{"report_id":"84d3f4f4-2bfe-4c62-8818-4b24b171f90a","version":6,"status":"done","tags":[],"date":"2026-03-04T10:54:07Z","url":{"schema":"http","addr":"widget-frame.kassir.com.ru/","fqdn":"widget-frame.kassir.com.ru","domain":"kassir.com.ru","tld":"com.ru"},"ip":{"addr":"79.174.92.43","port":0,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"widget-frame.kassir.com.ru/","fqdn":"widget-frame.kassir.com.ru","domain":"kassir.com.ru","tld":"com.ru"},"title":"Виджет","dom":{"size":11918,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"68843241a2b0851f763945e61d0026d1","sha1":"57f020b2d8da4df3f2640ede4c9c931b295b49f2","sha256":"024a2bd5922bc0ec4367ac8e059a630b79a4818c3bd607b8a3cf20ab79fa1342","sha512":"61fb76e71b440e359ffb37ff3ccd48b6d9fb89b535f6b024c477ecdb8d2620484eb845134aeacd4473f8d0f24621e45539c891b936d5aba53709fa0aadd7fa56","ssdeep":"192:RKTrHSo5OsqgfFHSRQinF/JQJ/QAzGDRaJwX8pT15MAknpRQw1w5+5NtLGXcd5S:3Q2ixeFpRjRL+X","tlshash":"713295aa1cf3021d1417a06857ef2608317484174917fc793d9d7e49af8aa8c3afb7e6","dom_hash":"domhashbceb572a7e67e4611e183f98eeb1ad43","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"widget-frame.kassir.com.ru/","fqdn":"widget-frame.kassir.com.ru","domain":"kassir.com.ru","tld":"com.ru"},"ip":{"addr":"79.174.92.43","port":0,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T10:54:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"widget-frame.kassir.com.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"jswidget.ticket-widget.com","ip":{"addr":"37.9.38.38","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"domain_registered":"2022-01-10","domain_rank":0,"first_seen":"2022-06-26T11:21:29Z","last_seen":"2026-02-26T14:13:27.079018Z","alert_count":0,"request_count":1,"received_data":1275752,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"widget-frame.kassir.com.ru","ip":{"addr":"79.174.92.43","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2014-01-28","domain_rank":0,"first_seen":"2026-03-04T10:54:09.079016Z","last_seen":"2026-03-04T10:54:09.079016Z","alert_count":2,"request_count":2,"received_data":12363,"sent_data":954,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.29.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Sentry:7.66.0","description":"Sentry is an open-source platform for workflow productivity, aggregating errors from across the stack in real time.","website":"https://sentry.io/","common_platform_enumeration":"","icon":"Sentry.svg","categories":["Issue trackers"]}]},{"fqdn":"browser.sentry-cdn.com","ip":{"addr":"151.101.2.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2018-05-30","domain_rank":23677,"first_seen":"2018-07-13T11:42:06Z","last_seen":"2026-03-02T03:12:17.663568Z","alert_count":0,"request_count":1,"received_data":62577,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"widget-frame.kassir.com.ru/","fqdn":"widget-frame.kassir.com.ru","domain":"kassir.com.ru","tld":"com.ru"},"ip":{"addr":"79.174.92.43","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"b2f4738f0dd0fc54f3d87b46936403da","sha1":"57f40cf664d6b747b4e0678a8dfd0a83aed2d8e8","sha256":"2427971ad1d371c7d3c4489cc510ee11f924dd8d94294d18aa15e361e197502d","sha512":"a8b16845f64ee41571b3341b2f7b2149a4d845313818edee2a0e71517fa6fa26e1567279c60e25dbf82552665d81acff02d262ae317afa43da58ea139559e0bb","ssdeep":"","tlshash":"e4a0228eb03c883c2e20a20038303a023822c00ca0020cb0cf00302e0ac00c300303e0","size":66,"data":"","first_seen":"2025-09-22T09:33:02.912686Z","last_seen":"2026-04-03T14:03:41.485447Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"browser.sentry-cdn.com/7.66.0/bundle.min.js","fqdn":"browser.sentry-cdn.com","domain":"sentry-cdn.com","tld":"com"},"ip":{"addr":"151.101.2.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3c72dd35c27bfdeb1d27aedd7d68462b","sha1":"60629fe427b4a841dc94bae0deec4a73a1bc4198","sha256":"126f3fd2720362158625758d78dcc663f35a69ebf01dfafb80c7f21c52191e5c","sha512":"0dd0b5915e9f8a077e4c99be14f65573611d4059e868fdc40b83b088ff778e33471e978cab4e9e34ec2c01a75e5f5b31655b069afafcdf00b4ae0fa8bf122088","ssdeep":"768:GkesxdHx5U9/RuEBxVTPWcwqFZ2X4g+5aYQ8VMBC3/T4wyD+zd3hRHFMCq6B1Zm0:j9a5E4prCG/DQ9+m9o4uWd2","tlshash":"2453c4c9b1d2b03547a719a5913b0106f73a5e60340bc0a8f56cddea6da640fe2b6f3d","size":62063,"data":"","first_seen":"2024-07-24T08:36:49Z","last_seen":"2026-04-03T14:03:41.483352Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget-frame.kassir.com.ru/","fqdn":"widget-frame.kassir.com.ru","domain":"kassir.com.ru","tld":"com.ru"},"ip":{"addr":"79.174.92.43","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"08b70addac790cf8f2d2e88354427dd3","sha1":"afd9655383a2295d56f37a9204a2022c1f058803","sha256":"0dc60f4e274365f790de2873950bd9924c408fa53630150f7929724cff36df19","sha512":"f876818a304d5012839d81630c43274b7d02a86b18a02e018c8fb5126b6c6ec1a7861df916ceda4b5c545285af1747a57b7878ff3aeb6354bcfb6bc1d8e5a754","ssdeep":"","tlshash":"a5b012d210eb611588a703442038449c080a000d0b6031207e62cd442511262349217d","size":91,"data":"","first_seen":"2025-09-22T09:33:02.914083Z","last_seen":"2026-04-03T14:03:41.485953Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget-frame.kassir.com.ru/","fqdn":"widget-frame.kassir.com.ru","domain":"kassir.com.ru","tld":"com.ru"},"ip":{"addr":"79.174.92.43","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"4642b78497914913dce4a8ff565e938c","sha1":"d76db88e44feb949e8bcdfa8865a9121e4852f8b","sha256":"f682582b1f29f48aae315e42905fa9783ba29582195adfa47107df048052c2e7","sha512":"2fcb05a878ee1e4458e04117b9f8198e17a95d8723feabbaa00a649e76668c8540baaed19617142731dccfed5b01cf541fed4e39b0531522e66ea62f24bd11bf","ssdeep":"96:GdmTI5Mx9IW9VJnaxYpAWokCOQw1wJ7/25rJV/9:u15MAknpRQw1w5+5h","tlshash":"0eb11ff818f2079e15276069a29fa1047258546b1c35fa34392d6d593f9c89c36bf3e3","size":5318,"data":"","first_seen":"2025-09-22T09:33:02.925704Z","last_seen":"2026-04-03T14:03:41.487974Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jswidget.ticket-widget.com/latest/common.js?4b31c609d1c181","fqdn":"jswidget.ticket-widget.com","domain":"ticket-widget.com","tld":"com"},"ip":{"addr":"37.9.38.38","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"81e68b3556a63c6cd101c646ab1bc469","sha1":"671c2ce7d05451154c67ba70c0c81e7bb9b098b0","sha256":"9464990bf2a284411c4d7b5cb46b6687002167b09ee6e9a0cc9f3486816c0995","sha512":"b50d0e480d35983fd0a7d442eeb67aca6fc3534a3d9944757d57bd8ca61d707e0860158157e1f484243162a421f9aa6a1f307cfd4cf09f53ada12ba5a197b4b8","ssdeep":"12288:OSnrKDbL0vQBxPJopqOrSWLkMrQ4ib/mk/Rx:JnrK8mxep3LkMrQ5bOwRx","tlshash":"e4453bc87292f0a553e391f5407f150bf33a3a29a80d8454f265ece4b87998e523bf79","size":1274916,"data":"","first_seen":"2026-02-26T14:13:32.289714Z","last_seen":"2026-03-04T10:54:12.925856Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget-frame.kassir.com.ru/","fqdn":"widget-frame.kassir.com.ru","domain":"kassir.com.ru","tld":"com.ru"},"ip":{"addr":"79.174.92.43","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"956beff2ee821b10556ea35a8aba6c52","sha1":"599af7a61a58e07d24f475dc8938e85a90e1f8fb","sha256":"63a8dd8bb9f4ab9c20249cb27d8e8634beb121dcc89456c4b00f193f7e091c85","sha512":"51e1269b622dbb37fde70b6ab983c7c89ecaae6246c70d9d9df2f7a7c2741319a297c99b1891422b3c2beb6b2e1ce1553cefb6dc44aaf8aa0ba7d3be0b4949dd","ssdeep":"","tlshash":"30f0274628e8113451b7a1ac4fbfa91d3815110f294eed39b99e88118f5d73f1877d4c","size":505,"data":"","first_seen":"2025-09-22T09:33:02.928836Z","last_seen":"2026-04-03T14:03:41.488898Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"widget-frame.kassir.com.ru/","fqdn":"widget-frame.kassir.com.ru","domain":"kassir.com.ru","tld":"com.ru"},"ip":{"addr":"79.174.92.43","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T10:53:45.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kassir.com.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 03 Jan 2026 20:48:12 GMT","end":"Fri, 03 Apr 2026 20:48:11 GMT"},"fingerprint":{"sha1":"FD:A5:A3:B9:DF:93:18:6C:28:0A:C7:79:61:F9:A1:6E:B8:60:B7:4F","sha256":"A1:FC:29:A2:0A:C9:32:D7:86:08:74:F7:AB:6B:1C:02:C2:A7:58:18:08:D2:B5:4F:2A:7D:1B:62:BC:03:46:7A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: widget-frame.kassir.com.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 04 Mar 2026 10:53:45 GMT\r\nserver: nginx/1.29.5\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.29.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Sentry:7.66.0","description":"Sentry is an open-source platform for workflow productivity, aggregating errors from across the stack in real time.","website":"https://sentry.io/","common_platform_enumeration":"","icon":"Sentry.svg","categories":["Issue trackers"]}],"data":{"size":11900,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"a1a710f9120ef3a7afb6290f52d7fb0d","sha1":"3f658d051dc6114f9a880899aa670f7df098cd09","sha256":"902f334395b2b984ad1b4bc266aecf5601d4e2832102c6c7c7007b6305ae5867","sha512":"f74a4c631a179aba37347480fbba9bc02922b093f0419235d32ba1547387d36e6774eb511587a1ba1eda05d0086864b714593e7561bc776c34f3eabf36b58310","ssdeep":"192:eKTSDHSo5OsqgfFHSRQinF/JQJ/QAzGDRaJwPtopT15MAknpRQw1w5+5NtLGXcdY:zQ2kxeFpRjRL+b","tlshash":"533285aa18f302191417a06857ef2608317484174917fc793d9d7e49af8aa8c36ff7e7","first_seen":"2025-12-11T10:45:24.417381Z","last_seen":"2026-03-04T10:54:12.919498Z","times_seen":4,"resource_available":true,"data":null}},"time_used":423,"timings":{"blocked":140,"dns":62,"connect":28,"send":0,"wait":142,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"widget-frame.kassir.com.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"browser.sentry-cdn.com/7.66.0/bundle.min.js","fqdn":"browser.sentry-cdn.com","domain":"sentry-cdn.com","tld":"com"},"ip":{"addr":"151.101.2.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://widget-frame.kassir.com.ru/","date":"2026-03-04T10:53:45.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.sentry-cdn.com","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2026 Q1","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 09 Feb 2026 20:53:24 GMT","end":"Sat, 13 Mar 2027 20:53:23 GMT"},"fingerprint":{"sha1":"A0:9E:62:C1:92:F6:6F:ED:65:40:22:B5:BE:E9:04:7D:B4:B6:91:9D","sha256":"63:7D:8B:7A:93:7C:10:AE:E8:6C:43:B5:2F:69:BC:7B:17:0D:06:25:AA:F6:42:9F:F0:12:85:58:50:43:58:39"}}},"request":{"raw":"GET /7.66.0/bundle.min.js HTTP/1.1\r\nHost: browser.sentry-cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://widget-frame.kassir.com.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget-frame.kassir.com.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 02 Jan 2026 19:30:57 GMT\r\nlast-modified: Wed, 30 Aug 2023 11:31:52 GMT\r\netag: \"141f4af062f67b3189008539dfcba0df\"\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\nage: 1466377\r\ndate: Wed, 04 Mar 2026 10:53:45 GMT\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: Fastly\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-length: 20984\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":62063,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (61934)","md5":"3c72dd35c27bfdeb1d27aedd7d68462b","sha1":"60629fe427b4a841dc94bae0deec4a73a1bc4198","sha256":"126f3fd2720362158625758d78dcc663f35a69ebf01dfafb80c7f21c52191e5c","sha512":"0dd0b5915e9f8a077e4c99be14f65573611d4059e868fdc40b83b088ff778e33471e978cab4e9e34ec2c01a75e5f5b31655b069afafcdf00b4ae0fa8bf122088","ssdeep":"768:GkesxdHx5U9/RuEBxVTPWcwqFZ2X4g+5aYQ8VMBC3/T4wyD+zd3hRHFMCq6B1Zm0:j9a5E4prCG/DQ9+m9o4uWd2","tlshash":"2453c4c9b1d2b03547a719a5913b0106f73a5e60340bc0a8f56cddea6da640fe2b6f3d","first_seen":"2024-07-24T08:36:49Z","last_seen":"2026-04-03T14:03:41.483352Z","times_seen":26,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":46,"dns":1,"connect":13,"send":0,"wait":15,"receive":3,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jswidget.ticket-widget.com/latest/common.js?4b31c609d1c181","fqdn":"jswidget.ticket-widget.com","domain":"ticket-widget.com","tld":"com"},"ip":{"addr":"37.9.38.38","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://widget-frame.kassir.com.ru/","date":"2026-03-04T10:53:45.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"d8311531-5ce9-4f66-88c3-53eac07aa061.selcdn.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Feb 2026 00:55:21 GMT","end":"Tue, 19 May 2026 00:55:20 GMT"},"fingerprint":{"sha1":"67:26:C6:AF:E1:D6:FF:DC:FE:F2:E5:40:53:02:9F:C3:C6:BD:90:65","sha256":"51:66:7D:E1:89:09:3B:0E:8E:00:99:B5:ED:B0:62:BC:27:B2:BE:F5:EA:5B:7A:C1:82:0D:D7:F7:B5:6A:29:E3"}}},"request":{"raw":"GET /latest/common.js?4b31c609d1c181 HTTP/1.1\r\nHost: jswidget.ticket-widget.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget-frame.kassir.com.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 10:53:46 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 1274916\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, X-Object-Meta-Mtime\r\ncache-control: public, max-age=31536000, immutable\r\netag: \"81e68b3556a63c6cd101c646ab1bc469\"\r\nlast-modified: Tue, 24 Feb 2026 06:22:42 GMT\r\nx-container-storage-policy-index: 0\r\nx-container-storage-policy-name: Policy-0\r\nx-object-meta-mtime: 1771914112\r\nx-timestamp: 1771914161.49051\r\nx-trans-id: 18971a8ab7e6ba0d\r\nage: 0\r\ncache: REVALIDATED\r\nx-cached-since: 2026-03-03T09:50:42+00:00\r\nx-node: m9-up-gc11\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1274916,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64679)","md5":"2ae553359edef6e941fec21e1e0acfd4","sha1":"cdd3601c507900c5b2fd5279c1ab14414f92f81b","sha256":"91e12681bd2722e5b0631b3eed69d2be8795d4a734e7bc92e4f862b949a47b1b","sha512":"3725babbd511c9445a66a526519a1ef95e940079980a87add7728f0f6c656ca0ac3a12b688193c0e4e9b6f187d702fd4550279b9d6952fc72a8ee54b97cbfc32","ssdeep":"6144:O3qu0blfTjjvvrqJ7g93K1pwSRmGqEbLZ0mDOjp4dFL0vQQSxhsbgQSJoQcvQIYY:OSnrKDbL0vQBxPJopqOrSWLkMrQ4iK","tlshash":"a5253bc87292f0a653e351f5407f140bf37e2a29684d9550f261ece4b87998e923bf39","first_seen":"2026-02-26T14:13:32.279282Z","last_seen":"2026-03-04T10:54:12.921407Z","times_seen":2,"resource_available":false,"data":null}},"time_used":995,"timings":{"blocked":240,"dns":113,"connect":58,"send":0,"wait":153,"receive":358,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget-frame.kassir.com.ru/favicon.ico","fqdn":"widget-frame.kassir.com.ru","domain":"kassir.com.ru","tld":"com.ru"},"ip":{"addr":"79.174.92.43","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://widget-frame.kassir.com.ru/","date":"2026-03-04T10:53:46.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kassir.com.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 03 Jan 2026 20:48:12 GMT","end":"Fri, 03 Apr 2026 20:48:11 GMT"},"fingerprint":{"sha1":"FD:A5:A3:B9:DF:93:18:6C:28:0A:C7:79:61:F9:A1:6E:B8:60:B7:4F","sha256":"A1:FC:29:A2:0A:C9:32:D7:86:08:74:F7:AB:6B:1C:02:C2:A7:58:18:08:D2:B5:4F:2A:7D:1B:62:BC:03:46:7A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: widget-frame.kassir.com.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget-frame.kassir.com.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 10:53:46 GMT\r\nserver: nginx/1.29.5\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.29.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":83,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"40e091ae8a82a69be213d095d414b1d5","sha1":"674cc4d453e76e87d24ad971d001d16b5f7f81b1","sha256":"39865fbfc83556c699194ce30ff5b84b4d21ec54b1d2e4495f65352d83af0657","sha512":"64a024b7160a1dbf17d4874250554ae394b766c95779b9f2fe473060328506ed4538e0a5ef268b55cca7e5d1b8893f5aca3ab6b2bc498fac1266b83fb30533b3","ssdeep":"","tlshash":"0aa0240c0c0f751c1f03c0fc70cc3c30c1454dc30f300510504dc43541d470d4441044","first_seen":"2023-04-20T01:41:07Z","last_seen":"2026-04-04T06:39:43.034684Z","times_seen":831,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"widget-frame.kassir.com.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}