{"report_id":"02cfa546-7175-49b6-9253-4d4fd932d51b","version":6,"status":"done","tags":[],"date":"2023-11-28T06:57:52Z","url":{"schema":"http","addr":"schoonerelapsing.click/","fqdn":"schoonerelapsing.click","domain":"schoonerelapsing.click","tld":"click"},"ip":{"addr":"104.21.91.133","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","fqdn":"t.me","domain":"t.me","tld":"me"},"title":"Telegram: Contact @MerryAMdales_bot"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T10:20:42Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"cdn4.cdn-telegram.org","ip":{"addr":"34.111.35.152","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-04","domain_rank":0,"first_seen":"2023-11-04 22:41:19","last_seen":"2023-11-27 14:57:48","alert_count":0,"request_count":1,"received_data":24575,"sent_data":783,"comment":"","tags":null,"fingerprints":null},{"fqdn":"telegram.org","ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":5408,"first_seen":"2013-12-18 14:14:30","last_seen":"2023-11-27 18:07:21","alert_count":0,"request_count":9,"received_data":430982,"sent_data":4087,"comment":"","tags":null,"fingerprints":null},{"fqdn":"schoonerelapsing.click","ip":{"addr":"104.21.91.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-10-30","domain_rank":0,"first_seen":"2023-10-30 09:07:48","last_seen":"2023-10-30 09:22:36","alert_count":0,"request_count":1,"received_data":12769,"sent_data":491,"comment":"","tags":null,"fingerprints":null},{"fqdn":"t.me","ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2010-05-20","domain_rank":6552,"first_seen":"2015-06-29 21:03:15","last_seen":"2023-11-27 21:55:12","alert_count":0,"request_count":1,"received_data":4770,"sent_data":530,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T06:57:38Z","timestamp":1701154658,"ip_dst":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":53496,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Telegram Domain (t .me in TLS SNI)","source":"{\"timestamp\":\"2023-11-28T06:57:38.969857+0000\",\"flow_id\":940617423261275,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.14\",\"src_port\":53496,\"dest_ip\":\"149.154.167.99\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2041933,\"rev\":1,\"signature\":\"ET INFO Observed Telegram Domain (t .me in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2022_06_24\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"former_sid\":[\"2851827\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_06_24\"]}},\"tls\":{\"sni\":\"t.me\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":906,\"bytes_toclient\":2728,\"start\":\"2023-11-28T06:57:38.921179+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","fqdn":"t.me","domain":"t.me","tld":"me"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"47d5e5b972f1983b9aec93f65906fc9a","sha1":"e2397200ffc6b9475653c082d20f98c6d9be762a","sha256":"f867ac5f3e9abab09956b4ce684ae0054a3c43524f2f4855e33eff3db84bc5cc","sha512":"603e36ccd06b0839cda464d3bda1a178e3e6f8e9ee00602b27db55e9821f85b9a9598ca3ee06b6c50f726687059e852bfcb60920c16366cea67fe096278269d7","ssdeep":"","tlshash":"0fd02e8fb858849d00fe2beae3f6bf4770329a88a4822a1185255c44212005b88062c0","size":254,"data":"","first_seen":"2024-08-20T17:37:52.390958Z","last_seen":"2024-08-20T17:37:52.390958Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","fqdn":"t.me","domain":"t.me","tld":"me"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c629a0c52a2afad699d260f673481fd","sha1":"a4fd0ed3e5daa31480eb6de0faa5d442f015cbf6","sha256":"ea0d804370930ee958af535ce56cddf1dda419bdc676315ae8af0fbb4c733471","sha512":"dac369a2699b0f8a0d32acfcdd5c43c73d77e3dbd07dda400d0087608fd5e3f857d6952b730d1ce20f89d095f67794d3549dfc16181276b92e550bb76c7e0a53","ssdeep":"","tlshash":"57c012b42900643a2daa096cb636dbe83d321563f2a23410e22cc16c0021ed31000ec8","size":193,"data":"","first_seen":"2023-03-07T01:31:07Z","last_seen":"2026-06-03T15:46:11.28166Z","times_seen":59020,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/tgwallpaper.min.js?3","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"2b89d34702716a8ad2cc3977718f53a3","sha1":"04406ebd6a9e2ce79dbac5e5048cfe1384e4574a","sha256":"2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6","sha512":"e6fbda1e7d1e24c0db5a724e4cd30c883ceb5d35de1cc6ab8851c9b19e202024752e7e42aecc21002f9f9684ea98775f1ebe0ee8da9bd7562dac2fe171464242","ssdeep":"","tlshash":"b151631a2790624df7251a927d7f036651b0a931e83790600a2ef4cbbcfced112e9e5e","size":2979,"data":"","first_seen":"2023-03-07T01:31:07Z","last_seen":"2026-06-03T16:53:09.414405Z","times_seen":67022,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","fqdn":"t.me","domain":"t.me","tld":"me"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"1b14243633b122edd554c2ba63573fd1","sha1":"ceba06a74ba710cfb51c353008877fac06bad7a0","sha256":"38b37aa7ab416edf8e534fb76ff479101c0c8e4b39abf2edf57f5ef909f27f81","sha512":"b0d2fc345d74a830d6345b00ee87b4eb56e553e37848faa17365b51bf39ff7d397668f3426731ca390b3456b5f40f5e83a34a92a4aaa65d4d761adcf2efbbc88","ssdeep":"","tlshash":"7521ac6b29e519a661f7a47520ffab58363f70126408da20b2ecc2007f71e275937ed9","size":1351,"data":"","first_seen":"2024-08-20T17:37:52.393266Z","last_seen":"2024-08-20T17:37:52.393266Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","fqdn":"t.me","domain":"t.me","tld":"me"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-28T06:57:38.921Z","timestamp":1701154658921,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.t.me","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 06 Oct 2023 19:50:31 GMT","end":"Wed, 06 Nov 2024 19:50:31 GMT"},"fingerprint":{"sha1":"D7:CC:2A:92:7B:DC:AE:6A:D7:92:51:20:49:AD:3B:AC:F9:27:F8:16","sha256":"99:4B:E6:3A:1C:4B:21:28:BE:BD:E2:E4:93:BD:44:3C:46:50:AB:9D:06:92:EA:73:37:58:4A:44:32:AE:6D:9F"}}},"request":{"raw":"GET /MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17 HTTP/1.1\r\nHost: t.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 06:57:35 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 4238\r\nset-cookie: stel_ssid=746e5835256227be86_14309973436279334577; expires=Wed, 29 Nov 2023 06:57:35 GMT; path=/; samesite=None; secure; HttpOnly\r\npragma: no-cache\r\ncache-control: no-store\r\nx-frame-options: ALLOW-FROM https://web.telegram.org\r\ncontent-security-policy: frame-ancestors https://web.telegram.org\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=35768000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4238,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3560)","md5":"5beab5766f47919abcb6d6649152c960","sha1":"f4c3b7c2a7680c222ae3d59b4a38385e6ba61182","sha256":"1f3e32a565f71f782738439b724343026b490f5d6149d0cd3766eb01dc9b9def","sha512":"168ea9cb3ba047a9c793c69d27cdcca75c3f1626c3ffe54473b5c4f6daab6d5b42b39ad389efa58a9ec96cb343f22a4c1bf4be9928f98c83c0cf9269b2468c14","ssdeep":"192:10ojweik5meik5iSjph1g/0icFSqugxu6Rnigni6U3qV0OKPGOKeik5ciqUhd4:102wzVz/Sjph1g/KtVHPOqVbeBKzbiTG","tlshash":"1f320ae35760441c23abc466fe7fb64eb112e483f9551980f29cca1b9fd3dd29823952","first_seen":"2023-11-28T07:57:55Z","last_seen":"2023-11-28T07:57:55Z","times_seen":1,"resource_available":false,"data":null}},"time_used":445,"timings":{"blocked":205,"dns":2,"connect":23,"send":0,"wait":33,"receive":0,"ssl":178},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn4.cdn-telegram.org/file/ClwkqmfblWY5T2EboXrfT9RViFR2j4UVQtUDMaXMGeUYIKMGZkkiMGjM973KkKa9Up6PgQJjv67EZFDDCDlpLCEt4APhRFWtXxOrYhwcTl0AuKNbwGc19C9yGJbOiYc1DCbkA6gXSJ8w7-wrnlUR3Sb1SodDcLaJ0Bde4I3uJergA3957bsTpBLaUC7fUfMRmxmP4Ax1cnkmnHJlJ6rVUTTRoBJPxS09WijMd0aYFoZd_5SGWXG4nrhiI4NgdBSSTdsosek7iVSvDpRzJ0tdNYuht7s6whIIUpeDI7XItUkCmp10TtOkn5le75zokszlHJzQ_Iq32c6yDlww9ybW5g.jpg","fqdn":"cdn4.cdn-telegram.org","domain":"cdn-telegram.org","tld":"org"},"ip":{"addr":"34.111.35.152","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","date":"2023-11-28T06:57:39.515Z","timestamp":1701154659515,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn1.cdn-telegram.org","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 04 Nov 2023 08:54:58 GMT","end":"Fri, 02 Feb 2024 09:46:50 GMT"},"fingerprint":{"sha1":"79:F4:49:35:E7:E7:73:9F:FD:BE:84:5C:D4:FC:EA:06:91:E7:18:CC","sha256":"3D:04:CE:AE:BF:0F:31:61:D9:C6:7D:55:17:EE:39:04:A6:FD:9E:E4:86:D8:67:7B:E2:0B:D1:97:DE:17:B5:7D"}}},"request":{"raw":"GET /file/ClwkqmfblWY5T2EboXrfT9RViFR2j4UVQtUDMaXMGeUYIKMGZkkiMGjM973KkKa9Up6PgQJjv67EZFDDCDlpLCEt4APhRFWtXxOrYhwcTl0AuKNbwGc19C9yGJbOiYc1DCbkA6gXSJ8w7-wrnlUR3Sb1SodDcLaJ0Bde4I3uJergA3957bsTpBLaUC7fUfMRmxmP4Ax1cnkmnHJlJ6rVUTTRoBJPxS09WijMd0aYFoZd_5SGWXG4nrhiI4NgdBSSTdsosek7iVSvDpRzJ0tdNYuht7s6whIIUpeDI7XItUkCmp10TtOkn5le75zokszlHJzQ_Iq32c6yDlww9ybW5g.jpg HTTP/1.1\r\nHost: cdn4.cdn-telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://t.me/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 06:57:35 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 23918\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-security-policy: default-src 'none'; sandbox\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\naccess-control-expose-headers: Accept-Ranges, Content-Range, Content-Length\r\naccept-ranges: bytes, bytes\r\ncache-control: public,max-age=7200\r\netag: \"cb1b856bb7916c2aea1bf3d17e90654f441294a9\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23918,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, baseline, precision 8, 320x320, components 3\\012- data","md5":"47b076fc4cc0539a5c488cc13a7753ef","sha1":"678d873e8575fc83a375f18e12ae17945ee26979","sha256":"c9643859bf28dacf4703fb38dfdc8474fd7dd9c3b2bc942f2864d3d06e85419d","sha512":"32ec1381e30986f9936b77b20db1a4160d77247db74376636c32a5478e81801bb78222160c0bf3a6d45bc7e1dd3ac8e25b48f51490e21b304ddc009bdf72ee03","ssdeep":"","tlshash":"","first_seen":"2023-11-28T07:57:55Z","last_seen":"2023-11-28T07:57:55Z","times_seen":1,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":47,"dns":1,"connect":8,"send":0,"wait":132,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","date":"2023-11-28T06:57:40.688Z","timestamp":1701154660688,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 11 Aug 2023 16:00:43 GMT","end":"Wed, 11 Sep 2024 16:00:43 GMT"},"fingerprint":{"sha1":"AB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30","sha256":"D7:2D:40:3C:DF:83:75:CF:52:F8:28:D1:DD:CE:2D:2E:99:05:B1:16:EF:E7:F5:04:D3:3D:DB:98:40:93:3D:E9"}}},"request":{"raw":"GET /fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://t.me\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.org/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 06:57:36 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 11028\r\nlast-modified: Thu, 20 Oct 2022 11:05:33 GMT\r\netag: \"63512b7d-2b14\"\r\nexpires: Sat, 02 Dec 2023 06:57:36 GMT\r\ncache-control: max-age=345600\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11028,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 11028, version 1.0\\012- data","md5":"1f6d3cf6d38f25d83d95f5a800b8cac3","sha1":"279f300ca2cbbdf9f5036ef2f438607fbf377daa","sha256":"796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f","sha512":"716305f4d2582683b64c61b5e2390983579ea0fb33c936dd3ea8362872176625fbcb6f5ad18d2abf85da82d14c33a9640dfc5749922cb2fc079ddf37864f361f","ssdeep":"192:4oijUxKA0B3BxJPeLrh00JWNhi5A5HWdZ6SfroKthzwbMcYfQKvwpFVX2T+:Nx4bexHAE6STltlwbMcovaET+","tlshash":"9032cf5eaa417172974b5791e296fbc0e627186438fb02fef85185bbc4045e437092be","first_seen":"2023-04-05T08:50:36Z","last_seen":"2026-06-04T00:21:56.657625Z","times_seen":74734,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","date":"2023-11-28T06:57:40.692Z","timestamp":1701154660692,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 11 Aug 2023 16:00:43 GMT","end":"Wed, 11 Sep 2024 16:00:43 GMT"},"fingerprint":{"sha1":"AB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30","sha256":"D7:2D:40:3C:DF:83:75:CF:52:F8:28:D1:DD:CE:2D:2E:99:05:B1:16:EF:E7:F5:04:D3:3D:DB:98:40:93:3D:E9"}}},"request":{"raw":"GET /fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://t.me\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.org/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 06:57:36 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 11040\r\nlast-modified: Thu, 20 Oct 2022 11:05:33 GMT\r\netag: \"63512b7d-2b20\"\r\nexpires: Sat, 02 Dec 2023 06:57:36 GMT\r\ncache-control: max-age=345600\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11040,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 11040, version 1.0\\012- data","md5":"5e22a46c04d947a36ea0cad07afcc9e1","sha1":"6091d981c2a4ee975c7f6b56186ee698040bb804","sha256":"0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44","sha512":"3e2dcb20c7416160573ea7c7a17bf7250132c5203161b03aeaa3cf065e3ce609da6d1b317d3739aad7fc0c092c44cd0c4ea5657a63bfa530c66f9b0ecb9daf15","ssdeep":"192:4Q49xPa2JiaMac+2d26KTpwgLfdRVH8Hfyj+lGSdVtxejHgwPvuD14CBt/F8bxt:4QcNc+2w6eJcIoGSdVtxoHgU+1B8bxt","tlshash":"3b32d0a8682c19fc49357837b8034109dfdfa1c1428c0a5633ebf5f45da3a264e2fe61","first_seen":"2023-04-05T08:50:36Z","last_seen":"2026-06-04T00:21:56.659652Z","times_seen":68355,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":57,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/img/apple-touch-icon.png","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","date":"2023-11-28T06:57:40.756Z","timestamp":1701154660756,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 11 Aug 2023 16:00:43 GMT","end":"Wed, 11 Sep 2024 16:00:43 GMT"},"fingerprint":{"sha1":"AB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30","sha256":"D7:2D:40:3C:DF:83:75:CF:52:F8:28:D1:DD:CE:2D:2E:99:05:B1:16:EF:E7:F5:04:D3:3D:DB:98:40:93:3D:E9"}}},"request":{"raw":"GET /img/apple-touch-icon.png HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://t.me/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 06:57:36 GMT\r\ncontent-type: image/png\r\ncontent-length: 5644\r\nlast-modified: Thu, 21 Apr 2022 13:47:47 GMT\r\netag: \"62616083-160c\"\r\nexpires: Sat, 02 Dec 2023 06:57:36 GMT\r\ncache-control: max-age=345600\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5644,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\\012- data","md5":"295ccdb03006b8dfef45090dafbd46ac","sha1":"491ab660270e47cbac6a5731c51cca71c1c1b2b1","sha256":"a51d667d4262047c23e3a2a8aac3b46dc8a58c686cc013f2354011c07bf22cf3","sha512":"90bf3871af6d20372e1b7daa177afccaa16d30970873c2a1363d05fc49eca24b18e406835da051d79887e0e223aae345fd797cfa479f324f776e28b461b17bcd","ssdeep":"96:ZKgGepqI/QddfO0T+kST5610/DXhkyFBKNpu7UhDjuTu+uCCar+0xWl/rB61LVWR:yesBf+DNPVFANc7UhDku5G+0xWl/t6OR","tlshash":"28c19eb8f6ed2e5bc5f28693eb472665b2972a208534c06053f1ea1bd7b2121b4c6342","first_seen":"2023-05-02T07:47:09Z","last_seen":"2026-06-03T16:53:09.408129Z","times_seen":68232,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"schoonerelapsing.click/","fqdn":"schoonerelapsing.click","domain":"schoonerelapsing.click","tld":"click"},"ip":{"addr":"104.21.91.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-28T06:57:38.787Z","timestamp":1701154658787,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"schoonerelapsing.click","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 30 Oct 2023 07:02:51 GMT","end":"Sun, 28 Jan 2024 07:02:50 GMT"},"fingerprint":{"sha1":"08:C7:EE:93:8F:02:3B:0C:20:28:C3:7B:EC:02:E2:44:E3:FF:BD:94","sha256":"CA:F2:58:29:4D:AC:21:A3:D2:A4:49:9C:97:28:77:BA:11:E0:A4:6A:9F:2A:2B:7D:6A:24:E9:01:6C:F6:D4:99"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: schoonerelapsing.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 28 Nov 2023 06:57:35 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Tue, 28 Nov 2023 06:57:34 GMT\r\nset-cookie: _subid=s8hnpa2u1a17; expires=Fri, 29 Dec 2023 06:57:35 GMT; path=/\nf5771=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM5ODM0XCI6MTcwMTE1NDY1NX0sXCJjYW1wYWlnbnNcIjp7XCIzNTUzNVwiOjE3MDExNTQ2NTV9LFwidGltZVwiOjE3MDExNTQ2NTV9In0.F2qKYUBaqEolfsM7S_v32fhqOpEjsYzM4C9dWXaH_5g; expires=Mon, 25 Oct 2077 13:55:10 GMT; path=/\n_token=uuid_s8hnpa2u1a17_s8hnpa2u1a1765658f5f070536.53428909; expires=Fri, 29 Dec 2023 06:57:35 GMT; path=/\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=vi8neFqT2cK9J6GxXlK%2Fcr72t2v8C3nd71b02YB35eb3yTQmbqCcg2jOm%2FSPCpLesEDRxgGUL0R6D%2B0LRdowmlJGv9TFaRrYKyq800Y9xsh4TBnvoPOeaQ0%2FWD7CKnd0IJECi9T13zPq\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82d0b7b13f30b4f1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":11520,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-04T02:31:49.002185Z","times_seen":16096136,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":130,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/css/font-roboto.css?1","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","date":"2023-11-28T06:57:39.507Z","timestamp":1701154659507,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 11 Aug 2023 16:00:43 GMT","end":"Wed, 11 Sep 2024 16:00:43 GMT"},"fingerprint":{"sha1":"AB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30","sha256":"D7:2D:40:3C:DF:83:75:CF:52:F8:28:D1:DD:CE:2D:2E:99:05:B1:16:EF:E7:F5:04:D3:3D:DB:98:40:93:3D:E9"}}},"request":{"raw":"GET /css/font-roboto.css?1 HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://t.me/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 06:57:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 20 Oct 2022 11:05:33 GMT\r\netag: W/\"63512b7d-1816\"\r\nexpires: Sat, 02 Dec 2023 06:57:35 GMT\r\ncache-control: max-age=345600\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6166,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6354), with no line terminators","md5":"c06318a1f377e388b69b104b4cefa1a6","sha1":"151f067aae997487880e573876f96b8d598e64db","sha256":"1a53363e667fffef8a82588191989d36e680b4d341c6b557e62bf207311a3d70","sha512":"3921dd19ce6a7b0c1913ba22c8c6c6adb4160f04d5ead4451656abd051f90085c7304078f3ea0ab49e6548a16cf770fa82af978e94f05789d4a187ba24cac72f","ssdeep":"48:AIFZnu3toDdNkoraFZsyEto5Nko5OzzFZI97isxtoc1Nkoj:AIFZudoDdNfaFZsyeo5N4HFZy3o0Nn","tlshash":"e2d15940581b6000e7534ee637df7a36b98e2f1520624233abfd55ae6ddbc2253a4b4d","first_seen":"0001-01-01T00:00:00Z","last_seen":"2025-04-06T21:57:59.141612Z","times_seen":44551,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":183,"dns":15,"connect":25,"send":0,"wait":23,"receive":0,"ssl":139},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/css/bootstrap.min.css?3","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","date":"2023-11-28T06:57:39.511Z","timestamp":1701154659511,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 11 Aug 2023 16:00:43 GMT","end":"Wed, 11 Sep 2024 16:00:43 GMT"},"fingerprint":{"sha1":"AB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30","sha256":"D7:2D:40:3C:DF:83:75:CF:52:F8:28:D1:DD:CE:2D:2E:99:05:B1:16:EF:E7:F5:04:D3:3D:DB:98:40:93:3D:E9"}}},"request":{"raw":"GET /css/bootstrap.min.css?3 HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://t.me/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 06:57:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 10 Nov 2017 17:54:14 GMT\r\netag: W/\"5a05e7c6-a61b\"\r\nexpires: Sat, 02 Dec 2023 06:57:35 GMT\r\ncache-control: max-age=345600\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42523,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (42164)","md5":"c2656e265ef58a9cc9f4b70b15da5fb9","sha1":"85c5ebdb89d4574d72688c2650d4b84b9b09770a","sha256":"f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3","sha512":"6417aadebeef4ee35381bfc7034148d57fd061d84de9974d798468c6426c24a6bd1c9913cf517accf3e349fa06cbdd546d2883ea8391c595285fe0c6127e26e8","ssdeep":"384:6RvBBVkrJxvcwYBUQ7X85AUfvDUNeFUBOgBmjeYP4PSvSdlb1bGjpXJNNRyIrOM:2k0p38OBmjeYP4xb1bG/bRyIH","tlshash":"6313c811f36031aa2167c61c65d4aad63f256120da8e0fbbf93376e88b8d6c91373f05","first_seen":"2023-04-07T00:00:47Z","last_seen":"2026-06-03T16:53:09.41303Z","times_seen":67824,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":180,"dns":19,"connect":26,"send":0,"wait":24,"receive":0,"ssl":141},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/css/telegram.css?236","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","date":"2023-11-28T06:57:39.512Z","timestamp":1701154659512,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 11 Aug 2023 16:00:43 GMT","end":"Wed, 11 Sep 2024 16:00:43 GMT"},"fingerprint":{"sha1":"AB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30","sha256":"D7:2D:40:3C:DF:83:75:CF:52:F8:28:D1:DD:CE:2D:2E:99:05:B1:16:EF:E7:F5:04:D3:3D:DB:98:40:93:3D:E9"}}},"request":{"raw":"GET /css/telegram.css?236 HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://t.me/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 06:57:36 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 20 Mar 2023 10:58:55 GMT\r\netag: W/\"64183c6f-1c0b3\"\r\nexpires: Sat, 02 Dec 2023 06:57:36 GMT\r\ncache-control: max-age=345600\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":114867,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1267)","md5":"0d209d756face073dd14a437f07e58b2","sha1":"20cb9119fdd02921a6bd0b1500f78a0b76a7a5c0","sha256":"acd326a9263ee8c4cbc757fed46333732a0e3f8f48d398cbd4f8e36a09fdaf76","sha512":"43ff3f3fcfb37178ac4ac365d0246cbff649b57c1f83f1072c2280c0909cdb054dbede85f1a3aed865536b15eb7a9eaf77a25eb90369d0ce83660ddeb32aaeae","ssdeep":"1536:xylcfDxYzbJ3iw93BC2cXdm791WoDYz5hw4uJuhwNpfewltog69FjxWDpfoV685u:xylc7xYzwwyVXkC0Yz6KL5u","tlshash":"d4b382db9ab99608746b80687ea35b42337d8003a54ece7dbbb1346cefc56d08173749","first_seen":"2023-04-05T13:41:41Z","last_seen":"2026-01-01T20:02:52.892627Z","times_seen":2929,"resource_available":false,"data":null}},"time_used":2203,"timings":{"blocked":1073,"dns":17,"connect":26,"send":0,"wait":49,"receive":0,"ssl":1031},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/tgwallpaper.min.js?3","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","date":"2023-11-28T06:57:39.516Z","timestamp":1701154659516,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 11 Aug 2023 16:00:43 GMT","end":"Wed, 11 Sep 2024 16:00:43 GMT"},"fingerprint":{"sha1":"AB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30","sha256":"D7:2D:40:3C:DF:83:75:CF:52:F8:28:D1:DD:CE:2D:2E:99:05:B1:16:EF:E7:F5:04:D3:3D:DB:98:40:93:3D:E9"}}},"request":{"raw":"GET /js/tgwallpaper.min.js?3 HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://t.me/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 06:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Mar 2022 19:57:25 GMT\r\netag: W/\"62211da5-ba3\"\r\nexpires: Sat, 02 Dec 2023 06:57:35 GMT\r\ncache-control: max-age=345600\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2979,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2998), with no line terminators","md5":"f03422dc797fd26a3834b1ec041128ed","sha1":"a6e88f4fe48b749c2b7360e8e004f64b6cfffb1a","sha256":"046ec6b7909d0ca5cc6ef271a1b57b2f2be0bd88e3495fd8c496f1524e8ffaac","sha512":"2f69e16fc15721ac83ba4ce928b971c280b3fdd137709adccf8ce309ed4c95a894d8514bad5647bdb541f0f1e43b03c29c7a171309a137815157d8d0a7319dcc","ssdeep":"","tlshash":"2151631a2790624df7251a927d7f036651b0a931e83790600a2ef4cbbcfced112e9e5e","first_seen":"2023-04-05T13:41:41Z","last_seen":"2025-04-06T21:57:59.142551Z","times_seen":46726,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":119,"dns":18,"connect":23,"send":0,"wait":23,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/img/tgme/pattern.svg?1","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","date":"2023-11-28T06:57:40.668Z","timestamp":1701154660668,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 11 Aug 2023 16:00:43 GMT","end":"Wed, 11 Sep 2024 16:00:43 GMT"},"fingerprint":{"sha1":"AB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30","sha256":"D7:2D:40:3C:DF:83:75:CF:52:F8:28:D1:DD:CE:2D:2E:99:05:B1:16:EF:E7:F5:04:D3:3D:DB:98:40:93:3D:E9"}}},"request":{"raw":"GET /img/tgme/pattern.svg?1 HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.org/css/telegram.css?236\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 06:57:36 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Jan 2023 17:52:04 GMT\r\netag: W/\"63b70e44-3891a\"\r\nexpires: Sat, 02 Dec 2023 06:57:36 GMT\r\ncache-control: max-age=345600\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":231706,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- XML 1.0 document text\\012- XML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"d0c22c6a97023d85ba6e644a41c44a5d","sha1":"4284efb616c182da4450c123174ce0e81a322845","sha256":"118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4","sha512":"da96462f4f999bb65509d32e4d5d2e1fd74555ce78d43e5f80fc350155bce59250337cd1796b17d2132f39429b5e3fd95d05101ee9f9b29bce2bb7b44b6e4eb8","ssdeep":"1536:XVU9J794HJ4E7mwNUiRPt5jmU7LxmMS2S1J7g8tEqcqMWKB5v:Xew7ePc","tlshash":"0a34c1834304f7fbada582589b3814e971c29debd430e1d475bb2d52da0ccd8598cbea","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T16:53:09.409369Z","times_seen":63947,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/img/website_icon.svg?4","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://t.me/MerryAMdales_bot?start=dmjgdDix65pHLJuRz-35535-s8hnpa2u1a17","date":"2023-11-28T06:57:40.758Z","timestamp":1701154660758,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 11 Aug 2023 16:00:43 GMT","end":"Wed, 11 Sep 2024 16:00:43 GMT"},"fingerprint":{"sha1":"AB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30","sha256":"D7:2D:40:3C:DF:83:75:CF:52:F8:28:D1:DD:CE:2D:2E:99:05:B1:16:EF:E7:F5:04:D3:3D:DB:98:40:93:3D:E9"}}},"request":{"raw":"GET /img/website_icon.svg?4 HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://t.me/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 06:57:36 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 20 Jul 2020 20:41:37 GMT\r\netag: W/\"5f160181-768\"\r\nexpires: Sat, 02 Dec 2023 06:57:36 GMT\r\ncache-control: max-age=345600\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1896,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- XML document, ASCII text, with very long lines (1968), with no line terminators","md5":"5caca7ae1cffb3da0b06150a15020005","sha1":"04cfb934f238d33209406393a3fbf78454815739","sha256":"1ea747a06fbc240c2594a8c523cb248bbda4784f0fcad9d0f06334f1a378604f","sha512":"01f2f0bf09c9ba032a732b01706f50afc22d823abf3086d5377be20ebdf13cb42ebdd2e813849ccc598115b42fc03e2774439b2266272e1ef1d2f8cd000c7d37","ssdeep":"","tlshash":"3941a69e237554f9fa01c3ba8c30884f696674692b8980d0b0cd56fe7b180f1c7cd881","first_seen":"2023-05-02T07:47:09Z","last_seen":"2025-04-06T21:57:59.139859Z","times_seen":47669,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}