{"report_id":"0ac06831-678a-4abc-a4c9-c44cfe607cb8","version":6,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-05-12T08:50:42Z","url":{"schema":"http","addr":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","fqdn":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"101.33.10.10","port":0,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","fqdn":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","domain":"edgeone.app","tld":"app"},"title":"Hello, World!","dom":{"size":18898,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"ab06c93c4369e1aec21cb260ff20c6b3","sha1":"e849e4cb7a8b5f64a48808cc2cbd8a3ca8776886","sha256":"557744a266f31f2a98664fe6b994cf93672cc30db4ca45771b2210c14ede439a","sha512":"3242288e85269815b8b032a50bf3e998554173e59bbb5afd73a11aaf466783938c9679520d53e18c63c87732d6b132f62dd56cf218e16146cf0b207fd12a10ee","ssdeep":"384:fq8Fj4FH9cmGhCEYyFrWBb2pcLVFIb1GpuAHXw:fq8Fj4FH9shrYyZ2y+xFGMw","tlshash":"de8251aa25b704117903e1e92ba78b073661d007e50bcd2c7bad5388cf4be99d9637c8","dom_hash":"domhash338d45d8a11ee674ecba19ede5332580","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","fqdn":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"101.33.10.10","port":0,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-16T08:50:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-12","alert":"Detects file containing Telegram Bot API","trigger":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","ip":{"addr":"43.152.26.58","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"domain_registered":"2023-05-10","domain_rank":0,"first_seen":"2026-05-12T08:50:42.624876Z","last_seen":"2026-05-12T08:50:42.624876Z","alert_count":6,"request_count":4,"received_data":32130,"sent_data":2002,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-05-10T22:35:57.417067Z","alert_count":0,"request_count":3,"received_data":363225,"sent_data":1674,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","fqdn":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"43.152.26.58","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"md5":"4af86d6c72f1fb3dfd771b8d03a4b1da","sha1":"70a30decefac121b300d20d9b9aeeb0773ae9094","sha256":"6ff22be9a3ebcd1d2a0def706777b39c1f5abd9275dab34c4baaf172c760756a","sha512":"9f009ea14659e4c2a3a93f1749a98bb1e3c81e26a1d11aa762a6e6b95bf24a4d18b148600b6bdcb34715280ac69e6428daab27c3b84e3b27563a956b186574ff","size":6773,"token":"8393414132:AAHxc-8VHdGeAr4wv-Bz07oikKrP3NmAfCA","is_revoked":false,"bot":{"token":"8393414132:AAHxc-8VHdGeAr4wv-Bz07oikKrP3NmAfCA","user_id":"8393414132","username":"Instagram_login_to_anit_bot","first_name":"Instagram login page","last_name":"","chat":{"chat_id":"7954136572","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":0}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","fqdn":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"43.152.26.58","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"4af86d6c72f1fb3dfd771b8d03a4b1da","sha1":"70a30decefac121b300d20d9b9aeeb0773ae9094","sha256":"6ff22be9a3ebcd1d2a0def706777b39c1f5abd9275dab34c4baaf172c760756a","sha512":"9f009ea14659e4c2a3a93f1749a98bb1e3c81e26a1d11aa762a6e6b95bf24a4d18b148600b6bdcb34715280ac69e6428daab27c3b84e3b27563a956b186574ff","ssdeep":"192:/Yyf9rWBqCf2pL/bYjLVjJHobjhGWyutWrrX5v:/YyFrWBb2pcLVFIb1GpuAHXZ","tlshash":"e4e15396257b08201f97e1f6536b50053022e01f3985de99fbbe87005f16f6479527dd","size":6773,"data":"","first_seen":"2026-05-12T08:50:44.800333Z","last_seen":"2026-05-12T08:50:44.800333Z","times_seen":1,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-12","alert":"Detects file containing Telegram Bot API","trigger":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/styles.css","fqdn":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"43.152.26.58","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","date":"2026-05-12T08:50:19.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.app","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Nov 2025 00:00:00 GMT","end":"Mon, 16 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F6:84:C7:1E:F8:5A:EC:5F:B1:17:36:FB:01:CB:DB:C1:0E:C5:4D:09","sha256":"D2:65:EF:F3:E0:E5:38:B3:F8:DB:9F:90:CA:EB:E3:58:AA:0B:3D:23:0F:A0:A1:7C:7A:AC:21:E2:D7:61:A8:18"}}},"request":{"raw":"GET /styles.css HTTP/1.1\r\nHost: breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\naccept-ranges: bytes\r\netag: \"0445e4fdf1e737913bb718eca592a661\"\r\nlast-modified: Tue, 23 Sep 2025 09:32:20 GMT\r\nage: 0\r\ncontent-length: 3881\r\nserver: edgeone-pages\r\ncache-control: \r\ndate: Tue, 12 May 2026 08:50:19 GMT\r\neo-log-uuid: 16930379614582635678\r\neo-cache-status: Cache Miss\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":3881,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"0445e4fdf1e737913bb718eca592a661","sha1":"70a8b556ef2096f20d7c74de6ca227210e18f9bf","sha256":"00d28cc4359700e1336124d1506eacdd693eb2b196c94bbd4de4d86ed0becd9f","sha512":"994b978139358beb7e1aebc2f62fe3844a4b2e938e57082ddbf35dd78fa2fd5e55d00219682bf4fad419cf0237aafe4d66864d4bfd4581e59656fb3f5bb13b4a","ssdeep":"","tlshash":"ca81ac5765f311126953d4ac2f765b0a76e5c003c28acd2a3eed6358cf8ad829d9334c","first_seen":"2025-09-23T20:37:57.881229Z","last_seen":"2026-05-25T23:16:57.695654Z","times_seen":2197,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/script.js","fqdn":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"43.152.26.58","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","date":"2026-05-12T08:50:19.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.app","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Nov 2025 00:00:00 GMT","end":"Mon, 16 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F6:84:C7:1E:F8:5A:EC:5F:B1:17:36:FB:01:CB:DB:C1:0E:C5:4D:09","sha256":"D2:65:EF:F3:E0:E5:38:B3:F8:DB:9F:90:CA:EB:E3:58:AA:0B:3D:23:0F:A0:A1:7C:7A:AC:21:E2:D7:61:A8:18"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\naccept-ranges: bytes\r\netag: \"0445e4fdf1e737913bb718eca592a661\"\r\nlast-modified: Tue, 23 Sep 2025 09:32:20 GMT\r\nage: 0\r\ncontent-length: 3881\r\nserver: edgeone-pages\r\ncache-control: \r\ndate: Tue, 12 May 2026 08:50:19 GMT\r\neo-log-uuid: 4009465001483258390\r\neo-cache-status: Cache Miss\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":3881,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"0445e4fdf1e737913bb718eca592a661","sha1":"70a8b556ef2096f20d7c74de6ca227210e18f9bf","sha256":"00d28cc4359700e1336124d1506eacdd693eb2b196c94bbd4de4d86ed0becd9f","sha512":"994b978139358beb7e1aebc2f62fe3844a4b2e938e57082ddbf35dd78fa2fd5e55d00219682bf4fad419cf0237aafe4d66864d4bfd4581e59656fb3f5bb13b4a","ssdeep":"","tlshash":"ca81ac5765f311126953d4ac2f765b0a76e5c003c28acd2a3eed6358cf8ad829d9334c","first_seen":"2025-09-23T20:37:57.881229Z","last_seen":"2026-05-25T23:16:57.695654Z","times_seen":2197,"resource_available":true,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","date":"2026-05-12T08:50:19.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 12 May 2026 08:50:19 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18752\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6421d693-4940\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 368863\r\nexpires: Sun, 02 May 2027 08:50:19 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M20dIQ%2B9JkhKWQAAgpCMVp8lUdAHVPtuclSVa9W2i7KK%2F8DbvaVd4Cn8gh1I2dtgksRzEJ8Hkgk8WucuqYqgTOVt24981GZ6TJPx9sCjWBd%2B2O62fXZpVQxNb%2F7QP7ElPX%2F%2FNfWf\"}]}\r\ncf-ray: 9fa82cd5fd2356cb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-05-26T00:11:26.065203Z","times_seen":49608,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":10,"dns":1,"connect":1,"send":0,"wait":11,"receive":1,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","date":"2026-05-12T08:50:19.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 12 May 2026 08:50:19 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 150124\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-24a6c\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 468100\r\nexpires: Sun, 02 May 2027 08:50:19 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ad%2B%2FJbcbaXm%2FApc026Q4IsUd7xM6ITrjOBzlhm6YU91tr9KVA67QntNhDGeCLew4cNuKWqaV79bXHYE1%2Fu0bjK%2BYiiqQcT4f6XAhaxYSFlnKwYdcaLG7m%2BLutANgXvIVadXmVfK%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: 9fa82cd78834b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":150124,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 150124, version 772.256","md5":"c64278386c2bbb5e293e11b94ca2f6d1","sha1":"6b99aa650bd12a36caa14e0127435d8f4cd3ba73","sha256":"7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880","sha512":"0ccdc1515510d902c0b4a48b863c48bad86e1f766b1f9c890a64e28d91ee7c6d488241c531fc094d15b29c211da71e092587a987e24ee8e67ef8ea99c284e821","ssdeep":"3072:7sCbk7w0ZXdkN6iMjif3Lr7x7wAtf+D7gDk1feXDLnurWHqrNIuv5n0:7sCbkFZXdC7MaLr9w2mIY1feXXurWyNW","tlshash":"28e3123cf2c6d486735f5aeadb79636894fd0a2e74ecc67d26b982112048f828174d1d","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-05-25T23:58:55.661813Z","times_seen":36480,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":21,"dns":1,"connect":0,"send":0,"wait":10,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","date":"2026-05-12T08:50:19.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 12 May 2026 08:50:19 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 108020\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-1a5f4\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1002727\r\nexpires: Sun, 02 May 2027 08:50:19 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mPlZ6h2TZ9k0ySNlqhHyx4vLVcEDE3XWSp%2FToLszqm3WxIQtYNcdtvOvIkmvge4%2FgKSZIIhpzjBJlf1kcZ8rZRKXN4aNm%2BARaF4PH7s%2F083xK6nN57H7Za4e7IHsS6f0igjzJyPe\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: 9fa82cd78836b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":108020,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 108020, version 772.256","md5":"8b0ddedbb27cbc9971c8667caa8a0cc1","sha1":"4350f9ba93384634faf35f41c503c99c767f1069","sha256":"748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207","sha512":"d3b4791b988fcfd9911a2158163d0c44d6797650890b5d4ac769417e09d8fc2c67edc595be8e7927de0519a85eeb3577d0c7e385bdc99d762c7a6cfbad021b39","ssdeep":"3072:MUdDCdwgz0kLytDzAUhcJz8zfleLXsg4OEpUtbeONfQfG:1d+dNBBh8zflIWGP9Qe","tlshash":"8db312128031ef76fd4aa621de6b1807b03da30b67f249a9ded46a37c050997b471b4f","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-05-25T19:58:42.239292Z","times_seen":18537,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":11,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/favicon.ico","fqdn":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"43.152.26.58","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","date":"2026-05-12T08:50:19.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.app","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Nov 2025 00:00:00 GMT","end":"Mon, 16 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F6:84:C7:1E:F8:5A:EC:5F:B1:17:36:FB:01:CB:DB:C1:0E:C5:4D:09","sha256":"D2:65:EF:F3:E0:E5:38:B3:F8:DB:9F:90:CA:EB:E3:58:AA:0B:3D:23:0F:A0:A1:7C:7A:AC:21:E2:D7:61:A8:18"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\naccept-ranges: bytes\r\netag: \"0445e4fdf1e737913bb718eca592a661\"\r\nlast-modified: Tue, 23 Sep 2025 09:32:20 GMT\r\nage: 0\r\ncontent-length: 3881\r\nserver: edgeone-pages\r\ncache-control: \r\ndate: Tue, 12 May 2026 08:50:19 GMT\r\neo-log-uuid: 9244363500939630734\r\neo-cache-status: Cache Miss\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":3881,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"0445e4fdf1e737913bb718eca592a661","sha1":"70a8b556ef2096f20d7c74de6ca227210e18f9bf","sha256":"00d28cc4359700e1336124d1506eacdd693eb2b196c94bbd4de4d86ed0becd9f","sha512":"994b978139358beb7e1aebc2f62fe3844a4b2e938e57082ddbf35dd78fa2fd5e55d00219682bf4fad419cf0237aafe4d66864d4bfd4581e59656fb3f5bb13b4a","ssdeep":"","tlshash":"ca81ac5765f311126953d4ac2f765b0a76e5c003c28acd2a3eed6358cf8ad829d9334c","first_seen":"2025-09-23T20:37:57.881229Z","last_seen":"2026-05-25T23:16:57.695654Z","times_seen":2197,"resource_available":true,"data":null}},"time_used":683,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":682,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","fqdn":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"43.152.26.58","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-12T08:50:18.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.app","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Nov 2025 00:00:00 GMT","end":"Mon, 16 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F6:84:C7:1E:F8:5A:EC:5F:B1:17:36:FB:01:CB:DB:C1:0E:C5:4D:09","sha256":"D2:65:EF:F3:E0:E5:38:B3:F8:DB:9F:90:CA:EB:E3:58:AA:0B:3D:23:0F:A0:A1:7C:7A:AC:21:E2:D7:61:A8:18"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 09 Jan 2026 12:49:00 GMT\r\ncontent-encoding: gzip\r\netag: \"86ae403fd22a70bc85834a47779870ea\"\r\ncontent-type: text/html\r\nage: 604136\r\ncontent-length: 4605\r\naccept-ranges: bytes\r\nserver: edgeone-pages\r\ncache-control: public,max-age=3600,must-revalidate\r\ndate: Tue, 12 May 2026 08:50:18 GMT\r\neo-log-uuid: 2818440768946027926\r\neo-cache-status: Cache Hit\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19034,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"86ae403fd22a70bc85834a47779870ea","sha1":"64297a93184f9c4961fb0d664233b7426cf91275","sha256":"1fed76108f31705a72ebcb964baa3495a4cc5f5de0b9df28bde84355aa976a0a","sha512":"2d342c18ec87e914ccc431db93644a3ec6379e0aa278027c0bfb23df916f7393408450d366c370bcf35487eb00cf99fd971a99f9cf88e3e21d9e661913d07015","ssdeep":"384:Sq8Fj4FH9XmGhCEYyFrWBb2pcLVFIb1GpuAHXO:Sq8Fj4FH9zhrYyZ2y+xFGMO","tlshash":"558251aa25b705117903e1e42ba78b073661d107e507ce2c7bed5388cf4be99d9a37c8","first_seen":"2026-05-12T08:50:44.797993Z","last_seen":"2026-05-12T08:50:44.797993Z","times_seen":1,"resource_available":true,"data":null}},"time_used":942,"timings":{"blocked":460,"dns":56,"connect":19,"send":0,"wait":22,"receive":0,"ssl":382},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-12","alert":"Detects file containing Telegram Bot API","trigger":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"breakable-white-xybllb27jb-yke2qr4bi8.edgeone.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}}]}