ba6f3f1b4a65ae356eff10463abdd13e337528290bdc390","ssdeep":"192:iom7L3zP7D4ckGfhlALBzbaMJ5dSk7TVbPIp5awQ9Hx:ioID/4hG5lAV/fzdSk7hPu5G9R","tlshash":"235273b6620d1cd8362ac5f7be179e85232ec120e95d7e54f878643cd7c50f868b0a6d","first_seen":"2024-12-28T17:52:22.29647Z","last_seen":"2026-05-07T10:30:00.764717Z","times_seen":45,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/intl-tel-input/build/css/intlTelInput.css?v=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/intl-tel-input/build/css/intlTelInput.css?v=1 HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 28275\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-6e73\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28275,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"255dcb86cb9d2863148d48aabc19e981","sha1":"5c8ccde087ec939582b1299469e205e106f60253","sha256":"51e438c85f0e1d2df9fbc7c397703e1d618c9986e5553a04a01c5cfe624d01df","sha512":"00379edf566d9598c0b6efcc862b44e5d46a0ae6b08163adca4db692f8d1983f3e1c68eeae77cb5f0e1b88c9914d8784969850dea08394212ada735d2547df12","ssdeep":"384:7l5/tzFLFzFP3nYt9TlwhxyjA1rrixRGq2O1CZO8A1:7z/tzFLFzFP30b","tlshash":"ecc20b668bb23549b92bf27179a407822737500be816ceacb3da3d5ddf450e045e3be1","first_seen":"2024-12-22T12:58:09.789024Z","last_seen":"2026-05-07T10:30:00.745304Z","times_seen":51,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/bootstrap-datepicker/css/bootstrap-datetimepicker.min.css","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/bootstrap-datepicker/css/bootstrap-datetimepicker.min.css HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 7785\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-1e69\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7785,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7669)","md5":"fc28fdcaebe06f95b628b7afff4afa9e","sha1":"bfb59134728691755a4b00deebf21ba39adee2d9","sha256":"c8c8da579e363feab54671fa5c1c823c37d416198e69f59b78b3e6a8a875d73a","sha512":"6847bf67178f6b08f4f86d91f80688c60ad0b8a4faf08dbcaa1fb080badc0093b3debc423fe4f0acae523cdf84e48fb52108cdb5c7ef6fde870da830aca45d07","ssdeep":"48:Ms/KUBvvDak/1kJkzlk9k4U5kgkhxckhKzkeKkhRGgYk7k+7QYwIgOtfG5UjYi:jCUdrV/Kmz6CBW7h90YUhRGgDQ3ctUdi","tlshash":"bdf19a2672a3299da43b822f60157ed51f8ae05ee752087c6ec733484f5d9cb38be514","first_seen":"2023-04-13T22:49:40Z","last_seen":"2026-06-03T02:37:32.079647Z","times_seen":1194,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/img/icon-yamoney.png","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/img/icon-yamoney.png HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 9033\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-2349\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9033,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 141 x 100, 8-bit/color RGBA, non-interlaced","md5":"95b2bfdd9e9437fe8b41073cd8b4fa43","sha1":"cd9f5eb5c6a6abb3a12adc78db37315b0386d16e","sha256":"744e3f92be0058274fa892ff7423ceb2ba8654dce0424fe42666991ece80035f","sha512":"cb8ac6ef2f831b9ec0c226df99951898fef3da490b94090b0eb84ca5531652fdb25bc263856fc1124fe2843a5346e00b1b276467e56fc1b78c36037b51d9eb95","ssdeep":"192:pBYgW9NJzgOqK2Oo4FFNDPxVy36Fep1hqyOrJoU+QoYoZf49FzY:pwN9gONTFFty3WepvOraUl2ZWFE","tlshash":"0512af10ea2b85bec26c7e8b13cf24d9fc7a16e9c551af9c11bb182b31647cac441072","first_seen":"2024-08-19T14:03:54.677972Z","last_seen":"2026-05-07T10:30:00.767817Z","times_seen":53,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/intl-tel-input/build/img/flags.png","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:05.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/intl-tel-input/build/img/flags.png HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/assets/plugins/intl-tel-input/build/css/intlTelInput.css?v=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 70857\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-114c9\"\r\nexpires: Fri, 06 Feb 2026 11:17:05 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70857,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced","md5":"416250f60d785a2e02f17e054d2e4e44","sha1":"21572c9751e5a3dc20395befa0fcb349c32c4811","sha256":"0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55","sha512":"cf1e7acf47464f00d206e9149475e22b8ea5a31727fa16344cd151384d850b83ece5e9abe4ac62861dba0dc3d3410955611d94665b60e2faa0c3d7a3d7c88404","ssdeep":"1536:cBBfgWxg7McnRdaRx9krb5LhxHG1gmvlpWUZA1eog3e7xr:Lg+3n3ax9kHV3Wgmdg2A1Y3elr","tlshash":"9763019797adf1d82a92274bef801109ae6c2b3d5d7c1da372cf1d532ae12c306c8586","first_seen":"2023-04-05T15:31:12Z","last_seen":"2026-06-03T17:22:47.54055Z","times_seen":23986,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/bootstrap-datepicker/js/bootstrap-datepicker.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/bootstrap-datepicker/js/bootstrap-datepicker.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 46822\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-b6e6\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46822,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"3d903642fc80091866df8dc2e8f259ee","sha1":"c6ebd667396068347b6ad460f65efa28dd66634c","sha256":"d7db7f4778dd64256d35f042d55d8005791225b97837cf0e89fc7ef2528219de","sha512":"f45946e33d00fa771e3b671053167678c8ac731cfeb2d850ff35c5b6d15482b7a6fd0efb8729ca1ea773cd3bc8237eedf6a6bb1c7af8fb7b001c350b4c549ff3","ssdeep":"768:VZruSkKniAzzy44tWEh+jVruaLjgFKVJJPVEx5iisx7F5y3MNrQlMNrq93jDz3o7:VZruQz0VazEzsUz3HU","tlshash":"062375c9e74d159b9276206d882e12caba3dc0779d454c3bbcac51e82494d2d93fcfb8","first_seen":"2023-03-07T01:19:34Z","last_seen":"2026-06-02T02:46:06.649018Z","times_seen":118,"resource_available":true,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/pages/css/pages.css?v=38","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/pages/css/pages.css?v=38 HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 143701\r\nlast-modified: Thu, 25 Dec 2025 13:07:33 GMT\r\netag: \"694d3715-23155\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":143701,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"b8b612223eccff4b9b597136ea924cd9","sha1":"12abd053b878c70239123abe3c7a734232433ec9","sha256":"97da1e6f68f3786e37178bf7036a062d9b79c15f31fe54b9ead8d173ea1b4e33","sha512":"ec90a5245dbaf114acc6d309268f8c68affd8d699011fd5f9b1769f71b671c94ff18c6a71c028f600d78cbc44229f1d21d7cf51e7b1fd33aa57d2d33242f409a","ssdeep":"3072:0lZthrldsIUObVJmJJkgxpsbX4b3aTkweFoly:0XthrldsIUObVJmA0psbX4b3aTkweFo0","tlshash":"84e39692fef128053027d098a9966ab5f73d4042460eedbcbba0345c9fc93d9917f789","first_seen":"2026-01-07T11:17:36.137314Z","last_seen":"2026-01-07T11:17:36.137314Z","times_seen":1,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/style.css","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 4297\r\nlast-modified: Mon, 01 Sep 2025 19:59:11 GMT\r\netag: \"68b5fb0f-10c9\"\r\nexpires: Wed, 07 Jan 2026 11:20:04 GMT\r\npragma: public\r\ncache-control: max-age=180, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4297,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"958d28d629dec7c8a381855b5ef87d59","sha1":"b89b8318bbaa761d52ace2a6487db635a052e12d","sha256":"156f1177034c2957a4de34083b8ba20e85b599b39f8119652be4495ed643f0e6","sha512":"94a1fb9b095ff1469f154745f8b872108b7c450e12750d7c0e531c3e2b5154382f1422af055d086e514a7837e64bddb688dcfdfb219e8560ba806bd3d832cb64","ssdeep":"96:1zhsahZFlgvlhtAMCPOhUGQfAcSdo3pSqFK2gJbtn:1zfZQvrtgPcQfAcSdo3pSqFK2gJbtn","tlshash":"56911286caf31845701654345aba1a883b6d300f93afdfe8b950b5a4bf4d59c9273b8c","first_seen":"2024-12-28T17:52:22.308045Z","last_seen":"2026-05-04T12:19:35.980124Z","times_seen":21,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/jquery/jquery-easy.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/jquery/jquery-easy.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 8097\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-1fa1\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8097,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"6516449ed5089677ed3d7e2f11fc8942","sha1":"82e40d060bc269a6dde20c3990ca5a4fea6ca754","sha256":"0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34","sha512":"6ebae34e9f46e8c90a5f94235f0c00424b1c7c5a4a8b7a248f267f337bc6c3083da88d66b28cfbcfe11b4012d7b139d52b73ce8d80461dc42f5f7e0614aaffec","ssdeep":"192:pl+Or8ur83V33R3hqRAsfAy4MOr8ur83V33R3hqo:zZr8ur83VHBhm+r8ur83VHBhL","tlshash":"a2f1038963c0631b4359f270aa3e5e4ff268642b566e681fcc5c5084bf7d339c27ad68","first_seen":"2023-03-07T01:03:03Z","last_seen":"2026-06-03T17:02:18.438912Z","times_seen":17711,"resource_available":true,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/jquery-inputmask/jquery.inputmask.bundle.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/jquery-inputmask/jquery.inputmask.bundle.min.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 117229\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-1c9ed\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117229,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3553)","md5":"c52fad4d7dbf444f77e3658e7aaefe82","sha1":"046e457f8f1fdc9fd8be3dfb15efc5229856903c","sha256":"d968d975caa66d734019396f7052b04904029d606f1a9d20e5b5417578eebdd5","sha512":"f0bac5213ad929cd1a29939fec67c914a76ccd96a977c250cc2857fe109cdb4a2813a150d706e91710c0a0e89cfa63fce41a158b946807a2eefb3921042bda83","ssdeep":"3072:Yh+fDnD8D8ZDcKv91C3a+M/gM1kr6Fk9sZ4XLlBSW/e:YUfDnD8D8ZDcKv9151O6GsZ4i","tlshash":"82b329283e81e01396ea70fe55d701062e378b3719dd40e0a8bcd6d05676a464bbff7a","first_seen":"2024-08-19T14:03:54.659756Z","last_seen":"2026-05-07T10:30:00.78976Z","times_seen":54,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/intl-tel-input/build/countries.json","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:05.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/intl-tel-input/build/countries.json HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:05 GMT\r\ncontent-type: application/json\r\ncontent-length: 20050\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-4e52\"\r\nexpires: Fri, 06 Feb 2026 11:17:05 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20050,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"83902163573fc51dc96bf5eae2f89871","sha1":"c2a626daf19c3b97135095bfe70f9cabe481ba3e","sha256":"468609768997c602bba1caf447aa749f2f5540584d9bcd008e7d618cc55f091d","sha512":"fd5561526248e1c2479938812644e6fbe18da5d08dfff96fd91d707216a89256e8dfcde94b81466f0a0bb223eb7fb150f29d74545b9afb0a92307c68f672a236","ssdeep":"384:op1vElWTkeem26Mt/vQSWy7wM4EWs4JVYNcNVmTkDWE1dMUWyRM7ggdgcmQt67IK:1IIW26MOLNMi","tlshash":"ac925ee2d1ab135e78c43593dfb9ae0d34c8bd42d114db3bcc7a3ad7e550620a6a0b16","first_seen":"2024-08-19T14:03:54.640764Z","last_seen":"2026-05-07T10:30:00.791763Z","times_seen":54,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/bootstrap-datepicker/js/bootstrap-datetimepicker.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/bootstrap-datepicker/js/bootstrap-datetimepicker.min.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 38512\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-9670\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38512,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32039)","md5":"6cd3c1d3500963b51a023474f6951345","sha1":"8d3cb2f81b5b0ceb6a8071870c4e537dfef449ac","sha256":"6ede8dbf3a4dfdab853b7580e07c42c5f5ff86c6585c03702f2eade538d4b032","sha512":"4a47bdecba227b3fda40eea3c97abeeab6ab9160291955553130a7388c5add7767c407e771804c74a9845f043e5310b79af5d2a904cdebe56b6527d193ae3f60","ssdeep":"768:+85tRKDmhd/onYDM38NvdyMmpu3II1R+qlyTo/KR6MJodCBSEpfh6Aq8Sd4KI+po:z5UrsNvdyoII1llyTjpWnvAMLI+p+7","tlshash":"d203b604b1b1729795bf7495102e6507e266cc3efc59487168ce10b83dbec89a1bef2b","first_seen":"2024-08-19T14:03:54.667872Z","last_seen":"2026-05-07T10:30:00.690831Z","times_seen":54,"resource_available":true,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/switchery/css/switchery.min.css","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/switchery/css/switchery.min.css HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 682\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-2aa\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":682,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (682), with no line terminators","md5":"3d5c5f2d195cad6c3658bec52095df6b","sha1":"31db624af9fdc9411c1457353cb2d0e018a73fc7","sha256":"da426bd59d02d72e73d239e1aff982bb8e89dd1e94b9dfaa0901c0dfd8b5798a","sha512":"bb21a0e9d66bddc1353f1b4a3821aa2864e26726dee624aadcbb2a3a894006a01694844ba3f1cacab30c0fc76b5fe825b37b7025da585f480328476d7f67699b","ssdeep":"","tlshash":"0301477051856126f439cb32a950a8c934b2d17bee23030deaa9b435c1ead6a1cb0349","first_seen":"2023-04-19T21:30:58Z","last_seen":"2026-06-03T15:09:44.793563Z","times_seen":497,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/moment/moment-with-locales.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/moment/moment-with-locales.min.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 336451\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-52243\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":336451,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1b1c80b617bfcaf8c0766d41c4a3c680","sha1":"6319f4a7d5f345583a730ab527704ff2491a9043","sha256":"01d40df7c31566ce3812adb24f0b682ae7e19d4fae67bbf69179c3e6fab3655a","sha512":"8652e0221e279dc6f6c9ce183ed5a4e703b291c1711747c1779ac77c9eb1b002c8da4858dc7f0b6e2becc09139169cfb870b3b0890aa3b37728d61e2289625f8","ssdeep":"6144:7W3FUoAhVuhioGf6Qt/b03TSZWkcSO2dpMGFVJ9tFFxWD4lei+FAkWT6DBTmpjFB:GAhVuhioGdt/Y3TSZWkcSO2dpMiVJ9tp","tlshash":"4e64d6cf63aa6b9e0a546116cc3dad0c284d0f80d079d735ffba5187f51ca2846bab71","first_seen":"2023-03-07T12:11:45Z","last_seen":"2026-06-02T22:41:38.194059Z","times_seen":1769,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/clipboard/clipboard.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/clipboard/clipboard.min.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 10112\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-2780\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10112,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10002)","md5":"aa7c9d74f567a8877522f816d7c387cc","sha1":"d79bfe29e732477cb27598dedff9495ddc05f390","sha256":"6717dbf025d81f537cc639903fb560e01912c0467e8da579fcdf92c6f58f7a65","sha512":"da4a20fae935b42cb957a322479c0e779835b37291c6ac8cb41f300dde796847897f788e849ff6153a32004cff087615d37f9f2cb8aa5751cdb1b8bab2534b16","ssdeep":"192:q0Z14dOk1XSHkKpI/230xlH3G4Ly9+vxo53CoD87JxKllkvc363Pw/3JyUZu5MpL:HZCQfI/wsXCz3rbllC3P83JVu5/Gz","tlshash":"6122a68cb29071b156eb50ba802f420fb271c42db06e40a8b21de8f56c7de9d4627f3d","first_seen":"2023-04-08T01:19:22Z","last_seen":"2026-06-02T00:38:40.03206Z","times_seen":2136,"resource_available":true,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/authorize/","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:05.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"POST /authorize/ HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 37\r\nOrigin: https://gematologbindasova.payform.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"forms=header,login,forgot,regulations"}},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:05 GMT\r\ncontent-type: text/html; charset=WINDOWS-1251\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nset-cookie: session=m7jhqvm0m035bed5gejmumg174; expires=Wed, 14-Jan-2026 11:17:05 GMT; Max-Age=604800; path=/\nreferer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9; expires=Fri, 08-Jan-2027 11:17:05 GMT; Max-Age=31622400; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery:3.0.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"jQuery Modal:0.9.1","description":"jQuery Modal is an overlay dialog box or in other words, a popup window that is made to display on the top or 'overlayed' on the current page.","website":"https://jquerymodal.com","common_platform_enumeration":"","icon":"jQuery Modal.png","categories":["JavaScript libraries"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"FingerprintJS","description":"FingerprintJS is a browser fingerprinting library that queries browser attributes and computes a hashed visitor identifier from them.","website":"https://fingerprintjs.com","common_platform_enumeration":"","icon":"FingerprintJS.svg","categories":["JavaScript libraries","Browser fingerprinting"]},{"name":"Bootstrap:3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17790,"size_decoded":0,"mime_type":"text/html; charset=WINDOWS-1251","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (391), with CRLF, LF line terminators","md5":"c3a7d38f7cb7269357e274cd69f18fca","sha1":"a4b142e9078c96c0855b4098d1125d621cc88007","sha256":"af7e44c7b5f308203b4be8f4caf4aed3eacdc2d05f361a3b73121b2e52b4b8d9","sha512":"4f2d7fd01795d921cae4979c7d1684a241ff16598539fc7270ea6e2ccfc9ca264d5694e52e8556eae5268b745031d519e22d2cb418abb6027b7f902ada2b5546","ssdeep":"384:SJI2scqAKWcrAjJjKXj33EAWTBZRBNb9ZjA:SJI2bpjJjQj3EBZR3b9ZjA","tlshash":"b682b82278099c3f403395e4f471e75ea4d9d22cffc2e984a1e8176f27d6ed49a22e14","first_seen":"2026-01-07T11:17:36.143624Z","last_seen":"2026-01-07T11:17:36.143624Z","times_seen":1,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/jquery-metrojs/MetroJs.css","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/jquery-metrojs/MetroJs.css HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 98448\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-18090\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98448,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d2dd919edcb9052d0dd95d59beece5eb","sha1":"b3014d4b13c980d901b9b7d8674dd848aadb41a5","sha256":"870246886cf3fb81177c870b5f9f436a9072c47560378c7d53762fcc75dfc928","sha512":"2a72d324b9d0574d9726f054cac13fc76986b20ac37975c6aea4237503a5071327432af923a7473a704144afdcf03ee7d1df4354e7a43f00dc37ad3fcf526919","ssdeep":"384:1/1nUJ9qXxh2JmSqU+pxzdI75R8c3vTGaEyKI6yRJnokai/kYfEo/HS1fKih:1/1nUJ9qXxh2JTKI6U/kzovS9","tlshash":"57a3964efb5384561b1686ab11cef7d5937ce4ae884c5d7c392a036ab1e8b943e34dc0","first_seen":"2025-05-29T18:41:46.283532Z","last_seen":"2026-05-07T10:30:00.686975Z","times_seen":43,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/getfile/widgets/jquery.allwidgets-1.11.1.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /getfile/widgets/jquery.allwidgets-1.11.1.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/javascript;charset=WINDOWS-1251\r\ncontent-length: 451978\r\ncontent-disposition: inline; filename=\"jquery.allwidgets-1.11.1.js\"\r\ncache-control: public,max-age=3600\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":451978,"size_decoded":0,"mime_type":"text/javascript; charset=WINDOWS-1251","magic":"JavaScript source, ASCII text, with very long lines (32086)","md5":"e0f9d80d7a80cfeefb4de89c9cca2d5d","sha1":"d8d9e4246536eec42a17fbed0c5f3f4c2ee560db","sha256":"9a5761fa50aef633bec19bf9c67f14415ad21f6eb3cd6d275879b71269964874","sha512":"e0dd699d9d25f8291b0cc6a9c99cd603d7f11f0b9ae37790ce409656edc3922d286ffad97f9c3d3b25095dc099f1fb6c9b9e94c8901e792dcf2467fb4222ef6b","ssdeep":"3072:MNMyqhJvN32cBC7M6Whca98HrPxDk6UPS1lippePIlYI7pSDzOyAskRsPoeQ9+SJ:Mq17hbvca98Hr3U+lgtYIUGeQ9Xu89","tlshash":"6da4198cb3a5363281ab6079157f550bb136846ee509881cb43c8edd5facd1821bbf7e","first_seen":"2024-08-19T14:03:54.67215Z","last_seen":"2026-05-07T10:30:00.821507Z","times_seen":54,"resource_available":true,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/classie/classie.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/classie/classie.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1835\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-72b\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1835,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"a9df1cfb76ce492afd9d13f3320272fd","sha1":"782b9564f015a2ec7bdf9c89e238fab9b44bd587","sha256":"717ad22aa426d024f6c9942949b49d9a20f4239b94dfee34f94c96d8778f2144","sha512":"af0a8d2bdd0b1b4d5a45bc8bf586adcbc644a87aa5fe8287c63db2759b155efdd56d7288bba700f5aee57ee26dc603e18f9867505a401309b96dab7ac16b0613","ssdeep":"","tlshash":"9231684c71b728fb95e3b1af125fa02432a8c451e3085d22a4fb91401f395a9a0f9ffc","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-06-03T16:11:50.214789Z","times_seen":13000,"resource_available":true,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/jquery-cookie/jquery.cookie.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/jquery-cookie/jquery.cookie.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3121\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-c31\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3121,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"d5528dde0006c78be04817327c2f9b6f","sha1":"31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8","sha256":"b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8","sha512":"69484bdb1382ae92c4b860f97fab601db2d8117469619f06e720fe5a516b5eb3f2d88ad6065bba6e28790bd1faa86b20aa753a9a0c7a2ad53c4eb787a404a9af","ssdeep":"","tlshash":"ff516650b7cc361e06ab22516b6f10ace63cff721158449d881965f82cb0c7bdb6bd6a","first_seen":"2023-03-07T01:06:39Z","last_seen":"2026-06-03T17:28:10.389843Z","times_seen":17078,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/getfile/widgets/img/ui-nicebutton-icon-transparent-close.png","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:05.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /getfile/widgets/img/ui-nicebutton-icon-transparent-close.png HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/getfile/widgets/jquery.allwidgets.css\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 330\r\ncontent-disposition: inline; filename=\"ui-nicebutton-icon-transparent-close.png\"\r\ncache-control: public,max-age=3600\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":330,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 91, 8-bit/color RGBA, non-interlaced","md5":"40a16bb5454438aaf49293a66736711b","sha1":"cc392bcb63a23973f7503155a863d8a931b88b06","sha256":"44033133d4eec9c2d37bb334d6dd36b088a76d159cf0798839bde36ddef4e880","sha512":"0cc7f1987158e86190cfa0123b8ef4617924903ba2ae95f5eeaa23e0fb19959073f54d1d8b7ae3ed0c1ddd27ebe95cd3ee90f722d4de6623ae8fead1777811ee","ssdeep":"","tlshash":"75e028c5932c43395f44c502040400122c38c35d3fcf113dcc18d93157354d71ec12d6","first_seen":"2024-08-19T14:03:54.652824Z","last_seen":"2026-05-07T10:30:00.773307Z","times_seen":53,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/bootstrap-datepicker/css/datepicker3.css","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/bootstrap-datepicker/css/datepicker3.css HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 33772\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-83ec\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33772,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"2f93953b93fe068c6457b81b41324056","sha1":"f7a9fe6ed9c406a94da5b95be13c2a9a8bd3db20","sha256":"2f30768c4fb695c54e627778fc8abc856ce3c41a78605bb615566d894e2e6dc1","sha512":"d04416e07d1ce27cdb8e69b5a68a7fffff2d5a8c7af042375245fc0a1d4bf05423c37d9245bfcedcc0515d7bd108867dcfd8178e5ff86aa256926887befd3a31","ssdeep":"96:FkyrHLFqDbfHvoELn8MAMHHvXfu6IAUJfnvnyRunShjFz0Jer0:FDrUv7L8X76rPRunyjF8X","tlshash":"42e263481740342b1e66d4968958b8f3ff5350af5cbd87b575a008ac032faa367addb3","first_seen":"2023-05-23T23:26:55Z","last_seen":"2026-05-20T03:04:09.361285Z","times_seen":97,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/bootstrapv3/css/bootstrap.min.css","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/bootstrapv3/css/bootstrap.min.css HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 117305\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-1ca39\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117305,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65371)","md5":"eedf9ee80c2faa4e1b9ab9017cdfcb88","sha1":"ed29315e0ffb3f14382431f2724235bf67f44eb3","sha256":"f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5","sha512":"ff9296270da6bcc3b664ce5f9dd5715109a954fa9ac59c9845332b5edae9aecc90db3334a3434c8d4d3623c6495de04fb6b9ab3cee0803208246cc9d1b4049a1","ssdeep":"768:byzGxw/jyBQWlJxtQDINHHlgmqITm8qAdwFKbv2ctBDI35UPyu8psYvS1Ft:/w/GLiINHHlgmC8p5b5ZPUpE","tlshash":"06b3d8a0f11031ea7333c55a72d0ed872219a153e66b4eb7f22f25d84f856ca1673f1a","first_seen":"2023-04-05T14:32:16Z","last_seen":"2026-06-03T16:12:08.504048Z","times_seen":9376,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":155,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/js/tippy-bundle.umd.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/js/tippy-bundle.umd.min.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 25717\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-6475\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25717,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (25667)","md5":"be40939a1df8aa4cec53fb6ae572df26","sha1":"189159143337e0bc08ce30b8b8a59a5e935335fe","sha256":"3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de","sha512":"81baeeb9cabf3a9c7d8e51dfaaa65e020d8b34add8e016e95c72838510bcf3fb4044bfe2ccf384e19b76c3a5fd4a7d547966866cbdfccd6ee790bda3767e4923","ssdeep":"768:m4OeYE0+LOdORk89IOlyOdh5+3W5FEounZt/2ozZ9+Hsyhp+JjOtkq8Ggrj9cFQP:tAVYem5s/2PHFhpa2XgF","tlshash":"dbb2d699f69171791b6b2176c06f9619727b396d244fc420f033f0c82c789ae629bf2d","first_seen":"2023-03-07T12:03:05Z","last_seen":"2026-06-03T17:27:51.54644Z","times_seen":3724,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:05.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/assets/plugins/font-awesome/css/font-awesome.css?v=4.7\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:05 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 77160\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-12d68\"\r\nexpires: Fri, 06 Feb 2026 11:17:05 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77160,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-06-03T17:54:37.966152Z","times_seen":488128,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/intl-tel-input/build/js/utils.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:05.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/intl-tel-input/build/js/utils.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:05 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 222687\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-365df\"\r\nexpires: Fri, 06 Feb 2026 11:17:05 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":222687,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1878)","md5":"b7188954eaa4059b0ccf280e90a3664b","sha1":"acd2cc648b43a6aa7a93c6b84a0ffc344e29c313","sha256":"03691eacff9666b010172f9860a7a647003ccc7198a4bec5667bfbde2f52374d","sha512":"b821ce96729d1495b1f4bda81f1ad6b18bc97b555666d433bcc96569ed8e3b645ece5899304f0d412f018d0edf77b38d2872f3b5c86ea744fb04864397eaedf1","ssdeep":"3072:yxJ0KSjvUhO58hzL5+L5kWCHe3JSZn1YpuwGXLXnRqLo7cZ5rzS0:yxJ2CL5+L5/CHdyV","tlshash":"b924ceebd63c973aa1d97b359a8eb7cd1a8cbc93c45856782ac3b54f537c4e07128201","first_seen":"2023-07-16T11:29:18Z","last_seen":"2026-06-03T17:22:47.535732Z","times_seen":1421,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/authorize/style.css","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /authorize/style.css HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 20331\r\nlast-modified: Thu, 06 Feb 2025 16:58:27 GMT\r\netag: \"67a4ea33-4f6b\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20331,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"c83b258a9ef59f4051fa4bf98fbf39b0","sha1":"5dbe2f4045637ed4c30a7d3c0109c1dde550c272","sha256":"551a7f7a10d342c864553af6de57f1d94d9301dac5dcfba46ea3ad412d52e891","sha512":"931517bf1c948f1715a471800828cc3e10c52678e1313653e8c9dd52d7d830a52562242181bc2ef6dd43c2761a2e07911e6855ef45b9166d6e67d9a1949ab9cd","ssdeep":"384:/esnY5M/OqM327TjTOwJOX8uUFZoykLE7KoJfIPK67/PWHKeFIjtPFgi/rAU:JM327TQ8xqLBPFgsf","tlshash":"dd92ef8113527d057402a064f6321660536f9833eb8dbe7c3aae79ab0fc62d04a7b777","first_seen":"2025-05-29T18:41:46.336828Z","last_seen":"2026-05-07T10:30:00.803496Z","times_seen":42,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27139\r\ncf-ray: 9ba30bef7aec1a30-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec4-15145\"\r\nlast-modified: Mon, 04 May 2020 16:11:48 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1600458\r\nexpires: Mon, 28 Dec 2026 11:17:04 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=uJSuRYoTj824vdPR28W4FpJG3EO41%2Fn141RWH3NTU4wd%2BqoMTOAre%2FPWlpa2ZU%2FEOHD2sBvJlC4iASZqtGzFk2FXbTKapQ5bXyXGsaZMGfsPRYIETA4WEqrjdY9KrWK7fB7EkoXD\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86341,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32034)","md5":"d0212568ce69457081dacf84e327fa5c","sha1":"d6702a1af0378b2342f6a0692e77c169f580aed7","sha256":"266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d","sha512":"9738a50be24577a615f3ebd044d46d53b0ceaafe526bd124e77957b7f93dd47653269cad1d2d4bea5d6630a47d2ba555a03b782e211769ae9706b624d588464d","ssdeep":"1536:u5hEyisTikEJqRdXXe2pP7lgoVMEXvdVhvLHSh4xzAdXtqTyZSusjvKx/w7Ug2xC:0QGvHhvLJzuXkTSc6//MTDU8Cu5","tlshash":"5f83d5d9b2c670529b7730b850bf450bb17a98dab44c8c60f1a8d5d57db8a8d807bf2c","first_seen":"2023-03-07T01:03:28Z","last_seen":"2026-06-03T14:29:04.098735Z","times_seen":12153,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":13,"receive":2,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 1399\r\ncf-ray: 9ba30bef7aef1a30-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec2-1359\"\r\nlast-modified: Mon, 04 May 2020 16:11:46 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1743903\r\nexpires: Mon, 28 Dec 2026 11:17:04 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=UYuhsuPYwbtJLeBa9Ys04HxNqpSu9a9Twsu5PfgMXltYfuDaEWVYxfSwYe2doEUf2YeaYnAULg87V885rALmNiNow19gce%2BTBpgcz3j%2BLXFe6NcyOpjupBtlTOWFKhvutlQEq2XN\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4953,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4862)","md5":"c8f50397e0560719c62a35318f413e16","sha1":"a643db87287e6e940fbabe6d8cfee5a8775692d8","sha256":"a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655","sha512":"fcf2d708251c814a4b84572e7c2f6ca64c0162267f7f5a6007e94e7a475abb4b9ee36da58a91a19196c451bf6ef223b6249d9171bb620b2bdb50fa11d88bc2a0","ssdeep":"96:jPCbS/KZzQeF0VczC5x4MIKG3okQ9vGmzSUXd7INVdYH9LzYIED1OlX:jKbS2QeqV3v4MdG3zQBHzS+PYIED1O","tlshash":"65a11f0beebc635902ff90aa3d9e1d394135a2b06407448c7578cbd979a8c08606fe7a","first_seen":"2023-03-07T01:17:29Z","last_seen":"2026-06-03T16:04:41.158173Z","times_seen":8958,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/fingerprint/iife.min.js?v=2","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/fingerprint/iife.min.js?v=2 HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 33780\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-83f4\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33780,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33446)","md5":"375436f436cc1022d7b4569a817c1a6b","sha1":"9359415cc419874654000870ca54523875c12c16","sha256":"99dc3803d1f19c8103f79f834044b2afd4c8af5b7927efbd36b1052d528b40ae","sha512":"077cb9e67a028f8ffc6c9f19793c15e20379840da1a927e711a0ac4dcf15fe6e1a15cee75436df340c707b9e77118f3cd38ede493e060c592069f39bc6001a92","ssdeep":"384:chQYSwHRBcifEJzXhGUa4LdsF7wRuCfLVg5+pCqNFaiE8E0QIQfJW7us6RfGDUPX:cSMHRU7Lic9NwlJW5iffPREA75","tlshash":"c5e207d8b2c3b029227378b6497f6007b63abd15242d4843d57be4c17ca5e5a813bfb9","first_seen":"2023-07-07T04:22:54Z","last_seen":"2026-06-03T14:52:16.113942Z","times_seen":8349,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/img/icon-googlepay.png","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/img/icon-googlepay.png HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 6494\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-195e\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6494,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 127 x 83, 8-bit/color RGBA, non-interlaced","md5":"d449ffdba85ee2c61315d720603ac43c","sha1":"4a3875c7c7f23d3664b890a02f058cfff842a3c8","sha256":"cab70726a16828e87a146ba516658cecf081f3738e7e9e9a681a1a944ac489e9","sha512":"dc0fbaf4a1abb08899b5036550fea4cc95c7a0c8daecd0c7e7bfcf2c819080984c82b2f2230027d7dae6d979a115b85ee6d74cc1ce7cc8b39e1542f197c61732","ssdeep":"96:xkCjI/70Gh3flXbPny1Fzyb5RxLirlosfbcGgl+t3Z6YFM5SXlHS8vH2Z5EV1:3ITrflL/y1Fzyb7hmBiQ3ZfCpsI5W1","tlshash":"01d19f17f572ae40b211ac8e8de1605b985b9074add16037f99c897c033e737b824b57","first_seen":"2024-08-19T14:03:54.678898Z","last_seen":"2026-05-07T10:30:00.78089Z","times_seen":53,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/switchery/0.8.2/switchery.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/switchery/0.8.2/switchery.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 48570\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-bdba\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48570,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (375)","md5":"2d55d2c0b4666c3ed46ddfaedcc820b3","sha1":"9bf64ec3c3d4ca056a5692fef53e395a2f201546","sha256":"9f975700df649ea7090b2194630225b3fb50424d91b564fa391d304ba35dd079","sha512":"2f03b798451b6ed0abd561c24dea35dc2a507f0e8958abfdb3caca5ff3b4205af8103bb04e0b6757c6d7810b19ece4760ea6bbf80bb067d3246b94913144b411","ssdeep":"768:xLAIfz0XuDE38lSs/2yZ2NvSKmPhRJfa8oFX21ccGVcG0dwf3GMcGC75poVAee2T:RANuDEslB2yc1Qh/fan26nCORwAtlB","tlshash":"f923a59a73d92033419f617a968f92897279c0ba251b04cdf49e8dec3e9c97443f1eb0","first_seen":"2023-09-17T07:30:25Z","last_seen":"2026-05-07T10:30:00.743877Z","times_seen":85,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T11:17:03.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1 HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/html; charset=WINDOWS-1251\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nset-cookie: session=m7jhqvm0m035bed5gejmumg174; expires=Wed, 14-Jan-2026 11:17:03 GMT; Max-Age=604800; path=/\nreferer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9; expires=Fri, 08-Jan-2027 11:17:03 GMT; Max-Age=31622400; path=/\nPayFormLink=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.gematologbindasova.payform.ru\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery Modal:0.9.1","description":"jQuery Modal is an overlay dialog box or in other words, a popup window that is made to display on the top or 'overlayed' on the current page.","website":"https://jquerymodal.com","common_platform_enumeration":"","icon":"jQuery Modal.png","categories":["JavaScript libraries"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"FingerprintJS","description":"FingerprintJS is a browser fingerprinting library that queries browser attributes and computes a hashed visitor identifier from them.","website":"https://fingerprintjs.com","common_platform_enumeration":"","icon":"FingerprintJS.svg","categories":["JavaScript libraries","Browser fingerprinting"]},{"name":"jQuery:3.0.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap:3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20547,"size_decoded":0,"mime_type":"text/html; charset=WINDOWS-1251","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (391), with CRLF, LF line terminators","md5":"d7f6a5decacbf9c1dc166279a3fce4ca","sha1":"3a7a13fefe76ba30ec7249b9bb90f1d4a6bb36a7","sha256":"d7eceb925e3ae7c852cbe632358fee7b417dfe9e114f841d8275f666fe3a13bd","sha512":"5bbc53daa76ee8b40f5608a29e740b7ce4761a455d2bee834c2840ca117da68cb1ad5c76d4b6b57eaa43a93e7ea28c623fcc223c4ab2d8662151f328ef1c6204","ssdeep":"384:SJIRicqAKWcScAIjKee33MhWXBZRJNb9ZjA:SJIRFNhIjZy3MEZRfb9ZjA","tlshash":"77a2b8227809dc3f407355e4f4b0e75ea8d9e23dff83a584a1e8176e23d6dd09a22e14","first_seen":"2026-01-07T11:17:36.154509Z","last_seen":"2026-01-07T11:17:36.154509Z","times_seen":1,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":86,"dns":1,"connect":36,"send":0,"wait":388,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/pages/css/quiz.css?v=3","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/pages/css/quiz.css?v=3 HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 6548\r\nlast-modified: Tue, 27 May 2025 06:12:01 GMT\r\netag: \"683557b1-1994\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6548,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a31c567919ac5719cc7ff72d50261547","sha1":"6ad6d985a3d7f3cd6594ad752dd5d983e765f3e0","sha256":"764617738ae888c28fd3ea53fc5a6b13b6fe2e1aa31d6f7af1ff817bd4224266","sha512":"66700daae5ad74f2d071e58d7ae433c9421281d3e1b9a7ade1fae2af4a9a4b43460234e5c8f24e34781727d22fb633ea0bbb3f2ed8a821d360d59386a6d68d29","ssdeep":"192:MqVGjnTzvoWU3VwkrMr09S+oZF7TR+2m2XngwmIW0lNw1:ai1Y7F8","tlshash":"a0d1fc425aeb0418744be169af7a1b04131a0103f209eeb9ffddb25a4f8618bb1727c8","first_seen":"2025-05-29T18:41:46.330584Z","last_seen":"2026-05-07T10:30:00.787339Z","times_seen":42,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/getfile/widgets/jquery.allwidgets.css","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /getfile/widgets/jquery.allwidgets.css HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css;charset=WINDOWS-1251\r\ncontent-length: 43149\r\ncontent-disposition: inline; filename=\"jquery.allwidgets.css\"\r\ncache-control: public,max-age=3600\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43149,"size_decoded":0,"mime_type":"text/css; charset=WINDOWS-1251","magic":"Unicode text, UTF-8 text, with very long lines (1278), with CRLF, LF line terminators","md5":"756d5ab64ce98f0f65e73701c5394be8","sha1":"27abe10f87e878797102ab6ee661e271044eab25","sha256":"15b2719a39274b26f93d7cb8d0a6174b88c2bd4554bbbc63b2a344f71d52c01b","sha512":"1bf9c727271b124d528f0aa60cc2926e5d38f3a5ae53ce8d3c59bc971c9126c7d2021bba86bbce7112ae5c66c8e56c1dd6c3caab3a26697303910cc9c832fa4d","ssdeep":"384:fRF5pFM5uqEfn4h454U4UB4UR8YC9GfcBSCcdUmvQF5ckXjQrH+9EFK3YZb+:fRFni8fHfcBSXl4ckXjQrH+9EFvb+","tlshash":"7e1330a6b003fd89b6065052e9b181f16a2d7e3fd8075c6a765c2dae0fc5290a33f717","first_seen":"2024-08-19T14:03:54.65892Z","last_seen":"2026-05-07T10:30:00.765865Z","times_seen":48,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:400,700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Roboto:400,700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 07 Jan 2026 11:17:05 GMT\r\ndate: Wed, 07 Jan 2026 11:17:05 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10774,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"e7cb2d867b9e05f4af9720d19cbb5b2c","sha1":"b7ea4479ffbcfe28bb2e7050de141633d50668a9","sha256":"ca3ae8c189a16cda4e543ffa4da61384d726aeffa701ad4778cad607b8f76462","sha512":"b498a441ced0d5f18193d38d0af1e683dfcc032e69f6787aef1d188108d78065df640795465bbf7de9e7b82c41d62220b0f93597b5af4d47d2fa86f0b8d4317f","ssdeep":"192:cNKfsNKNNKKNKfWNK/q5NKDbqGIwV4DNKlNKuyNKoNKf1NKENKPNKfLNK/qgNKDD:qKfaKDKwKkKyfK/qY45KLKrKmKf7KCKe","tlshash":"78220fa1041b500057834ce223cebf30fe1f52507142d0b5abfdab6badcbc66526936d","first_seen":"2025-11-19T00:20:37.722165Z","last_seen":"2026-02-19T22:27:05.661867Z","times_seen":1395,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":121,"dns":5,"connect":20,"send":0,"wait":32,"receive":0,"ssl":98},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stat.prodamus.ru/api/v1/customers","fqdn":"stat.prodamus.ru","domain":"prodamus.ru","tld":"ru"},"ip":{"addr":"158.160.71.54","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:06.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"stat.prodamus.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 03:02:15 GMT","end":"Sun, 15 Mar 2026 03:02:14 GMT"},"fingerprint":{"sha1":"90:9E:B9:5A:69:88:52:2D:00:EB:BF:5F:39:69:AB:4D:4E:72:6F:18","sha256":"0E:B8:86:B2:01:A2:C3:F3:52:8F:85:42:C6:E1:C6:AB:3E:C1:CC:C9:AB:C1:5C:68:E1:09:56:CB:53:91:0C:16"}}},"request":{"raw":"PUT /api/v1/customers HTTP/1.1\r\nHost: stat.prodamus.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nContent-Length: 44\r\nOrigin: https://gematologbindasova.payform.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"PUT","post_data":{"size":44,"data":"fingerprint=faed01b113cfb270c624ee1aa793ad6c"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.4\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/8.2.17\r\nCache-Control: no-cache, private\r\nDate: Wed, 07 Jan 2026 11:17:06 GMT\r\nX-RateLimit-Limit: 60\r\nX-RateLimit-Remaining: 59\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:8.2.17","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":133,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"08a789a8b69500d602f4757b13164a96","sha1":"6c4b9f910042beecedb7fdb35da7a480be4aac59","sha256":"49ccf75b8e8afc4aa417a2432fcad8e03912c78477127f59d6b4a915fc2c0f36","sha512":"453154277aba6921f6c0c30ffb712d21849dd6f51cea9fc7430b02560a083c5b6fec99e0ab448d27be13a57ea06da0a0469b1b2352345f95a931cb2508c56cb6","ssdeep":"","tlshash":"23c09be07e2ced50055a08ce8095f271684d385f31525051f9a885444441d311c4e54f","first_seen":"2026-01-07T11:17:36.157121Z","last_seen":"2026-01-07T11:17:36.157121Z","times_seen":1,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":20,"connect":35,"send":0,"wait":55,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 1541\r\ncf-ray: 9ba30bef8af91a30-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec2-c81\"\r\nlast-modified: Mon, 04 May 2020 16:11:46 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 2891643\r\nexpires: Mon, 28 Dec 2026 11:17:04 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=wSdD%2BDzDP1TrA%2Fap46i9CShszSo7LVI4i%2BT%2FigiCNFhFgj4LhIVMGfWghiS0tqoGCRdlVG8ndd%2BRbMXuweFxKPJF5E98alAsvUr8ltsDKitdyl%2F24wo9%2FcHvSZiyYFJVB9w0BVvj\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3201,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (3201), with no line terminators","md5":"54e7ff4998b2900efc138ead15e54a93","sha1":"928eeaad352ee4698ec1dddad216ec38424cfee3","sha256":"eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1","sha512":"4f754bd6aea331423318b441f73f3aa0983d3e017b039e5e0b65e407ddf3c964aa430dc9bbee8810965805f4fb13dc0e1ccec708c08e652a5cb2cc67527e8079","ssdeep":"","tlshash":"8961b6b20d57056a72abc77287d51ba80475ca37e6130bbeb1267138c25a8d425f721f","first_seen":"2023-04-05T06:18:56Z","last_seen":"2026-06-03T16:04:41.083022Z","times_seen":8206,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":4,"connect":5,"send":0,"wait":15,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/jquery-mask/jquery.maskedinput.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/jquery-mask/jquery.maskedinput.min.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 4324\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-10e4\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4324,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4112)","md5":"bb2a5846df151c66877e0c198b61b684","sha1":"95a26d7d09bff3cf0c3a8a3b75056c73410e90fc","sha256":"fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62","sha512":"7782a4428864f87b301ace80d5de866a4e816fdacc5adc6339ad08898e3d4374de15de710338d65c30815bd452ee6f3a150e11cccd8174799d2679ca458927c7","ssdeep":"96:rNYaTbFaRZqD1B7sfha1s+Gib2V81qJQOPG:KaQRZqKhadGib2VyO4","tlshash":"a591c999bdd0710361b308e500bf861981395fea542f95d2a021f9dcbd38e2921e7d7d","first_seen":"2023-03-07T01:16:53Z","last_seen":"2026-06-03T18:03:17.470136Z","times_seen":3464,"resource_available":true,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/rest/uagent/","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:05.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"POST /rest/uagent/ HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 436\r\nOrigin: https://gematologbindasova.payform.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":436,"data":"source=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0)+Gecko%2F20100101+Firefox%2F134.0\u0026browser%5Bfamily%5D=Firefox\u0026browser%5Bmajor%5D=134\u0026browser%5Bminor%5D=0\u0026browser%5Bpatch%5D=\u0026browser%5Bname%5D=Firefox+134\u0026browser%5Bversion%5D=134\u0026os%5Bfamily%5D=Windows+10\u0026os%5Bmajor%5D=\u0026os%5Bminor%5D=\u0026os%5Bpatch%5D=\u0026os%5Bname%5D=Windows+10\u0026os%5Bversion%5D=\u0026device%5Bfamily%5D=Other\u0026device%5Btype%5D=Desktop\u0026device%5Bmanufacturer%5D="}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:05 GMT\r\ncontent-type: text/html; charset=WINDOWS-1251\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nset-cookie: session=m7jhqvm0m035bed5gejmumg174; expires=Wed, 14-Jan-2026 11:17:05 GMT; Max-Age=604800; path=/\nreferer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9; expires=Fri, 08-Jan-2027 11:17:05 GMT; Max-Age=31622400; path=/\n__ua_detect1=Firefox+134; expires=Thu, 07-Jan-2027 11:17:05 GMT; Max-Age=31536000; path=/; domain=.gematologbindasova.payform.ru\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/html; charset=WINDOWS-1251","magic":"ASCII text, with no line terminators","md5":"a60852f204ed8028c1c58808b746d115","sha1":"b0a98216a32426b9e66a4ac1eb6df2e96e1b495c","sha256":"843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c","sha512":"8f08a640907f62411c90fdfb58f33b770baee98d1454f3f82cd65a32f7e378c223557cef762e39207faab39263c7a3fa2b4a4b01ff8892b8dabf7111958a169e","ssdeep":"","tlshash":"c71000000000000000000000000000000c000000000000000c00000000000c00000000","first_seen":"2023-03-26T00:57:33Z","last_seen":"2026-06-03T14:27:19.00526Z","times_seen":17842,"resource_available":true,"data":null}},"time_used":250,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/getfile/widgets/css/jquery.ui.1.8.17.custom.css","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /getfile/widgets/css/jquery.ui.1.8.17.custom.css HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css;charset=WINDOWS-1251\r\ncontent-length: 33705\r\ncontent-disposition: inline; filename=\"jquery.ui.1.8.17.custom.css\"\r\ncache-control: public,max-age=3600\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33705,"size_decoded":0,"mime_type":"text/css; charset=WINDOWS-1251","magic":"ASCII text, with very long lines (1499)","md5":"3aac7e9e156114f997e0b8a4335fc807","sha1":"5ecfb59e235bf35db55d0641632b33b024ebe8cc","sha256":"6a3c3ac90bbcd5cd6fbf4a892a2d63aa2420ec205447d31b64cdb24f567103e8","sha512":"7cb285004aea1c5e276b9c9c037f95fb1f10e28c3ceb674631c8844af89cdb8ef3731a9463ec14f965efaab039a8cc8c4be3ce339973c7771883e1ae5d240768","ssdeep":"192:KhUQ8r2v9i6fG9RhS2KV53skuMaaSQhQz0iIKkTQ/Wh6ZoubSwts+8T4Z2cAliAu:KhOrpzS2T7whubSQcT4Z2cT1nOY9F","tlshash":"53e210361b03211e7a57d26070a11bf7d23a2342fd677e7e549b2499d3e98e080bf9b0","first_seen":"2024-12-06T22:54:30.614311Z","last_seen":"2026-05-07T10:30:00.818317Z","times_seen":52,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/bootstrapv3/js/bootstrap.min.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/bootstrapv3/js/bootstrap.min.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 35951\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-8c6f\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35951,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025)","md5":"8c237312864d2e4c4f03544cd4f9b195","sha1":"253711c6d825de55a8360552573be950da180614","sha256":"d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8","sha512":"e18a5959736a9ceef67b40daf7964c519c678d680bbda8d2c7679281f5d349a286c99b96ca24e7a8e64ce987d372d74ae12da7255c606ccfe27ac13a35b5a3d2","ssdeep":"768:b8lBD27UwlNBMl9/qahC2+jS1g8ep0skCXFXflcKGf3Z1RQ:oe78+S1Klvla3ZrQ","tlshash":"f5f29606b23031a107dfb1e5515b020b72396a6ee90690bc78b9dae53db9c48717bf3d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-06-03T17:04:38.727873Z","times_seen":10031,"resource_available":true,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/js/site.js?v=37","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/js/site.js?v=37 HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 70421\r\nlast-modified: Fri, 21 Nov 2025 03:26:50 GMT\r\netag: \"691fdbfa-11315\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70421,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"17707df4243f30fbe5ea4bbc14bb693d","sha1":"ce8ff0e809171f0044779d74ce55a16594e51e16","sha256":"a09b5433726e840d9a8e135a7350574d4882f2de56609b554f1ec110f35cecb8","sha512":"b62bcb3f29c9869009e1564f693dc554dd5093154e651397416b2a4167bf883d22067f5c32fb83d5c6869629a5ccd9dbe690a1ee855674740eb054bcdccfd438","ssdeep":"1536:d8q4MaWcK4ku6j3Sv4MjFdAXQO6pjtcrVhSAUENaT8q:d8q4tPOWj+vSAUEi","tlshash":"5563824971f714710037b07b8bff65042636402b590aca207dad17a46fe5a68a7f2fbe","first_seen":"2025-12-01T17:57:17.056476Z","last_seen":"2026-02-18T14:42:00.583642Z","times_seen":5,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/img/prodamus.png","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/img/prodamus.png HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 8331\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-208b\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8331,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 366 x 44, 8-bit/color RGBA, non-interlaced","md5":"89b8e70fb3c14f55795ac81d14beb7b5","sha1":"e6e554a4329f7788f301a5d5dfd67e9e9314f8c6","sha256":"741a8055a9aa73ac4f03c45fac96f562232625039e3161b667d27c050df48923","sha512":"2cbcb758214f5cc4dff059a123cb934ee428d4b8d17a8ae980938a5a8f91b40677298713e604a59a09e73bdcf3c635b543aa15cddb31f6e116a22286b91e88ad","ssdeep":"192:uuV6he2ngNK5MDxblgAxJeJ7H9JPzLGlFyCj2A0ljP5RXVRXvA9:ue6hNiK5MLvIrHQXj2A0lVRrvq","tlshash":"7102af6ad441a6eb115fe1f410c2b657f63305c106d470b67d98ad2369270bbb31e8ee","first_seen":"2024-08-19T14:03:54.653624Z","last_seen":"2026-05-07T10:30:00.794099Z","times_seen":54,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/?callback","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:05.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 19:31:13 GMT","end":"Thu, 19 Mar 2026 19:31:12 GMT"},"fingerprint":{"sha1":"FD:43:17:F6:FC:F9:5E:2B:53:FD:34:62:25:32:FF:41:EC:72:38:91","sha256":"8D:5B:FC:11:FC:AF:23:2A:87:1C:7B:4B:8D:AD:0B:AB:BB:D9:D3:7D:C7:9E:49:C6:11:1F:78:3D:E2:1A:49:DC"}}},"request":{"raw":"GET /?callback HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gematologbindasova.payform.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-type: text/html; charset=utf-8\r\ncontent-encoding: gzip\r\ndate: Wed, 07 Jan 2026 11:17:05 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=2592000; includeSubDomains\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":280,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"adf22d9a8ca3a97a9ff78909b8702358","sha1":"f5046826566a7e98d6b5e5c7b0a65677c3bde708","sha256":"756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3","sha512":"182391c8c01e54481853a09aa4cf8072496850e45863b198721d0d572e3aa93d8fe11a90bfb24cf97fa64cc132f1594c379474db65db5a1d2207694f770443b9","ssdeep":"","tlshash":"c3d02b6621341b37aeed455c8406960622656e1f1642369f0fe72b0c100c87334f03ae","first_seen":"2023-04-17T17:28:07Z","last_seen":"2026-06-03T16:45:08.181276Z","times_seen":58376,"resource_available":true,"data":null}},"time_used":320,"timings":{"blocked":78,"dns":13,"connect":29,"send":0,"wait":162,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/favicon.ico","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:05.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9; __ua_detect1=Firefox+134\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:06 GMT\r\ncontent-type: image/x-icon\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nset-cookie: session=m7jhqvm0m035bed5gejmumg174; expires=Wed, 14-Jan-2026 11:17:05 GMT; Max-Age=604800; path=/\nreferer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9; expires=Fri, 08-Jan-2027 11:17:06 GMT; Max-Age=31622400; path=/\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"92553459e052cacd483529147af44ff3","sha1":"8ba53b021306ca2a5ac6d8e7723284c94b561254","sha256":"4c8d1c9721649a7e73ba42ac141383f115f363a0f246735c11ba1449b8b6f257","sha512":"1a92cee6f6008029b3d207dcdfee713d399d0e37e0a97e735fe0495b6fd180c81ad8f7c7b2a41e4176f15e6f886fbd939bdd95e092347710efd83c7ef6db1fc0","ssdeep":"48:32aTCaVMvr1wEGbOnvVR2slb0AhOewXXXZoXXZE:3BWvr1zRvVsswewXXX1","tlshash":"879162b213c6d3a9f9141bb0f1c60bf5990b9ea7dee0484753197c4938728aad886c6d","first_seen":"2024-08-19T14:03:54.666634Z","last_seen":"2026-05-07T10:30:00.763331Z","times_seen":53,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/font-awesome/css/font-awesome.css?v=4.7","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/font-awesome/css/font-awesome.css?v=4.7 HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 37414\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-9226\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37414,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text, with very long lines (372)","md5":"c495654869785bc3df60216616814ad1","sha1":"0140952c64e3f2b74ef64e050f2fe86eab6624c8","sha256":"36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c","sha512":"e40f27c1d30e5ab4b3db47c3b2373381489d50147c9623d853e5b299364fd65998f46e8e73b1e566fd79e97aa7b20354cd3c8c79f15372c147fed9c913ffb106","ssdeep":"768:mmMtI+A4CSIDqvnI+YTBrFPvVrJjhiRAiiEL:mXtI+A4GDUI+Y9rpVljhiIEL","tlshash":"37f241ece5bf18904391e0d16386a370bb3dbb2c8d4a6d5cd2a6798cb1c1255d2c63ed","first_seen":"2023-04-05T05:21:01Z","last_seen":"2026-06-03T16:55:31.90555Z","times_seen":87096,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/jquery-formstyler/jquery.formstyler.js?v=2","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/jquery-formstyler/jquery.formstyler.js?v=2 HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 38821\r\nlast-modified: Wed, 02 Apr 2025 04:01:47 GMT\r\netag: \"67ecb6ab-97a5\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38821,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"adb962d52023bc63a34cd020463e8b6d","sha1":"2cea64a6cc5fa0870c16ad784ecd0fbdf3df3fb6","sha256":"823f0509e66d981418e240b0fe751ed54b2f39b58789aeedf7c4655e05f594b8","sha512":"386e6274ed485e6c75b79ded46853cca84ce2465a9cfa03c07be8401c148122a9c6fcdc713d21b5fa59651254b2152fb4acddf5038253187c370cb77633d4402","ssdeep":"384:ItHYJiRJ5vBLjCubtdyJbVVZUIA/z7jBGeTCFv6RuGSVUsNzFeLE9NK3Dyx:EHTNXa76jBGi+v68GoNzFehzE","tlshash":"21132fa9f3ad307e957b21a35c5c61cc443d41758c1228b6bcb897681bc786a637e83f","first_seen":"2025-04-02T20:10:59.192775Z","last_seen":"2026-05-07T10:30:00.75881Z","times_seen":43,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/assets/plugins/intl-tel-input/build/js/intlTelInput-jquery.js","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /assets/plugins/intl-tel-input/build/js/intlTelInput-jquery.js HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 83080\r\nlast-modified: Thu, 06 Feb 2025 16:58:26 GMT\r\netag: \"67a4ea32-14488\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":83080,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9375)","md5":"b505fd89167f1bc1b5fab1e24508b9ba","sha1":"5d8c2d6d475d515c13736b4175dc1f027012316a","sha256":"4fedfdef2e4144de36672a06d27bde5a38d56ac7711c82c423eed38bba39d059","sha512":"5cc4178788742a7d44cba21c54a737d651839265d5dc5c4c9a5574be659e53f3844ee49f054ba78c07ede5789c4e21977e3b807349fafff7506eb7d124ee5167","ssdeep":"1536:DoOHUQMt49TjqAHSKWG6oF4J9x2d2VnDkSr:jbrjqAHSKWGjFld2Vnxr","tlshash":"e983c51ea7eb03279cb3e16a2faf514e626445174606cc043c9c9bc81f4e87596f6bf8","first_seen":"2024-08-19T14:03:54.688742Z","last_seen":"2026-05-07T10:30:00.749059Z","times_seen":54,"resource_available":true,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gematologbindasova.payform.ru/authorize/script.js?v=1","fqdn":"gematologbindasova.payform.ru","domain":"payform.ru","tld":"ru"},"ip":{"addr":"62.84.112.79","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1","date":"2026-01-07T11:17:04.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"payform.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 03:47:43 GMT","end":"Wed, 25 Feb 2026 03:47:42 GMT"},"fingerprint":{"sha1":"33:81:41:DC:9D:31:1F:71:AF:57:81:84:B5:33:E7:0E:52:72:6F:58","sha256":"03:EE:C0:A4:AC:2D:0D:EA:5A:22:74:13:1B:BE:B2:3A:34:24:15:9F:69:69:A5:2F:5D:2F:03:E9:8E:36:30:6F"}}},"request":{"raw":"GET /authorize/script.js?v=1 HTTP/1.1\r\nHost: gematologbindasova.payform.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gematologbindasova.payform.ru/?invoice_id=c84fb631059cc0aa88a398b535c7f3f2\u0026paylink=1\r\nCookie: session=m7jhqvm0m035bed5gejmumg174; referer=YTozOntzOjM6InVybCI7czowOiIiO3M6Mzoic3lzIjtzOjA6IiI7czozOiJrd2QiO3M6MDoiIjt9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 11:17:04 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 45299\r\nlast-modified: Thu, 06 Feb 2025 16:58:27 GMT\r\netag: \"67a4ea33-b0f3\"\r\nexpires: Fri, 06 Feb 2026 11:17:04 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45299,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (929), with CRLF line terminators","md5":"7070b84292dc98ad21dbfbbb09d769f4","sha1":"d6fcf5536a586fbdfae5234068de22cc2c99f38a","sha256":"0d9f3f2eac2e13c6bf68900176a9ace00e05ae7453f5e0f8abc07e208f471fdb","sha512":"da809f9e4b2ea5f3e5053f7de3176297272a557f3a08b3a997f7091b92cc8995a8e2f2bc50065ae4255bd6b44af51cae94d0fc797c1072e398f6fe733add7c4b","ssdeep":"384:CWhE+0AORumwy8pYT3uTw5FSwMIwwUs3w237Qb8MWo2+bDZdnQQnYoIpIb:XhEpjRsbGh5FSwMIHUsA2rQb8Bo2+Z9j","tlshash":"4513f8c0f21d764f83a2321790b6a5096e3ec4b50645097ef6a528fea8d500dc37eebd","first_seen":"2024-08-19T14:03:54.697803Z","last_seen":"2026-05-07T10:30:00.790907Z","times_seen":54,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}