{"report_id":"df18137f-0bae-479e-b20d-50c501937a8b","version":6,"status":"done","tags":[],"date":"2026-03-18T10:53:00Z","url":{"schema":"http","addr":"ssberkassa.site","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":0,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"ssberkassa.site/","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"title":"Sber Kassa","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ssberkassa.site","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":0,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-22T10:53:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"ssberkassa.site","ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2026-03-10","domain_rank":0,"first_seen":"2026-03-18T10:53:05.025524Z","last_seen":"2026-03-18T10:53:05.025524Z","alert_count":12,"request_count":12,"received_data":1161464,"sent_data":5397,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"telemetry.jivosite.com","ip":{"addr":"57.128.74.65","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"domain_registered":"2011-05-06","domain_rank":346139,"first_seen":"2015-07-15T08:41:42Z","last_seen":"2026-03-12T04:40:30.132361Z","alert_count":0,"request_count":1,"received_data":97,"sent_data":463,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"code.jivosite.com","ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"domain_registered":"2011-05-06","domain_rank":232952,"first_seen":"2012-07-22T02:03:39Z","last_seen":"2026-03-11T16:50:58.858134Z","alert_count":0,"request_count":9,"received_data":2054446,"sent_data":4223,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"vi-sber1-25.jivosite.com","ip":{"addr":"35.228.64.132","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Finland","country_code":"FI"},"domain_registered":"2011-05-06","domain_rank":3317510,"first_seen":"2023-08-15T13:44:04Z","last_seen":"2026-03-18T04:35:13.007773Z","alert_count":0,"request_count":1,"received_data":235,"sent_data":590,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sberkassa.site","ip":{"addr":"84.32.186.253","port":443,"asn":59642,"as":"UAB Cherry Servers","country":"The Netherlands","country_code":"NL"},"domain_registered":"2022-03-31","domain_rank":87791,"first_seen":"2019-06-10T12:43:56Z","last_seen":"2024-02-25T13:07:16Z","alert_count":0,"request_count":1,"received_data":10940,"sent_data":454,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.27.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"files.jivosite.com","ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"domain_registered":"2011-05-06","domain_rank":900178,"first_seen":"2014-01-17T11:07:42Z","last_seen":"2026-03-14T11:20:33.515305Z","alert_count":0,"request_count":1,"received_data":62620,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"node-sber1-az1-23.jivosite.com","ip":{"addr":"35.228.64.132","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Finland","country_code":"FI"},"domain_registered":"2011-05-06","domain_rank":2005043,"first_seen":"2023-08-18T02:25:56Z","last_seen":"2026-03-17T02:56:32.032952Z","alert_count":0,"request_count":2,"received_data":1650,"sent_data":1001,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"code.jivo.ru","ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"domain_registered":"2019-03-27","domain_rank":437705,"first_seen":"2022-03-30T15:10:58Z","last_seen":"2026-03-12T06:10:06.472195Z","alert_count":0,"request_count":2,"received_data":23770,"sent_data":879,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"code.jivosite.com/js/6370a34/locale-ru-RU-json.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"introduction_type":"scriptElement","is_inline":false,"md5":"65080e6af77563f03c053e8ab0cd04f6","sha1":"767051b2c3f4a74490f5f3d12e130fc5339a7c78","sha256":"a36906ea0e4b6011349eb091a4af7a8175369fdee3354c8994a2e1d8150d2647","sha512":"a0a99996112cf9318b2d5f395b489a4bef72ddee2033a760f2cdb7a293fcc64a4c72156d21c5c2f0adc54ae13c872542cd39c2826acb39e63e4050d779f07824","ssdeep":"192:2A4VzcShHYdx9j9ZQgQjHvsY3iiWfrK6WOb2e+pnE8KZISoLe9+VviYNVG9K2:xmbU53b6PniiWTMO+E8KZISoLeouK2","tlshash":"0d622e61479e75ea0205b04be8047f077bef40ff3faa53a649b45d7e35f2524823a20a","size":15170,"data":"","first_seen":"2026-01-27T14:42:26.341926Z","last_seen":"2026-04-01T08:42:49.658471Z","times_seen":737,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/6370a34/chatcontainer.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"introduction_type":"scriptElement","is_inline":false,"md5":"492acbc64e2f466517db38342f9fb435","sha1":"ff2c4c088d5b9c8b9d4df4fa94618f280a7e445a","sha256":"44c0282b5d5e1e17dce759359db9498b60ea0538e3e7dde5780046131cc43858","sha512":"7c15f55d60b207c3b3f4871f0ac0b0fd5ff6fb4b8cdd37f54b26c9b3e8d7792f39b0ef7c6c7b6ba0fa6caa248b44a1dc8948a51f9f86307c4736b66aee587bb6","ssdeep":"3072:6aeDEtKyr6o6Xoqo8PXDeqKOksHnkN5/mcK:LK7o6YR8jKqW5OcK","tlshash":"3f343ad171d0e8bc46e641c9a43f6100f2292c2df805b998f3fcddda9b5598a3262f6d","size":237181,"data":"","first_seen":"2026-03-12T11:56:30.378484Z","last_seen":"2026-03-26T06:11:30.271956Z","times_seen":152,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivo.ru/widget/lXwny26nxn","fqdn":"code.jivo.ru","domain":"jivo.ru","tld":"ru"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb1b9a4a70243889751856b12e8ba017","sha1":"ae4e02d99a7ae21d19fcd639f28f3174d9d64aa9","sha256":"e1f61c376df11a517a765eabaea30f00207cece6158108e520fbdbe6041b9e16","sha512":"d01f77c7d8007faea78b17fd8f12f16fa0cb817ed1c10d6bf56cef8aa247130e84cb4e03ff6fd769872becb1cd5216e849b591c4f3f846c8116007bac91c4144","ssdeep":"384:boU+JvepohmPF0jjrArr0aX55Mf7qISOqrebz8sROweqWcPdv:UI/AAjX54cr7sXWcPdv","tlshash":"8c823b6e7959b97743b218f9516f620a733549ebd404c920a401e98d7cb8ace813fef8","size":18118,"data":"","first_seen":"2026-03-12T11:56:30.35622Z","last_seen":"2026-04-02T00:30:16.283922Z","times_seen":873,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/bundle.js?rand=1773311475","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"introduction_type":"scriptElement","is_inline":false,"md5":"081568190b5c2460028d881fc271328a","sha1":"e2f34424b037a8b70077b9086601bf2e07963e93","sha256":"71a7b930f69e9e194449dc13175d0d33d8caefb3e810667de0f5676330df8601","sha512":"c3db76686be06d4f44aeffdb8b2cff83bb5e95e9d59784020d58d3e8b179a36b1f81cdc2e7a0c4d20c4de48cf0ce5cad8dfd114d72e4377740b6bba946655666","ssdeep":"24576:Dn9hQpR07482O9n4jpmuvlhExrkPeuC9y/1D7fm2cWzmSCgPgYlFqnH7XhHX6mWX:Dn9hQpR0k82O9n4jp0rkPeuC9K1D7fma","tlshash":"8b755bc5b2c5f46203d355e6a03b2005b33a2859340da068bbbccddbe95698e6377f79","size":1549900,"data":"","first_seen":"2026-03-12T11:56:30.381712Z","last_seen":"2026-03-26T10:08:37.088407Z","times_seen":516,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssberkassa.site/","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"c716f00ed91a16443fee95423e78ff35","sha1":"905d45c4a6285e5ce37d8677f096d073314cef9f","sha256":"2f88b65d42836cd260493a03e9790409d5c8bd9d283406ad069d28609d8e508b","sha512":"f3ddcd984f685bd734d1816702711d6fa135c10d20929ae62cb6b020de44972ba76e5be8d4a5d6e62c0f5bd6322d6ae39466430acc0acf1ad27ab4f5995cade4","ssdeep":"24576:qZRVsiWemBq9PLzdERflubTDY4Kgm34L2SOzjdAp/r:qZRVsiW9Bq9PLzSRfl2TDY4Kgm3HSOzW","tlshash":"52656cd5b2c5f4a507e301e6a43b1002a33a1c1a740da468fbbcdcd7a95a58e6337f79","size":1517515,"data":"","first_seen":"2026-03-12T11:56:30.383673Z","last_seen":"2026-03-26T10:08:37.089685Z","times_seen":526,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"334109cb5ddfb0bedbb1cd7ac0148e59","sha1":"c7d095444253736357b7419caf9dcdfa7d58c6cf","sha256":"d6f65fddd3953041ed2bee4280747d518fba507834c0b41245fc5850288236f0","sha512":"5edd82052dcdcfff7ad22fbb14e8c5941967e8e9138e4494a5205871da1fae119ef34c1dd4426c43d3f3b239a181eb38866e84344b40b18dc856230adb9747c9","ssdeep":"24576:EZRVsiWemBq9PfD1EvD4vbTMY4Kg634L2S3zjdApfz:EZRVsiW9Bq9PfD6vD4jTMY4Kg63HS3zA","tlshash":"ca656cd5b2c5f4a507e301e6943b1002a33a2c1a740da468fbbcdcd7a95a58e6337f79","size":1515714,"data":"","first_seen":"2026-03-12T11:56:30.384845Z","last_seen":"2026-03-26T10:08:37.096401Z","times_seen":445,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"ssberkassa.site/logo_main.png","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssberkassa.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 12:58:46 GMT","end":"Mon, 08 Jun 2026 12:58:45 GMT"},"fingerprint":{"sha1":"0A:67:1B:EB:50:AF:B1:21:F7:C0:50:AE:27:25:77:35:E9:85:17:D5","sha256":"0A:D6:03:A7:91:8C:C8:9A:85:C3:8D:C1:B4:B7:73:A7:59:19:37:7D:D0:99:C6:5F:12:86:3E:C7:55:02:27:B6"}}},"request":{"raw":"GET /logo_main.png HTTP/1.1\r\nHost: ssberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Wed, 18 Mar 2026 10:52:37 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 22 Feb 2026 22:28:08 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b82f8-30ac\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12460,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 191, 8-bit colormap, non-interlaced","md5":"b6def2daf41c43dfffca98a5130cb457","sha1":"579689762f56809763a5cd3fc16284d489a95dd3","sha256":"2439c5b78bce0a9aae11f56ab0b653fe8897aa8739d2780b13460eb86848081c","sha512":"262a39115c76d259023f08fe96e32de24b74da012e5831d3dbf2f32a8d467c2c6cf2396e7b25b111668a83b341537d087efee9692a2f78fb1ab17d27a5297df8","ssdeep":"192:lS31bK5p0q5POiSc564n1IumTsCUI2cc/d5aKkZ/CiBBaFxRj1aMfABJaHgv0:E31bK55miv5X1IDTsCUI2cyktij1aIEE","tlshash":"1942b18a9c7862f71766f4ec99f92743975c8c600807de756e39b0b4c6701f028b8a5b","first_seen":"2026-03-18T10:53:09.453105Z","last_seen":"2026-03-18T11:23:31.13068Z","times_seen":2,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":76,"dns":1,"connect":33,"send":0,"wait":33,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssberkassa.site/img_02.png","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssberkassa.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 12:58:46 GMT","end":"Mon, 08 Jun 2026 12:58:45 GMT"},"fingerprint":{"sha1":"0A:67:1B:EB:50:AF:B1:21:F7:C0:50:AE:27:25:77:35:E9:85:17:D5","sha256":"0A:D6:03:A7:91:8C:C8:9A:85:C3:8D:C1:B4:B7:73:A7:59:19:37:7D:D0:99:C6:5F:12:86:3E:C7:55:02:27:B6"}}},"request":{"raw":"GET /img_02.png HTTP/1.1\r\nHost: ssberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Wed, 18 Mar 2026 10:52:37 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 22 Feb 2026 22:28:08 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b82f8-34d40\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":216384,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 729, 8-bit colormap, non-interlaced","md5":"e02952e391e7eb944c9afc21e6f5708c","sha1":"06171e9398e6c3365e85f4ead21545ccb535b689","sha256":"2fa33f3e7ce9b7f49ba7cb0df6c924f9eaf2659e176b8cc5590ff8098f7f5fb7","sha512":"acaeebcdf64a22a3dc5e79e8019967272cad2824c0dd9f4922023b718afaa1548d6f1b664905dd50af78de98f75dc77e06d0a5bdfa5d466e2e35712bdf056f70","ssdeep":"6144:+Ge3a7dc3PoaccsrLorwvpFz/3sFpqpyee/Mtw5cRGnr7W2eo:+GUa7dsCLoUF3p7yFxnr7W2r","tlshash":"a624235d63b7681b9d5ef0108f92e746d8aec47c68a460c036dc94ba31916d8ac8fe27","first_seen":"2026-03-18T10:53:09.456496Z","last_seen":"2026-03-18T11:23:31.144591Z","times_seen":2,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":122,"dns":8,"connect":31,"send":0,"wait":66,"receive":100,"ssl":36},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssberkassa.site/img_03.png","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssberkassa.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 12:58:46 GMT","end":"Mon, 08 Jun 2026 12:58:45 GMT"},"fingerprint":{"sha1":"0A:67:1B:EB:50:AF:B1:21:F7:C0:50:AE:27:25:77:35:E9:85:17:D5","sha256":"0A:D6:03:A7:91:8C:C8:9A:85:C3:8D:C1:B4:B7:73:A7:59:19:37:7D:D0:99:C6:5F:12:86:3E:C7:55:02:27:B6"}}},"request":{"raw":"GET /img_03.png HTTP/1.1\r\nHost: ssberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Wed, 18 Mar 2026 10:52:37 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 22 Feb 2026 22:28:10 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b82fa-3280b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":206859,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 785 x 623, 8-bit colormap, non-interlaced","md5":"c36235dee34e0364141918e76d7cb507","sha1":"c7167a4dff2a20a30d7cb3097a78753129f10cab","sha256":"e4aa281c6c1ba88fad1ba54830acc8830c84717be6c1e6654992db5c649580ca","sha512":"ead260f948fac500168a446fe8f6f43e1dff165f9ef19de39f4a6985efdee00a6a722b2964f74f07dc1e778175a214e8f555a582125f2d0f42114f77085878fb","ssdeep":"6144:DeH2K2atTm7ZXs7HEOcFF5vQ7FQWcYgdhf:KHnSXs7kn5vQm6gdhf","tlshash":"121423335cd707202deb265062551f8ccef71ba5a52c76a7a0f14cb2aa371166a7b0f2","first_seen":"2026-03-18T10:53:09.459917Z","last_seen":"2026-03-18T11:23:31.131973Z","times_seen":2,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":31,"dns":0,"connect":0,"send":0,"wait":39,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssberkassa.site/","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-18T10:52:37.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssberkassa.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 12:58:46 GMT","end":"Mon, 08 Jun 2026 12:58:45 GMT"},"fingerprint":{"sha1":"0A:67:1B:EB:50:AF:B1:21:F7:C0:50:AE:27:25:77:35:E9:85:17:D5","sha256":"0A:D6:03:A7:91:8C:C8:9A:85:C3:8D:C1:B4:B7:73:A7:59:19:37:7D:D0:99:C6:5F:12:86:3E:C7:55:02:27:B6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ssberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Wed, 18 Mar 2026 10:52:37 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 4648\r\nConnection: keep-alive\r\nLast-Modified: Tue, 24 Feb 2026 12:25:57 GMT\r\nETag: \"340e-64b90fd481f40-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13326,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (398)","md5":"f1ba54ef1069f0f4f4d3c8290a2a62db","sha1":"6462a15e520fcd34b4063de833c23221afc4e067","sha256":"3eb8ee894841e354df90e29271fec8ed6a02c436e374f9d03d61480d2243769e","sha512":"063dddd16f22762fa250c14f6a61905eb73e8d56dcda091b9f1b1f3c0089d49505cb2b9e615025cefc0bacb0d3d32ffc67ef52f1c70fc35d9f87aee6c3f243b5","ssdeep":"192:kGuLS4kvugfILBaSrDaFUk0QLaKVW1sWWWv/PQ:PuFkvugfVSfWssATzQ","tlshash":"6352b02045fa049e4105f047e908be0a7cea44ff3b5e971635ac3e7e7be2424c66e25d","first_seen":"2026-03-18T10:53:09.462641Z","last_seen":"2026-03-18T11:23:31.11499Z","times_seen":2,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":131,"dns":67,"connect":29,"send":0,"wait":34,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssberkassa.site/img_01.png","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssberkassa.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 12:58:46 GMT","end":"Mon, 08 Jun 2026 12:58:45 GMT"},"fingerprint":{"sha1":"0A:67:1B:EB:50:AF:B1:21:F7:C0:50:AE:27:25:77:35:E9:85:17:D5","sha256":"0A:D6:03:A7:91:8C:C8:9A:85:C3:8D:C1:B4:B7:73:A7:59:19:37:7D:D0:99:C6:5F:12:86:3E:C7:55:02:27:B6"}}},"request":{"raw":"GET /img_01.png HTTP/1.1\r\nHost: ssberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Wed, 18 Mar 2026 10:52:37 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 22 Feb 2026 22:28:08 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b82f8-37f26\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":229158,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 654 x 498, 8-bit colormap, non-interlaced","md5":"dedb292e2303f98389e3dc627453fbb0","sha1":"158990731a005b29266c807662b2f2d0e8bc03e9","sha256":"758572f672b60046959f5d36e121b7d946e58db52ec9e04388ee74cfc82c6d6a","sha512":"2c0b76aa90d72e23e1a64456e91461bf1fa8b40e1c023e37e34fbd9953497e91253ab0804c58563ede9cd41a9f0280827ab039de3b11ecabd2cbd23e4e65c253","ssdeep":"6144:PEHw82//01JIGddhPSC/6e1iQLG8vXR+bu9iWOpHoRfk3G:PEHH0GIU/ai3jBcu9ippHoREG","tlshash":"5c24225566cefd9efc6082221d57e9700bea462e799433dbbf2a63840c3b7613f12112","first_seen":"2026-03-18T10:53:09.465644Z","last_seen":"2026-03-18T11:23:31.133355Z","times_seen":2,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":75,"dns":0,"connect":33,"send":0,"wait":62,"receive":99,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssberkassa.site/sk_favicon.png","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssberkassa.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 12:58:46 GMT","end":"Mon, 08 Jun 2026 12:58:45 GMT"},"fingerprint":{"sha1":"0A:67:1B:EB:50:AF:B1:21:F7:C0:50:AE:27:25:77:35:E9:85:17:D5","sha256":"0A:D6:03:A7:91:8C:C8:9A:85:C3:8D:C1:B4:B7:73:A7:59:19:37:7D:D0:99:C6:5F:12:86:3E:C7:55:02:27:B6"}}},"request":{"raw":"GET /sk_favicon.png HTTP/1.1\r\nHost: ssberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Wed, 18 Mar 2026 10:52:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 726\r\nLast-Modified: Sun, 22 Feb 2026 22:28:08 GMT\r\nConnection: keep-alive\r\nETag: \"699b82f8-2d6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":726,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"7283cc9fc48e3afa3f49a50f9319a558","sha1":"48c3f6de75fdf3dece3842a3a334454bf44dc1d6","sha256":"66adb17168ae05676db4bba45718dce06084e4188ba80a426f45eaf212d5bd62","sha512":"01a566344b7cf40d6933b3083c221eca1bee9f7bf77b215957da881bbd128bd54b56706049640abf1e855f0c3202ecd50d60e9c71f8c2b4db3715f6ff4e2f874","ssdeep":"","tlshash":"a701b5533d1e3120c49984323244c2f06e3b9200c8c6966aa6d31f6b6900a6cd4a6382","first_seen":"2026-03-18T10:53:09.468275Z","last_seen":"2026-03-18T11:23:31.122806Z","times_seen":2,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telemetry.jivosite.com/w","fqdn":"telemetry.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"57.128.74.65","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:50.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"POST /w HTTP/1.1\r\nHost: telemetry.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 301\r\nOrigin: https://ssberkassa.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":301,"data":"{\"event\":\"chat_invite\",\"widget_id\":\"lXwny26nxn\",\"chat_mode\":\"online\",\"site_id\":2595712,\"device\":\"desktop\",\"visitor_id\":\"5a171a00357467e8\",\"widget_version\":\"187.7.0\",\"shard\":\"sber1\",\"param1\":\"default\",\"param2\":\"11\",\"param3\":\"label\",\"param4\":\"online,time_on_page,time_after_close,time_after_invitation\"}"}},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:50 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":266,"timings":{"blocked":93,"dns":12,"connect":36,"send":0,"wait":81,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/css/6370a34/chatcontainer.widget.css","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:50.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /css/6370a34/chatcontainer.widget.css HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:50 GMT\r\ncontent-type: text/css\r\ncontent-length: 15003\r\ncache-control: max-age=864000\r\ncontent-encoding: br\r\netag: \"69b1726e-3a9b\"\r\nexpires: Sun, 22 Mar 2026 11:48:49 GMT\r\nlast-modified: Wed, 11 Mar 2026 13:47:26 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-03-12T11:48:49+00:00\r\nx-node: fr5-up-gc15\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77787,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"5b909b48668faf64915e77789ae43fd1","sha1":"bf6903097466a05a40667abac373b6271425a7f7","sha256":"37e3a6157a493eeb9de160d2a636310038f29db9938a47f9cee55128881c0653","sha512":"e8722a354744154bd740c3625e3408dd38e552ae1303714d8bc78c7f493743f4626a14f3c958855c1b42f19660a006b664e382a3576534b2b519e50446a87252","ssdeep":"768:QSteCFQFZzKQdLS5FG/ujMsEZtuceT93sF7zc3407wzWi/ebUO/Sqny:QJeQFZzFSPRceTOF7zL0Uz/2bUOry","tlshash":"8673c563b684253db06bc536eca1fbb9643d9012db232fbee644b730c7861d71762609","first_seen":"2026-03-12T11:56:30.362223Z","last_seen":"2026-03-26T06:11:30.362421Z","times_seen":151,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/images/pattern/1.svg","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:50.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /images/pattern/1.svg HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:50 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4239\r\ncache-control: max-age=864000\r\ncontent-encoding: br\r\netag: \"69b1726e-108f\"\r\nexpires: Fri, 27 Mar 2026 11:08:47 GMT\r\nlast-modified: Wed, 11 Mar 2026 13:47:26 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-03-17T11:08:47+00:00\r\nx-node: fr5-up-gc15\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17958,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"858e9ac4effe237ac8ffc6691a266460","sha1":"7583cd9985b459b67fd7dd028470eabdff93b7cd","sha256":"1527ba20d14ab5a20a5833ffdd023cdb6d59db166c1082dc1b46cc39790bda1e","sha512":"ad7e8d5ad5ecfe99de4bc51643d148ea2f9e457436d8937588d97df5d99bd8095e156db18cbb2f9a2182853eb14afdb5baf1f408f280cf40c438689ae251fd21","ssdeep":"384:WpyvYW3m+xzLuR7gNh/lq9gL08soNOy7CjaVL8vfW3KB:WpyvY2X0eBRbA3","tlshash":"3b8265ea777049f874db8f5def2318a46a97e9fc3a358344c21dda656093a98c642c20","first_seen":"2023-04-06T20:35:31Z","last_seen":"2026-06-11T16:07:32.912732Z","times_seen":1032,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssberkassa.site/style.css","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssberkassa.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 12:58:46 GMT","end":"Mon, 08 Jun 2026 12:58:45 GMT"},"fingerprint":{"sha1":"0A:67:1B:EB:50:AF:B1:21:F7:C0:50:AE:27:25:77:35:E9:85:17:D5","sha256":"0A:D6:03:A7:91:8C:C8:9A:85:C3:8D:C1:B4:B7:73:A7:59:19:37:7D:D0:99:C6:5F:12:86:3E:C7:55:02:27:B6"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: ssberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Wed, 18 Mar 2026 10:52:37 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sun, 22 Feb 2026 22:28:08 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b82f8-d91b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55579,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (55578)","md5":"b1e3068cc5dc8a370628ecaa7c264a07","sha1":"6429b43012b561d20605d2cc8824aa27ed2acc2a","sha256":"a909daa7b51d0723fa476ad0eb67a88d36f84dd59faf44c5e099e680a2dc3364","sha512":"c4523a978dd6bb28f896798793194e71136a72e65f4aec77a0f1968b52e641e406d026e038071c3f0a84b844ecf453d4db66be3af2105d285e20568fc294a21e","ssdeep":"768:T5r/mXb+ZiLaUlPPEGuKiJI6pSewBhjqcfD:T5zmXbU3KiCeSeChjqcfD","tlshash":"ee43c731b244312df83be22679e097ceb174c553d6371a7eea966228c7c61e30a73749","first_seen":"2026-03-18T10:53:09.473035Z","last_seen":"2026-03-18T11:23:31.103557Z","times_seen":2,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssberkassa.site/molodo.woff2","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssberkassa.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 12:58:46 GMT","end":"Mon, 08 Jun 2026 12:58:45 GMT"},"fingerprint":{"sha1":"0A:67:1B:EB:50:AF:B1:21:F7:C0:50:AE:27:25:77:35:E9:85:17:D5","sha256":"0A:D6:03:A7:91:8C:C8:9A:85:C3:8D:C1:B4:B7:73:A7:59:19:37:7D:D0:99:C6:5F:12:86:3E:C7:55:02:27:B6"}}},"request":{"raw":"GET /molodo.woff2 HTTP/1.1\r\nHost: ssberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Wed, 18 Mar 2026 10:52:37 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 5128\r\nLast-Modified: Sun, 22 Feb 2026 22:28:10 GMT\r\nConnection: keep-alive\r\nETag: \"699b82fa-1408\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 5128, version 1.0","md5":"81e69f4ebec1091f3a8f4c182fbfcc29","sha1":"91d2dce0838a0f842caf2c6a0bcb1cdb5f7abdd4","sha256":"0d5347b3708e676dbbe279eee99b81b644efc21a512cf41dac7463160354cd7e","sha512":"d13e1f30d8342e77c96dfbc3f0357a5587d2d4a8457846b8560342cf54f8b0f27170bf35568d7a249746d575dbe64a8e33bf781f8d04c6ce28b1901a5c0d4d3b","ssdeep":"96:TA5hM1eT0hWleaTgB2i4V53C1h/hpv3m5GVWfBBPNGmnaRTnYutHrn:4K1eT0hWlXTgBIC1Hx3m5GVWfBBPNGmE","tlshash":"cab19f15824aff4ad67f9a71ecff0c437fb50c594817aad691b2d524f5d24e43891900","first_seen":"2026-03-18T10:53:09.47502Z","last_seen":"2026-03-18T11:23:31.107177Z","times_seen":2,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssberkassa.site/izax.woff2","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssberkassa.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 12:58:46 GMT","end":"Mon, 08 Jun 2026 12:58:45 GMT"},"fingerprint":{"sha1":"0A:67:1B:EB:50:AF:B1:21:F7:C0:50:AE:27:25:77:35:E9:85:17:D5","sha256":"0A:D6:03:A7:91:8C:C8:9A:85:C3:8D:C1:B4:B7:73:A7:59:19:37:7D:D0:99:C6:5F:12:86:3E:C7:55:02:27:B6"}}},"request":{"raw":"GET /izax.woff2 HTTP/1.1\r\nHost: ssberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Wed, 18 Mar 2026 10:52:37 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 12064\r\nLast-Modified: Sun, 22 Feb 2026 22:28:10 GMT\r\nConnection: keep-alive\r\nETag: \"699b82fa-2f20\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12064,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 12064, version 1.0","md5":"0ebeed5467f9bc232f2ca1d573021012","sha1":"d7f534be57216415b2aeae63ba9c96351bebc8c3","sha256":"834b718c4bd5dfce2d1ced3182dea1a8f7bfff5b664892596ef4dde153eecfe4","sha512":"445fc11357716db480fe471b2c30e831717bb1efd58a92b4eb1b55a3b3d1bd183ae1da7840715a60d68a6107cd27f32b4446044f8cad33b459ab362f94bdd184","ssdeep":"192:HYRmKTGTaGUpFUnfCQq25uR9L5YJi8xUE2gcdKeSolWBDMcIojQvYTRR9dZCWZXW:UmKyTabCCQBeYmgI+IYjt1RZXW","tlshash":"0242c0204199fd61c00f5e701aacc63d9cd3a52fdd8686d7faeec40be5e1506076a16b","first_seen":"2026-03-18T10:53:09.480773Z","last_seen":"2026-03-18T11:23:31.154186Z","times_seen":2,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/css/6370a34/widget.css","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:39.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /css/6370a34/widget.css HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:39 GMT\r\ncontent-type: text/css\r\ncontent-length: 25414\r\ncache-control: max-age=864000\r\ncontent-encoding: br\r\netag: \"69b1726e-6346\"\r\nexpires: Sun, 22 Mar 2026 11:48:07 GMT\r\nlast-modified: Wed, 11 Mar 2026 13:47:26 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-03-12T11:48:07+00:00\r\nx-node: fr5-up-gc15\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":137119,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d38b26d8f936808cba9ab4584ed911b9","sha1":"ccd2d599eb0f56cc3fa71657023be0033d93f9f8","sha256":"674348fa1d5d56dce5f1d1b11042d1e37f6d9a86ea2f74a00577a3e83db40334","sha512":"1f12bbfd6e492694715e52727fe97af80c7e2f578ed5fb44f1d704da834801936cc765de85d08534ca85c679ed2161a8a06a21c29061997341770b312295a871","ssdeep":"1536:DL50xTKWyV6Z6nrhuDu2yo2s2cSopfyF6U6o+mll4MUX64F8PQfiVOqOXDF6ecIZ:CJ9TCzMmJcF1","tlshash":"acd3e966ead1a53ce51e551ac885ab3ca63dd102cf230dbff744e3e087cb6e21276905","first_seen":"2026-03-12T11:56:30.374585Z","last_seen":"2026-03-26T10:08:37.072481Z","times_seen":534,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"node-sber1-az1-23.jivosite.com/widget/status/2595712/lXwny26nxn/5a171a00357467e8?","fqdn":"node-sber1-az1-23.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"35.228.64.132","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:50.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /widget/status/2595712/lXwny26nxn/5a171a00357467e8? HTTP/1.1\r\nHost: node-sber1-az1-23.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ssberkassa.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:50 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 201\r\naccess-control-allow-credentials: true\r\naccess-control-allow-max-age: 1728000\r\naccess-control-allow-origin: https://ssberkassa.site\r\naccess-control-expose-headers: X-Geoip, X-Botmode\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-security-policy: frame-ancestors 'none';\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-botmode: no\r\nx-frame-options: DENY\r\nx-geoip: NO;03;Oslo (Alna District)\r\nx-powered-by: foxy/6.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c29d45d11495602c5049f10c8363b233","sha1":"f1bc8d6d285f9c775d130c26c9a5c882fb9e5fb4","sha256":"2e57fd1b32030ce52639352a0ff7ec4ea630e0670dfce517b332efee2a9f74b3","sha512":"15c43c087e45036ba225dcc7f68e2f0559d452bcd4ec55b14ecadd67e68e650d2f4f684f8ea97b253a91bdb71c4d8f0c15e2e9d5c7488156fc7dbf69e6f7ba33","ssdeep":"","tlshash":"77d02228213908f706904650b28f3f4b4a2e01a218c18e08e222ba2050fd191869d107","first_seen":"2026-03-18T10:53:09.484272Z","last_seen":"2026-03-18T11:23:31.113269Z","times_seen":2,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/6370a34/chatcontainer.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:50.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/6370a34/chatcontainer.js HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:50 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 58596\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"69b1726e-e4e4\"\r\nlast-modified: Wed, 11 Mar 2026 13:47:26 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-03-17T11:49:03+00:00\r\nx-node: fr5-up-gc15\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":237181,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"492acbc64e2f466517db38342f9fb435","sha1":"ff2c4c088d5b9c8b9d4df4fa94618f280a7e445a","sha256":"44c0282b5d5e1e17dce759359db9498b60ea0538e3e7dde5780046131cc43858","sha512":"7c15f55d60b207c3b3f4871f0ac0b0fd5ff6fb4b8cdd37f54b26c9b3e8d7792f39b0ef7c6c7b6ba0fa6caa248b44a1dc8948a51f9f86307c4736b66aee587bb6","ssdeep":"3072:6aeDEtKyr6o6Xoqo8PXDeqKOksHnkN5/mcK:LK7o6YR8jKqW5OcK","tlshash":"3f343ad171d0e8bc46e641c9a43f6100f2292c2df805b998f3fcddda9b5598a3262f6d","first_seen":"2026-03-12T11:56:30.378484Z","last_seen":"2026-03-26T06:11:30.271956Z","times_seen":152,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivo.ru/script/widget/config/lXwny26nxn","fqdn":"code.jivo.ru","domain":"jivo.ru","tld":"ru"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivo.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 23 May 2025 08:26:37 GMT","end":"Wed, 24 Jun 2026 08:26:36 GMT"},"fingerprint":{"sha1":"07:E5:24:E6:38:82:D9:A9:3B:D9:9F:6C:CA:85:05:67:F9:70:6D:EB","sha256":"35:5E:C9:A1:8F:64:C1:73:82:E3:0A:D7:B4:C2:B2:91:30:3C:D7:E7:EE:F3:8C:76:50:04:90:44:7A:35:0F:95"}}},"request":{"raw":"GET /script/widget/config/lXwny26nxn HTTP/1.1\r\nHost: code.jivo.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ssberkassa.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:38 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 1524\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7200\r\ncontent-encoding: gzip\r\nexpires: Wed, 18 Mar 2026 08:13:22 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: sber1\r\ncache: STALE\r\nx-cached-since: 2026-03-18T06:13:22+00:00\r\nx-node: m9-up-gc233\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4715,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JSON text data","md5":"3b89edf19404eab9e882167a095e2d4c","sha1":"f0a87c15f7577eaa2b402fcd61186ea23259b5b7","sha256":"415c4d85d936d337dd23ea7e8db1d138a895bade55af972af7f83a35055c0f1b","sha512":"cba63b65338cd4db54b9164e3186b2411c20597dfbe196bb68cd259919dec55509740f7838523e2aa00aca1a3147cb91e9294c126b5c1c3afc8667d4dd80004b","ssdeep":"96:/Ae/vBnI6BPiwFX+OV6lNxkaByiwramSEBIfD1CnDCpLvhW:/AoVIY/EflNji2fD10ULM","tlshash":"4aa1aff394ea065d188975d3e7b77dce30d86a51c744cb3bcd3e2a6fe501610628271a","first_seen":"2026-03-18T10:53:09.490784Z","last_seen":"2026-03-18T11:23:31.126632Z","times_seen":2,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":133,"dns":0,"connect":63,"send":0,"wait":63,"receive":48,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/outgoing_message.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:39.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/outgoing_message.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:39 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 5014\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69b1726e-1396\"\r\nexpires: Mon, 13 Apr 2026 23:25:13 GMT\r\nlast-modified: Wed, 11 Mar 2026 13:47:26 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-03-14T23:25:13+00:00\r\nx-node: fr5-up-gc15\r\ncontent-range: bytes 0-5013/5014\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5014,"size_decoded":0,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo","md5":"7bf3e4962a5ecf1f8cbcc2ff3428f531","sha1":"f75c694461a643d2e096ae8d0f6c1a9d19602eee","sha256":"d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11","sha512":"53fb17ca3361636acb0b80107f66810150a8bbed9aa5f878c2b1fb5a23ddf7fd349b30eb082b05efb3c0d08dc5383d30ef15d0ca99ad98d62e0a9a335112ed6a","ssdeep":"96:nKEOyBuK+1D2sMVx9FX7+0YQQinefV/1gr/EaadKXdGdimO1:K2QhGvYinsLE/SUdUime","tlshash":"5da1399616202262f6090cbf124ec2f4e3996f6b39044726b67cd290f46ffa25366983","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-06-13T17:10:07.480609Z","times_seen":16421,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"vi-sber1-25.jivosite.com/lXwny26nxn?5a171a00357467e8","fqdn":"vi-sber1-25.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"35.228.64.132","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:40.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /lXwny26nxn?5a171a00357467e8 HTTP/1.1\r\nHost: vi-sber1-25.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://ssberkassa.site\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: hb7qAPhiZh/vLGD/e6OMww==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:52:40 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nAccess-Control-Allow-Origin: https://ssberkassa.site\r\nSec-WebSocket-Accept: 3adXPG7lhXrdbXPoaB22+4i7IIc=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":0,"dns":59,"connect":76,"send":0,"wait":74,"receive":0,"ssl":81},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssberkassa.site/bgDust.png","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssberkassa.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 12:58:46 GMT","end":"Mon, 08 Jun 2026 12:58:45 GMT"},"fingerprint":{"sha1":"0A:67:1B:EB:50:AF:B1:21:F7:C0:50:AE:27:25:77:35:E9:85:17:D5","sha256":"0A:D6:03:A7:91:8C:C8:9A:85:C3:8D:C1:B4:B7:73:A7:59:19:37:7D:D0:99:C6:5F:12:86:3E:C7:55:02:27:B6"}}},"request":{"raw":"GET /bgDust.png HTTP/1.1\r\nHost: ssberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Wed, 18 Mar 2026 10:52:37 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 22 Feb 2026 22:28:10 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b82fa-33b0e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":211726,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 965 x 965, 8-bit colormap, non-interlaced","md5":"0973a7c03bf23eeef7461a71ecd633ae","sha1":"4788810aaa742edec7e1fcf7646162ecd2ae285d","sha256":"65edd269ef7b076a85dc3188178822ea131719a5f3d65b67bac57a230b09e68f","sha512":"be93a76a5a20099195c19b5ff3f9a331bdfbf6c4a24704143d3a229c6a5e6551c4fea156f1ddc3e862643b7081e3e1545f438e4984b52495bdfc5da8dc30c077","ssdeep":"6144:bh9ZRohEJ+U9ayssF+YgiCVi4GuWxW7yzI8lbi:d9ZRohRU0kBghUIiI8lu","tlshash":"d3241291e8833e818100b85664ff715e55cb3e808f65ec4da88e7e13425578caeab67e","first_seen":"2026-03-18T10:53:09.494059Z","last_seen":"2026-03-18T11:23:31.152548Z","times_seen":2,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":47,"dns":0,"connect":0,"send":0,"wait":39,"receive":92,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssberkassa.site/login_book_bg_text.png","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssberkassa.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 12:58:46 GMT","end":"Mon, 08 Jun 2026 12:58:45 GMT"},"fingerprint":{"sha1":"0A:67:1B:EB:50:AF:B1:21:F7:C0:50:AE:27:25:77:35:E9:85:17:D5","sha256":"0A:D6:03:A7:91:8C:C8:9A:85:C3:8D:C1:B4:B7:73:A7:59:19:37:7D:D0:99:C6:5F:12:86:3E:C7:55:02:27:B6"}}},"request":{"raw":"GET /login_book_bg_text.png HTTP/1.1\r\nHost: ssberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Wed, 18 Mar 2026 10:52:37 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 22 Feb 2026 22:28:08 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b82f8-2a729\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":173865,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 428 x 631, 8-bit colormap, non-interlaced","md5":"5de9fb9e06acffa515c308f1d6d6aea8","sha1":"f3db544e06cdcc06dcdc86f916e9db0f511307b2","sha256":"9a3412223a78ca9ab24086106aef091664053216ff77c026f32b47a60c312d19","sha512":"f638aaccb56691a28a8926df5d5cda3ff38332217560dc7dc55cfb039be93885e6c6a7560e606c7404dcdf7b3f9b3c1153ac2cbda25cbbea0fa8ceb2c7564c7e","ssdeep":"3072:yL0Jy0v4hRUta5s1ruPxsQGjmcbvWZRPLkbTED7A1+n3yPQvWzvu9WXyaW1BJTe9:yL0lc3TsScmPLoTEX3nCPQez1iaIYZ","tlshash":"8a0413e97e90887c313d2c9a5eae18e184b1d28cd235fdc5de52b25622cd48cdf48c79","first_seen":"2026-03-18T10:53:09.496389Z","last_seen":"2026-03-18T11:23:31.105302Z","times_seen":2,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":49,"dns":0,"connect":0,"send":0,"wait":40,"receive":79,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssberkassa.site/btn_login.png","fqdn":"ssberkassa.site","domain":"ssberkassa.site","tld":"site"},"ip":{"addr":"144.124.248.151","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssberkassa.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 12:58:46 GMT","end":"Mon, 08 Jun 2026 12:58:45 GMT"},"fingerprint":{"sha1":"0A:67:1B:EB:50:AF:B1:21:F7:C0:50:AE:27:25:77:35:E9:85:17:D5","sha256":"0A:D6:03:A7:91:8C:C8:9A:85:C3:8D:C1:B4:B7:73:A7:59:19:37:7D:D0:99:C6:5F:12:86:3E:C7:55:02:27:B6"}}},"request":{"raw":"GET /btn_login.png HTTP/1.1\r\nHost: ssberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Wed, 18 Mar 2026 10:52:37 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 22 Feb 2026 22:28:10 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"699b82fa-52a0\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21152,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 369 x 134, 8-bit colormap, non-interlaced","md5":"5e55d1b2ee106d2b2f2cadcc3c2124a5","sha1":"c87e6f5fd59938149a470ec036ff588bdc4201fe","sha256":"af068f2e2983b725b6334674463a35bc5a28fed50edba554c89f9bb3e4731c7c","sha512":"d7b259be427836e5b48a15df28f5bb4243d810f2c29cce59bc3fb138e201c1c7682e82100e1cbabdbeba3442fdd669cbad8fa448a84819d8c796004c6de44b4d","ssdeep":"384:mns9uAQZPAq/MkcbyYfmS2ft15nWe/7EQVO5BF7o7+YjsW5g5syUw:ms5q/MklYkl15znE6IWi5r","tlshash":"7192bf45ba416bd0bfd655c785fd7c39b1730dc089f291858c88a87bb80859cdc1bae3","first_seen":"2026-03-18T10:53:09.501031Z","last_seen":"2026-03-18T11:23:31.120998Z","times_seen":2,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":48,"dns":0,"connect":0,"send":0,"wait":38,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ssberkassa.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/agent_message.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:39.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/agent_message.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:39 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 3760\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"6994578d-eb0\"\r\nexpires: Sat, 21 Mar 2026 09:11:51 GMT\r\nlast-modified: Tue, 17 Feb 2026 11:57:01 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-02-19T09:11:51+00:00\r\nx-node: fr5-up-gc15\r\ncontent-range: bytes 0-3759/3760\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3760,"size_decoded":0,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo","md5":"8e9a165c4cb185ffd0b2658fa088e43b","sha1":"195873e5e8bbb2f5ecc32d95f90d6fb75817a649","sha256":"ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43","sha512":"6ef9fac16ac2835ecb95ab077270293a95a3597fd28fb053b32cfeb6b0a72b52c0ee51b0504a463ac9db1d8a3b2c6c41f113012d6364d16feb8e01821a3221ff","ssdeep":"","tlshash":"c771295c69348528f80b31b89f4b765ac1512c19a8f2ddd4a62818e7377b36a678820e","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-06-13T17:10:07.496096Z","times_seen":16421,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sberkassa.site/img/favicons/sk_favicon192.png","fqdn":"sberkassa.site","domain":"sberkassa.site","tld":"site"},"ip":{"addr":"84.32.186.253","port":443,"asn":59642,"as":"UAB Cherry Servers","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.sberkassa.site","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Feb 2026 00:28:44 GMT","end":"Sun, 17 May 2026 00:28:43 GMT"},"fingerprint":{"sha1":"12:9F:CC:DF:31:55:B4:13:C2:9E:4E:B7:FB:4A:6C:F4:A5:91:36:FD","sha256":"26:65:1F:49:84:51:43:BB:86:40:1B:23:3A:58:AE:D7:30:6E:CA:7C:78:B0:AD:45:89:D3:1D:91:69:DE:DF:B1"}}},"request":{"raw":"GET /img/favicons/sk_favicon192.png HTTP/1.1\r\nHost: sberkassa.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.4\r\ndate: Wed, 18 Mar 2026 10:52:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 10661\r\nlast-modified: Tue, 17 Mar 2026 08:24:45 GMT\r\netag: \"69b90fcd-29a5\"\r\nx-country-code: ZZ\r\nx-cache-status: BYPASS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10661,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"49101c07427c9889cdee2c431127250a","sha1":"2c285a2a8608631d58ed1dd3fc8a790e0c868812","sha256":"0d9f7a2cd0087919e6473cf1b5c0277233eb65a48c8ed5e2f112bc5d68ca25e8","sha512":"19d187d665c0aa0427568cffd631512ebf0b203d8b7dfa4f675480783a77cbfb5d25624c00fa56e7ecda132dce897709c28a7e759a1a2d243ba2962414a003dd","ssdeep":"192:N/qFh9GIle0IIEmNRLaiXcsbO+zOMmJENAws9ZkK90IKZS/W20L719QYfryKGHJM:NSh+fmbJe3ENAwDPIKxHy/JaB","tlshash":"8322bf32d9b94585c40b1d3d994f24ae6870f1c3db8de09414b3d9ed1238aa4c2ecfa5","first_seen":"2026-03-18T10:53:09.506991Z","last_seen":"2026-03-18T11:23:31.136411Z","times_seen":2,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":20,"connect":16,"send":0,"wait":62,"receive":51,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/bundle.js?rand=1773311475","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:38.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/bundle.js?rand=1773311475 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:38 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 341692\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"69b1726e-536bc\"\r\nlast-modified: Wed, 11 Mar 2026 13:47:26 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-03-18T10:32:24+00:00\r\nx-node: fr5-up-gc15\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1549900,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"22886d3d0a9f696fa44c9aae35257cf8","sha1":"8aa97e0d593a591143f14a42dff1c5691125615b","sha256":"6cd37859382388d33818a712440983c4b204c5f7a368230034dc1b429e6329b9","sha512":"65abbf3aed03643fda29478b140b53fc2108022bc593bdf50344f0072ed9f678a8ffe710e5e2188d05d95d9aa97f1782d01e39b4969c6abe42291c8a81e6f823","ssdeep":"24576:Dn9hQpR07482O9n4jpmuvlhExrkPeuC9y/1D7fm2cWzmSV:Dn9hQpR0k82O9n4jp0rkPeuC9K1D7fm6","tlshash":"b3254ac5b1c1f46502d355e6a43b2009b23b285e7809b064f6bcddcbfa6659e6233f39","first_seen":"2026-03-12T11:56:30.350126Z","last_seen":"2026-03-26T10:08:37.066656Z","times_seen":456,"resource_available":false,"data":null}},"time_used":360,"timings":{"blocked":136,"dns":92,"connect":19,"send":0,"wait":20,"receive":67,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"files.jivosite.com/avatars/2595712/67fa803d5d279.jpg","fqdn":"files.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:50.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /avatars/2595712/67fa803d5d279.jpg HTTP/1.1\r\nHost: files.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:50 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 62058\r\nx-obs-request-id: 0000019D009348D8B0098DB68FEC5FC1\r\netag: \"e1acef7b863b4bb278b37224f6e5606a\"\r\nlast-modified: Sat, 12 Apr 2025 15:01:18 GMT\r\nx-obs-tagging-count: 0\r\nx-obs-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Disposition\r\ncache: HIT\r\nx-cached-since: 2026-03-18T10:52:25+00:00\r\nx-node: fr5-up-gc15\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62058,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 326x326, components 3","md5":"e1acef7b863b4bb278b37224f6e5606a","sha1":"c259a81c316b88e4ad4001845e82919f4ce720c5","sha256":"65b810f480d9c3fd31322c3901f139e02c1c969a9bd3627224efa1c033d4203c","sha512":"e0e290c6105b37deb9591b4af97f30e87f9c2a067afd7afc81bcc9e2f0f3147fe8563ea145cb04d8f2363fe89088282cd4ca124436d3450071e860f9954464dc","ssdeep":"1536:g7KN7cwP+Jq97XJ3pp85PD4UX6yjzn8eBN9CZK3Vw:g7KFck+MDJ5p85PF9CZIw","tlshash":"a953f15e630b6b49d89f3e3619264de58a1fad60c317e3358e50ef41e65c8bdc88228d","first_seen":"2026-03-18T10:53:09.51107Z","last_seen":"2026-06-04T13:26:53.301282Z","times_seen":3,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":56,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivo.ru/widget/lXwny26nxn","fqdn":"code.jivo.ru","domain":"jivo.ru","tld":"ru"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:37.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivo.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 23 May 2025 08:26:37 GMT","end":"Wed, 24 Jun 2026 08:26:36 GMT"},"fingerprint":{"sha1":"07:E5:24:E6:38:82:D9:A9:3B:D9:9F:6C:CA:85:05:67:F9:70:6D:EB","sha256":"35:5E:C9:A1:8F:64:C1:73:82:E3:0A:D7:B4:C2:B2:91:30:3C:D7:E7:EE:F3:8C:76:50:04:90:44:7A:35:0F:95"}}},"request":{"raw":"GET /widget/lXwny26nxn HTTP/1.1\r\nHost: code.jivo.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:37 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 6197\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7200\r\ncontent-encoding: br\r\netag: \"69b1726e-1835\"\r\nexpires: Tue, 17 Mar 2026 16:56:29 GMT\r\nlast-modified: Wed, 11 Mar 2026 13:47:26 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: sber1\r\ncache: STALE\r\nx-cached-since: 2026-03-17T14:56:29+00:00\r\nx-node: m9p-up-gc30\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18118,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18118), with no line terminators","md5":"bb1b9a4a70243889751856b12e8ba017","sha1":"ae4e02d99a7ae21d19fcd639f28f3174d9d64aa9","sha256":"e1f61c376df11a517a765eabaea30f00207cece6158108e520fbdbe6041b9e16","sha512":"d01f77c7d8007faea78b17fd8f12f16fa0cb817ed1c10d6bf56cef8aa247130e84cb4e03ff6fd769872becb1cd5216e849b591c4f3f846c8116007bac91c4144","ssdeep":"384:boU+JvepohmPF0jjrArr0aX55Mf7qISOqrebz8sROweqWcPdv:UI/AAjX54cr7sXWcPdv","tlshash":"8c823b6e7959b97743b218f9516f620a733549ebd404c920a401e98d7cb8ace813fef8","first_seen":"2026-03-12T11:56:30.35622Z","last_seen":"2026-04-02T00:30:16.283922Z","times_seen":873,"resource_available":true,"data":null}},"time_used":556,"timings":{"blocked":240,"dns":50,"connect":58,"send":0,"wait":61,"receive":10,"ssl":132},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"node-sber1-az1-23.jivosite.com/widget/status/2595712/lXwny26nxn?rnd=0.7985814695722908","fqdn":"node-sber1-az1-23.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"35.228.64.132","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:38.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /widget/status/2595712/lXwny26nxn?rnd=0.7985814695722908 HTTP/1.1\r\nHost: node-sber1-az1-23.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ssberkassa.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:38 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 201\r\naccess-control-allow-credentials: true\r\naccess-control-allow-max-age: 1728000\r\naccess-control-allow-origin: https://ssberkassa.site\r\naccess-control-expose-headers: X-Geoip, X-Botmode\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-security-policy: frame-ancestors 'none';\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-botmode: no\r\nx-frame-options: DENY\r\nx-geoip: NO;03;Oslo (Alna District)\r\nx-powered-by: foxy/6.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c29d45d11495602c5049f10c8363b233","sha1":"f1bc8d6d285f9c775d130c26c9a5c882fb9e5fb4","sha256":"2e57fd1b32030ce52639352a0ff7ec4ea630e0670dfce517b332efee2a9f74b3","sha512":"15c43c087e45036ba225dcc7f68e2f0559d452bcd4ec55b14ecadd67e68e650d2f4f684f8ea97b253a91bdb71c4d8f0c15e2e9d5c7488156fc7dbf69e6f7ba33","ssdeep":"","tlshash":"77d02228213908f706904650b28f3f4b4a2e01a218c18e08e222ba2050fd191869d107","first_seen":"2026-03-18T10:53:09.484272Z","last_seen":"2026-03-18T11:23:31.113269Z","times_seen":2,"resource_available":false,"data":null}},"time_used":502,"timings":{"blocked":214,"dns":35,"connect":28,"send":0,"wait":72,"receive":0,"ssl":149},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/6370a34/locale-ru-RU-json.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:39.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/6370a34/locale-ru-RU-json.js HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:39 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 4216\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"69b1726e-1078\"\r\nlast-modified: Wed, 11 Mar 2026 13:47:26 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-03-17T11:48:13+00:00\r\nx-node: fr5-up-gc15\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15562,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10496), with no line terminators","md5":"65080e6af77563f03c053e8ab0cd04f6","sha1":"767051b2c3f4a74490f5f3d12e130fc5339a7c78","sha256":"a36906ea0e4b6011349eb091a4af7a8175369fdee3354c8994a2e1d8150d2647","sha512":"a0a99996112cf9318b2d5f395b489a4bef72ddee2033a760f2cdb7a293fcc64a4c72156d21c5c2f0adc54ae13c872542cd39c2826acb39e63e4050d779f07824","ssdeep":"192:2A4VzcShHYdx9j9ZQgQjHvsY3iiWfrK6WOb2e+pnE8KZISoLe9+VviYNVG9K2:xmbU53b6PniiWTMO+E8KZISoLeouK2","tlshash":"0d622e61479e75ea0205b04be8047f077bef40ff3faa53a649b45d7e35f2524823a20a","first_seen":"2026-01-27T14:42:26.341926Z","last_seen":"2026-04-01T08:42:49.658471Z","times_seen":737,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/notification.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"5.101.37.37","port":443,"asn":201589,"as":"edgeam LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://ssberkassa.site/","date":"2026-03-18T10:52:39.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/notification.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssberkassa.site/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:52:39 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 5808\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69a80453-16b0\"\r\nexpires: Fri, 10 Apr 2026 20:54:33 GMT\r\nlast-modified: Wed, 04 Mar 2026 10:07:15 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-03-11T20:54:33+00:00\r\nx-node: fr5-up-gc15\r\ncontent-range: bytes 0-5807/5808\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5808,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural","md5":"9aa341af370c4e59155717260ba0f282","sha1":"0c1216ecead8d1409557c843d96202c063f3f252","sha256":"1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab","sha512":"e6663f8406d859a7ae65e6eb9512ed1e79244b8f5b2119823f80fed99c17dd4a086cc17083f3cd70b6dd990c39b3be80142f303a7c2a9fbb9302147e700fa5cb","ssdeep":"96:XYLRSqytFnbfWnHBaSvgEyZMZuiusJ0jQDrrQNw:IMTnbfGhaSvg/inqc0m","tlshash":"cac1297acc3c146fd81e88b53f3bb0c9421c61803a00d8e61c99bb5bd6b2ba975468d2","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-06-13T17:10:07.50032Z","times_seen":16422,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}