{"report_id":"b4b52e40-61fe-4460-8bb5-7e552575bf9d","version":6,"status":"done","tags":[],"date":"2026-04-28T13:30:41Z","url":{"schema":"http","addr":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","fqdn":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"43.152.186.21","port":0,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","fqdn":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","domain":"edgeone.app","tld":"app"},"title":"Coinbase Secured Withdrawal","dom":{"size":1517995,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"75e3ccfa14deaa24cae40a6400b8011a","sha1":"e386bff9c92e644779c8e544b607569468e946d8","sha256":"dbd769a30a09f057ae3932a9bee76f21b37965ccd6a99d90a8af24ba634ab13b","sha512":"0a5f1b6da8abf9f628ec3cb40eda8c900ad6cdb698444ccdb7810abf70e289612ec60f55deed8918182a0bd64d2f7057942fb469351c1b9870a06776d220eb07","ssdeep":"24576:YGxs0yWm9e9PRLEIYrCd4XSMHgv4lhSDzJNGbcg:YGxs0yV9e9PRLjYrCd4XSMHgv43SDzJ+","tlshash":"02656cd5b2c5f4a507e301e6943b1002a33a1c1a740da468fbbcdcd7a96a58e6337f79","dom_hash":"domhashc44c55ddb06c034b0a61fba39eb90807","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","fqdn":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"43.152.186.21","port":0,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-02T13:30:41Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"code.jivosite.com","ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"domain_registered":"2011-05-06","domain_rank":232952,"first_seen":"2012-07-22T02:03:39Z","last_seen":"2026-04-23T00:41:48.489595Z","alert_count":0,"request_count":8,"received_data":1736749,"sent_data":4082,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.discordapp.com","ip":{"addr":"162.159.133.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-02-26","domain_rank":16705,"first_seen":"2015-08-24T13:06:21Z","last_seen":"2026-04-24T12:02:11.335077Z","alert_count":0,"request_count":3,"received_data":2717,"sent_data":1848,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","ip":{"addr":"43.152.186.21","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2023-05-10","domain_rank":0,"first_seen":"2026-04-28T13:30:44.396086Z","last_seen":"2026-04-28T13:30:44.396086Z","alert_count":2,"request_count":1,"received_data":20185,"sent_data":518,"comment":"","tags":null,"fingerprints":[{"name":"JivoChat","description":"JivoChat is a live chat solution for websites offering customizable web and mobile chat widgets.","website":"https://www.jivosite.com","common_platform_enumeration":"","icon":"JivoChat.png","categories":["Live chat"]}]},{"fqdn":"node-ya-6.jivosite.com","ip":{"addr":"158.160.53.45","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"domain_registered":"2011-05-06","domain_rank":1470340,"first_seen":"2023-01-18T14:06:31Z","last_seen":"2026-04-22T14:35:17.203627Z","alert_count":0,"request_count":1,"received_data":851,"sent_data":561,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","fqdn":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"43.152.186.21","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"09b32b2b6ffd99e0da49a1e09277d037","sha1":"5db409452d6bd8d58bec9808140b348199ce5e9c","sha256":"dba22350b4616390c0b14e9095844ef03e4672ea4188ef523a5336a1849fea9b","sha512":"455d3995f666c8a663bc1c9c49e490d158b5cffe44377ccd2d3c450a11dba1a152feb1dd6cba7c1c6842a2d9c0dc82e6a5b957550d0233c6bee0ecbb7195fe76","ssdeep":"","tlshash":"858112da3a6325700faf7fbf15e783c9383052571802db897d2c84049f15ee86176b9a","size":4071,"data":"","first_seen":"2026-04-28T13:30:47.163123Z","last_seen":"2026-04-28T13:39:30.226072Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/widget/soDzcj41xV","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"0396887e24f82a5c739687747a2d5d1e","sha1":"e414bf5b0189af9d82589194ceb3912190f5ad4c","sha256":"dadbf61af1aa9ede34b6bd9797f5cc4a7d1e90901cb10fe3b20e1573502a1254","sha512":"a01a07fd246c3060e31ec3363f6f8f43d544c9670f76d43f2d79d14fe03d1be6481ec6f04c4639b4ddab11c9454640251c3797baf3afc2a3c8522e1b555ea672","ssdeep":"384:boU+JvepohmPF0jyrArr0aX55Mf7qISOqrebz8sROweqWcPdv:UI//AjX54cr7sXWcPdv","tlshash":"f1823b6e7959b97743b218b9516f6209733549ebd404c920a401e98d7cb8ace813fef8","size":18118,"data":"","first_seen":"2026-04-27T13:30:50.955671Z","last_seen":"2026-04-28T18:26:35.407555Z","times_seen":149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","fqdn":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"43.152.186.21","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"9f6b03ad7a18754a9ab3fa42edf2f0f4","sha1":"c811f84fa6e16962047265d11348837ad666be08","sha256":"f8e4ce547d8d4ad8cf484d64f893c38f8156ee41b560a7e57cdc800e5d464bcc","sha512":"dce12cb13d50532e84e06bc519a39bb3ba31727c9a9d43d543673d4bf80907d2f4abb1a2ed1366d638a12c6523ecf0f8b7404bc853c0ffaa9912e8707dc0b114","ssdeep":"24576:2Gxs0yWm9e9PRLEIYrCd4XSMHgv4lhSDzJNGbck:2Gxs0yV9e9PRLjYrCd4XSMHgv43SDzJi","tlshash":"a1656cd5b2c5f4a507e301e6943b1002a33a1c1a740da468fbbcdcd7a96a58e6337f79","size":1517801,"data":"","first_seen":"2026-04-27T13:22:49.458069Z","last_seen":"2026-04-28T18:26:35.414843Z","times_seen":133,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/bundle.js?rand=1777297771","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"46d8d0628da3d93efb862e1649dcbbca","sha1":"3868ea2a5276e00da6f936ac6b750a26ae943ddd","sha256":"ac2c3c4f6eaff634af74eedd79722cd1119982b6d2addd0e5d5e94780e106636","sha512":"ac627b901df6259bacc72cbfcfa6b758c4eca61e6e72d0101316f5638522685e63c9da3468cc5800fb068a9bf9019611d00c3b63fe5d407228ef3b51779d5770","ssdeep":"24576:PIuR2z48eK9n++ePuZlhExSZCPXdPRmT3r7O1kxSngPgYlVqnH7XhtHgC8IY:PIuR2c8eK9n++eZSZCPXdPRmT3r7O1er","tlshash":"ae756bc5b1c5f46103d355e6a03b2005b33a2859340da068bbbcdcdbe96a98e6377f79","size":1550289,"data":"","first_seen":"2026-04-27T13:22:49.479459Z","last_seen":"2026-04-28T18:26:35.41563Z","times_seen":133,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/cdddffe/locale-en-US-json.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f87471a3d1fb33be6a51912861776bb","sha1":"8bb52b99066392f10ab336b980dfbe0b8fb4dfc6","sha256":"34e2fac9b502488543160a64f763a23608d196acf4dd0c4fecd57ef957572fcf","sha512":"a363d37884af6c3b20e287e9324a16055968acc28d04f79d7acb9b5f8a0cc67e7edf70d05495a9e9dbe14996e704484d9b710ae06e12bd6d87d9d68b515a54e0","ssdeep":"192:xbPfmk/7Obf14M6dOIpUTPqZ8BijFLeEJK:x7fH7ObdFWOIphZ8wjFCmK","tlshash":"a222d71ee7017f360fa613c3744f7b5376a480e592646c75d89c826943b9bcab217b8c","size":10670,"data":"","first_seen":"2026-03-31T14:01:24.495424Z","last_seen":"2026-04-28T18:26:35.390432Z","times_seen":608,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"e562dd896ac4d3c02dbbf846de7d12db","sha1":"231e3aed32b82f17d971a11ee73be3bb56390476","sha256":"e0cfa4c4edd139ab165a2797e3dfba257e50205b1c6ef90a218cfed169b28af2","sha512":"f87032635de78b01179a826d4132025505ddb632b1bd71290efce46b7dcca0e5cdf3618d6e9ad32e4ac304ce8675942733f852ae97da310ad7ac240bffed43dd","ssdeep":"24576:wGxs0yWm9e9PF7QIOrmQ1eSMHg74lhSCzJNGb8C:wGxs0yV9e9PF7fOrmQ1eSMHg743SCzJc","tlshash":"ae656cd5b2c5f4a507e301e6943b1002a33a2c1a740da468fbbcdcd7a95a58e6337f79","size":1516000,"data":"","first_seen":"2026-04-27T13:22:49.49286Z","last_seen":"2026-04-28T18:26:35.416903Z","times_seen":131,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"code.jivosite.com/sounds/notification.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","date":"2026-04-28T13:30:22.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/notification.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 28 Apr 2026 13:30:23 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 5808\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69de0593-16b0\"\r\nexpires: Wed, 20 May 2026 11:29:57 GMT\r\nlast-modified: Tue, 14 Apr 2026 09:14:59 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-04-20T11:29:57+00:00\r\nx-node: m9p-up-gc7\r\ncontent-range: bytes 0-5807/5808\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5808,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural","md5":"9aa341af370c4e59155717260ba0f282","sha1":"0c1216ecead8d1409557c843d96202c063f3f252","sha256":"1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab","sha512":"e6663f8406d859a7ae65e6eb9512ed1e79244b8f5b2119823f80fed99c17dd4a086cc17083f3cd70b6dd990c39b3be80142f303a7c2a9fbb9302147e700fa5cb","ssdeep":"96:XYLRSqytFnbfWnHBaSvgEyZMZuiusJ0jQDrrQNw:IMTnbfGhaSvg/inqc0m","tlshash":"cac1297acc3c146fd81e88b53f3bb0c9421c61803a00d8e61c99bb5bd6b2ba975468d2","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-04-28T17:56:36.284051Z","times_seen":14136,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.discordapp.com/attachments/1329572653723549791/1498238289964961862/image.jpg?ex=69f06ea4\u0026is=69ef1d24\u0026hm=d66e4f952238cc271c42e5e74990927443f0ffd1a71612bed1e513a3593715e0\u0026","fqdn":"cdn.discordapp.com","domain":"discordapp.com","tld":"com"},"ip":{"addr":"162.159.133.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","date":"2026-04-28T13:30:19.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"discordapp.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 15:08:03 GMT","end":"Tue, 02 Jun 2026 16:08:01 GMT"},"fingerprint":{"sha1":"A9:E6:44:38:CA:F4:9F:11:F8:8C:D8:E3:72:EC:1A:11:82:05:F0:73","sha256":"0D:3D:F4:CB:7D:42:B5:CE:DD:B6:21:39:EC:A7:BC:AF:B6:DC:E1:94:74:79:F6:84:C6:E9:E9:08:96:20:ED:A4"}}},"request":{"raw":"GET /attachments/1329572653723549791/1498238289964961862/image.jpg?ex=69f06ea4\u0026is=69ef1d24\u0026hm=d66e4f952238cc271c42e5e74990927443f0ffd1a71612bed1e513a3593715e0\u0026 HTTP/1.1\r\nHost: cdn.discordapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 28 Apr 2026 13:30:19 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 36\r\nset-cookie: __cf_bm=LH1Hy3az9Gnc6BVm18x44XsVoBjkHMZfRB5VwkDIC7k-1777383019.8695412-1.0.1.1-dHwpNG45E824YKIrOVBd6qnW7nK4_V1c.DST32XYdzIX1X.yNKchDGDi2TuzezevAOOB1bb42EPW92EdIKznQ.XQifqu.zS6gvwPg6VeAzj8XizFoieV.4BntCPTaCoV; HttpOnly; Secure; Path=/; Domain=discordapp.com; Expires=Tue, 28 Apr 2026 14:00:19 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bpi9cabFHbR6g%2B6rdn1CrEgrcuiGx6PjYkJKzrj5SxouDw1L9s0bYigMiuozIArpi6cWWnnZ1mhkxXpZYH8KSkvNbrNil6Qo%2BU92%2Faf6vk1HapzppwVlblJ1XwdfU35Jm1NQgw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp\r\nserver: cloudflare\r\ncf-ray: 9f366bc2289276ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T18:24:19.860873Z","times_seen":14338069,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":88,"dns":35,"connect":2,"send":0,"wait":9,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/widget/soDzcj41xV","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","date":"2026-04-28T13:30:19.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /widget/soDzcj41xV HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Apr 2026 13:30:20 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 6196\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7200\r\ncontent-encoding: br\r\netag: \"69ef3c39-1834\"\r\nexpires: Tue, 28 Apr 2026 15:30:20 GMT\r\nlast-modified: Mon, 27 Apr 2026 10:36:41 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: MISS\r\nx-node: m9p-up-gc45\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18118,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18118), with no line terminators","md5":"0396887e24f82a5c739687747a2d5d1e","sha1":"e414bf5b0189af9d82589194ceb3912190f5ad4c","sha256":"dadbf61af1aa9ede34b6bd9797f5cc4a7d1e90901cb10fe3b20e1573502a1254","sha512":"a01a07fd246c3060e31ec3363f6f8f43d544c9670f76d43f2d79d14fe03d1be6481ec6f04c4639b4ddab11c9454640251c3797baf3afc2a3c8522e1b555ea672","ssdeep":"384:boU+JvepohmPF0jyrArr0aX55Mf7qISOqrebz8sROweqWcPdv:UI//AjX54cr7sXWcPdv","tlshash":"f1823b6e7959b97743b218b9516f6209733549ebd404c920a401e98d7cb8ace813fef8","first_seen":"2026-04-27T13:30:50.955671Z","last_seen":"2026-04-28T18:26:35.407555Z","times_seen":149,"resource_available":true,"data":null}},"time_used":1418,"timings":{"blocked":651,"dns":329,"connect":88,"send":0,"wait":107,"receive":3,"ssl":236},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.discordapp.com/attachments/1329572653723549791/1487872033806225438/image.jpg?ex=69ebadd0\u0026is=69ea5c50\u0026hm=d8562ef86b51478a539dbfbba335f78b6a341b70105d7e28a94f9c04a19c5221\u0026","fqdn":"cdn.discordapp.com","domain":"discordapp.com","tld":"com"},"ip":{"addr":"162.159.133.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","date":"2026-04-28T13:30:19.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"discordapp.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 15:08:03 GMT","end":"Tue, 02 Jun 2026 16:08:01 GMT"},"fingerprint":{"sha1":"A9:E6:44:38:CA:F4:9F:11:F8:8C:D8:E3:72:EC:1A:11:82:05:F0:73","sha256":"0D:3D:F4:CB:7D:42:B5:CE:DD:B6:21:39:EC:A7:BC:AF:B6:DC:E1:94:74:79:F6:84:C6:E9:E9:08:96:20:ED:A4"}}},"request":{"raw":"GET /attachments/1329572653723549791/1487872033806225438/image.jpg?ex=69ebadd0\u0026is=69ea5c50\u0026hm=d8562ef86b51478a539dbfbba335f78b6a341b70105d7e28a94f9c04a19c5221\u0026 HTTP/1.1\r\nHost: cdn.discordapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 28 Apr 2026 13:30:19 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 36\r\nset-cookie: __cf_bm=FX4k5s_egeM4023RxihtnXZYjiUJhwMUvysYwcUwU2k-1777383019.8704028-1.0.1.1-fePD0U2JNu8wk90tJqTmxqlhUiOd_Rq53FRhk.UUnJizWPMYPGL2QP4XeKQDLRZOx8XwGHiRzNe6eWgi6.FB.E2Wb5NAwabIzM8X5cPB.gEmJdIVHOq_FRC0ZIwxatia; HttpOnly; Secure; Path=/; Domain=discordapp.com; Expires=Tue, 28 Apr 2026 14:00:19 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7%2F6rJapyrPLYBF4Egz0s2%2B%2B3DGIoS31batgkMGS0%2FYNSGbmACP7mUlxyOne4kQvMZijcjSfQMM3AkObKnfgnlSbkk4lSxS%2BaOmmxYlsEa%2FHYPc%2F22IdkhTm0Oxp33ZL5jtMAaA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp\r\nserver: cloudflare\r\ncf-ray: 9f366bc2289d76ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T18:24:19.860873Z","times_seen":14338069,"resource_available":true,"data":null}},"time_used":187,"timings":{"blocked":87,"dns":35,"connect":2,"send":0,"wait":7,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.discordapp.com/attachments/1329572653723549791/1498238289751183510/image.jpg?ex=69f06ea4\u0026is=69ef1d24\u0026hm=5b9bf9abbd68ce6faef2320f2b4e24e1719fa5d9e029782b0962f55920e1bbf6\u0026","fqdn":"cdn.discordapp.com","domain":"discordapp.com","tld":"com"},"ip":{"addr":"162.159.133.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","date":"2026-04-28T13:30:20.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"discordapp.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 15:08:03 GMT","end":"Tue, 02 Jun 2026 16:08:01 GMT"},"fingerprint":{"sha1":"A9:E6:44:38:CA:F4:9F:11:F8:8C:D8:E3:72:EC:1A:11:82:05:F0:73","sha256":"0D:3D:F4:CB:7D:42:B5:CE:DD:B6:21:39:EC:A7:BC:AF:B6:DC:E1:94:74:79:F6:84:C6:E9:E9:08:96:20:ED:A4"}}},"request":{"raw":"GET /attachments/1329572653723549791/1498238289751183510/image.jpg?ex=69f06ea4\u0026is=69ef1d24\u0026hm=5b9bf9abbd68ce6faef2320f2b4e24e1719fa5d9e029782b0962f55920e1bbf6\u0026 HTTP/1.1\r\nHost: cdn.discordapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 28 Apr 2026 13:30:20 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 36\r\nset-cookie: __cf_bm=Apb4N1kgE_QhL990ZWNo2n8AxtPoxOKX6fGTexGJPVs-1777383020.1135192-1.0.1.1-iYpcAAa4i.KytI57v3udNDW__1R7CvtE7xfkfR6Z4pieKtefIQTKDIEonnlJFmXFJJKrzl4tHSFhHbUT.orQqzk2koRndpgfpyqzKOoT1HFm.i3b9m2SpyXvZP97SMmU; HttpOnly; Secure; Path=/; Domain=discordapp.com; Expires=Tue, 28 Apr 2026 14:00:20 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7KYjGtImtG1YEbvVwQUAqDQBHyKwKMqgDJHYei%2BkLNlqTXFOXZX9vyExOn7I6RVYn5kP4GlMca5Q5X93w4CFMpYrBEWgXI0yF7oJYPbc1XodVA3Z21eY%2Bja%2B1S7WWBcaGVatlg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp\r\nserver: cloudflare\r\ncf-ray: 9f366bc3bd2376ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T18:24:19.860873Z","times_seen":14338069,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/bundle.js?rand=1777297771","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","date":"2026-04-28T13:30:21.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/bundle.js?rand=1777297771 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Apr 2026 13:30:21 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 341857\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"69ef3c39-53761\"\r\nlast-modified: Mon, 27 Apr 2026 10:36:41 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-04-27T13:51:42+00:00\r\nx-node: m9p-up-gc58\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1550289,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"929a29a07012c618db937337fe12b5ab","sha1":"2c5578f8dc5ed5d81f390d55b3a099af15297974","sha256":"88867a565b506997c06bf955c9f1eb73e486003b555485833716c99333bbd768","sha512":"bc4b3feb78cab28928556491954ad9fc13dcf636500bba55803acf4bcff7e9413df982d207dfdd9c66e868bfdc595517ae16647ec617572fb36cfa681a41e44d","ssdeep":"24576:PIuR2z48eK9n++ePuZlhExSZCPXdPRmT3r7O1kxS9:PIuR2c8eK9n++eZSZCPXdPRmT3r7O1eQ","tlshash":"67254ac5b1d1f46502d355e6643b2009b23b285e3809b064fabcddcbfa6659e6233f39","first_seen":"2026-04-27T13:22:49.267492Z","last_seen":"2026-04-28T18:26:35.401631Z","times_seen":129,"resource_available":false,"data":null}},"time_used":420,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":319,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/css/cdddffe/widget.css","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","date":"2026-04-28T13:30:22.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /css/cdddffe/widget.css HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Apr 2026 13:30:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 25535\r\ncache-control: max-age=864000\r\ncontent-encoding: br\r\netag: \"69ef3c38-63bf\"\r\nexpires: Thu, 07 May 2026 13:51:33 GMT\r\nlast-modified: Mon, 27 Apr 2026 10:36:40 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-04-27T13:51:33+00:00\r\nx-node: m9p-up-gc71\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":137788,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"041432f71dc9bc619e6d6b6cb8f6d90f","sha1":"93bef8763a54d977d1b59c07353b2211296005d1","sha256":"c54015d15bee5fa4c4b0279b81dd37c2da14fdb0aefcbed726b4f062f1ad7d72","sha512":"751778dc90451376573375f1ab343498871c15bd42721f03feb76c9c0afcbc39a4c222fd12bd0aa5d9a5a9702709a442dde001ee2157b78a9aca587b0087e82b","ssdeep":"1536:yL5YTK1yt6s6UrhRDuGyr2a2fSup2yM6j6F+Lld4EUl61F6PQniDOIOADF6XckoQ:1Wq2VfoZ3YHH3I","tlshash":"ffd3e86aead1a53ce51a581ac8c5aa3ca63dd102cf231dbff744f3e147c76e21276805","first_seen":"2026-04-27T13:22:49.046602Z","last_seen":"2026-04-28T18:26:35.405249Z","times_seen":133,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":103,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/cdddffe/locale-en-US-json.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","date":"2026-04-28T13:30:22.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/cdddffe/locale-en-US-json.js HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Apr 2026 13:30:22 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3431\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"69ef3c39-d67\"\r\nlast-modified: Mon, 27 Apr 2026 10:36:41 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-04-27T13:51:34+00:00\r\nx-node: m9p-up-gc29\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10672,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10645), with no line terminators","md5":"0f87471a3d1fb33be6a51912861776bb","sha1":"8bb52b99066392f10ab336b980dfbe0b8fb4dfc6","sha256":"34e2fac9b502488543160a64f763a23608d196acf4dd0c4fecd57ef957572fcf","sha512":"a363d37884af6c3b20e287e9324a16055968acc28d04f79d7acb9b5f8a0cc67e7edf70d05495a9e9dbe14996e704484d9b710ae06e12bd6d87d9d68b515a54e0","ssdeep":"192:xbPfmk/7Obf14M6dOIpUTPqZ8BijFLeEJK:x7fH7ObdFWOIphZ8wjFCmK","tlshash":"a222d71ee7017f360fa613c3744f7b5376a480e592646c75d89c826943b9bcab217b8c","first_seen":"2026-03-31T14:01:24.495424Z","last_seen":"2026-04-28T18:26:35.390432Z","times_seen":608,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/outgoing_message.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","date":"2026-04-28T13:30:22.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/outgoing_message.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 28 Apr 2026 13:30:23 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 5014\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69de0593-1396\"\r\nexpires: Wed, 20 May 2026 10:29:00 GMT\r\nlast-modified: Tue, 14 Apr 2026 09:14:59 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-04-20T10:29:00+00:00\r\nx-node: m9p-up-gc29\r\ncontent-range: bytes 0-5013/5014\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5014,"size_decoded":0,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo","md5":"7bf3e4962a5ecf1f8cbcc2ff3428f531","sha1":"f75c694461a643d2e096ae8d0f6c1a9d19602eee","sha256":"d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11","sha512":"53fb17ca3361636acb0b80107f66810150a8bbed9aa5f878c2b1fb5a23ddf7fd349b30eb082b05efb3c0d08dc5383d30ef15d0ca99ad98d62e0a9a335112ed6a","ssdeep":"96:nKEOyBuK+1D2sMVx9FX7+0YQQinefV/1gr/EaadKXdGdimO1:K2QhGvYinsLE/SUdUime","tlshash":"5da1399616202262f6090cbf124ec2f4e3996f6b39044726b67cd290f46ffa25366983","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-04-28T17:56:36.352335Z","times_seen":14134,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","fqdn":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"43.152.186.21","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T13:30:18.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.app","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Nov 2025 00:00:00 GMT","end":"Mon, 16 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F6:84:C7:1E:F8:5A:EC:5F:B1:17:36:FB:01:CB:DB:C1:0E:C5:4D:09","sha256":"D2:65:EF:F3:E0:E5:38:B3:F8:DB:9F:90:CA:EB:E3:58:AA:0B:3D:23:0F:A0:A1:7C:7A:AC:21:E2:D7:61:A8:18"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 27 Apr 2026 08:55:12 GMT\r\ncontent-encoding: gzip\r\netag: \"f8e450af4793a8d95a057c16f557e1d3\"\r\ncontent-type: text/html\r\ncache-control: public, must-revalidate, max-age=0\r\nage: 102812\r\ncontent-length: 6288\r\naccept-ranges: bytes\r\nserver: edgeone-pages\r\ndate: Tue, 28 Apr 2026 13:30:19 GMT\r\neo-log-uuid: 18419914145396927515\r\neo-cache-status: Cache Hit\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"JivoChat","description":"JivoChat is a live chat solution for websites offering customizable web and mobile chat widgets.","website":"https://www.jivosite.com","common_platform_enumeration":"","icon":"JivoChat.png","categories":["Live chat"]}],"data":{"size":19780,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5351)","md5":"f8e450af4793a8d95a057c16f557e1d3","sha1":"5bdadca2367544e3df3f61e8f72b5f8af6cdebb3","sha256":"ebb6306bf58c51f38d51693ba6485463337f31292cd3a0ce98523cb6d9c34202","sha512":"a1b2870a4085446dc59083378074c39330ed19488819e28615dcb73a7b52a9f7624735b7cf639f33f82f81110e9eec4b8295ee94ac9041701268453bd19b1dcd","ssdeep":"384:SrHJK/3mDEYe1kJijEiXdiMiniFE4cmmq/e8Z86u++l:3mDEY+k8j5XMBiFE1U86ub","tlshash":"dd920b6d217318215c2b88abeaf6874e14319f07d502cea5badc40c4df86e98b5b376d","first_seen":"2026-04-28T13:30:47.154195Z","last_seen":"2026-04-28T13:39:30.205348Z","times_seen":2,"resource_available":true,"data":null}},"time_used":2089,"timings":{"blocked":1020,"dns":217,"connect":27,"send":0,"wait":29,"receive":1,"ssl":791},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/script/widget/config/soDzcj41xV","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","date":"2026-04-28T13:30:20.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /script/widget/config/soDzcj41xV HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Apr 2026 13:30:21 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 724\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7200\r\ncontent-encoding: gzip\r\nexpires: Tue, 28 Apr 2026 15:30:21 GMT\r\ntest: azazaz\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: MISS\r\nx-node: m9-up-gc229\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1458,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JSON text data","md5":"8c429e1bb3ab045db89f5ab1a7fc23a6","sha1":"23694ae77edb8ad610fc7c3af036224332ced7d0","sha256":"580571180f98d8eefd3a727f6561d0737dd7814a8f22356db60ae814b31821b6","sha512":"1bd14e52f8e63c0cb99ffde98271b99e82ae9169d0ebc5be1cde0169a2f6f784c04ccef91749279eabdb393fa5b14512253c5a325ce8fcdc056c0513323fd3c3","ssdeep":"","tlshash":"d53114f64d485c6b49857ed3a26bae03293cc6a6fec54f71cb985d2c20663d5130b60a","first_seen":"2026-04-28T13:30:47.157457Z","last_seen":"2026-04-28T13:39:30.212633Z","times_seen":2,"resource_available":false,"data":null}},"time_used":636,"timings":{"blocked":163,"dns":1,"connect":83,"send":0,"wait":297,"receive":1,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"node-ya-6.jivosite.com/widget/status/2724806/soDzcj41xV?rnd=0.75034758423011","fqdn":"node-ya-6.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"158.160.53.45","port":443,"asn":200350,"as":"Yandex.Cloud LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","date":"2026-04-28T13:30:21.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /widget/status/2724806/soDzcj41xV?rnd=0.75034758423011 HTTP/1.1\r\nHost: node-ya-6.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-max-age: 1728000\r\naccess-control-allow-origin: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app\r\naccess-control-expose-headers: X-Geoip, X-Botmode\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-security-policy: frame-ancestors 'none';\r\ncontent-type: application/json; charset=utf-8\r\npragma: no-cache\r\nserver: foxy/6.0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-botmode: no\r\nx-frame-options: DENY\r\nx-geoip: NO;03;Oslo (Alna District)\r\nx-powered-by: foxy/6.0\r\ncontent-length: 190\r\ndate: Tue, 28 Apr 2026 13:30:21 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":190,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d9e888bd2aab7aa8a14f5e5618fb3911","sha1":"0390a621f8a75317d07b1416965259d047b59026","sha256":"9a95d77214b462a1ee0fa8fe16769eb1d8a1e912de09d69de31e45a06a9f5cf4","sha512":"24e451611ae8113d1039de50f98ab83b40e0d8a81b333ccc2bce1e37a5539fcc7dab22bb0abaac32a151006b53e6d38320662b55d395ab4c8a0389923cb3cddb","ssdeep":"","tlshash":"d4c0c038023d18dd0b80c7a0e08f334b4820101304c1df28eb10ae84b0df7d0444e00b","first_seen":"2026-04-28T13:30:47.159792Z","last_seen":"2026-04-28T13:39:30.220044Z","times_seen":2,"resource_available":false,"data":null}},"time_used":904,"timings":{"blocked":429,"dns":341,"connect":35,"send":0,"wait":45,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/agent_message.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/","date":"2026-04-28T13:30:22.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/agent_message.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinbase-securedwithdrawal-fthzzbzyg7.edgeone.app/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 28 Apr 2026 13:30:23 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 3760\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69de0593-eb0\"\r\nexpires: Wed, 20 May 2026 11:27:32 GMT\r\nlast-modified: Tue, 14 Apr 2026 09:14:59 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-04-20T11:27:32+00:00\r\nx-node: m9p-up-gc8\r\ncontent-range: bytes 0-3759/3760\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3760,"size_decoded":0,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo","md5":"8e9a165c4cb185ffd0b2658fa088e43b","sha1":"195873e5e8bbb2f5ecc32d95f90d6fb75817a649","sha256":"ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43","sha512":"6ef9fac16ac2835ecb95ab077270293a95a3597fd28fb053b32cfeb6b0a72b52c0ee51b0504a463ac9db1d8a3b2c6c41f113012d6364d16feb8e01821a3221ff","ssdeep":"","tlshash":"c771295c69348528f80b31b89f4b765ac1512c19a8f2ddd4a62818e7377b36a678820e","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-04-28T17:56:36.38837Z","times_seen":14135,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}