{"report_id":"12adf446-4de9-4749-bf6b-19cc93ae36ed","version":6,"status":"done","tags":[],"date":"2026-02-06T21:05:49Z","url":{"schema":"https","addr":"breakingbad.gd/","fqdn":"breakingbad.gd","domain":"breakingbad.gd","tld":"gd"},"ip":{"addr":"172.67.178.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"breakingbad.gd/","fqdn":"breakingbad.gd","domain":"breakingbad.gd","tld":"gd"},"title":"Breaking Bad • Shop","dom":{"size":8507,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"94a2dce117be7d6024208805a7b35101","sha1":"fdd0a6aaffdb0efb552fd487e3ddb3abcb224a3e","sha256":"c794a367ec70c25a1971270d771a75d655c0e0ef2cf969d7e02b72b22b296091","sha512":"442a73e3d7a922a5538737e29d73bcb5fef2c935fc45b8aca7b781420abf2d7e9bc682f35495a54c07d95f81f184150b6737d183e0ea3f8ac3a721a9472c2421","ssdeep":"96:MxAhdHUUqPOUqyh6AwPnRz9SMyw0f0cRNxCZZAmS7AlRaeTPQ2SJWhbBQJ:M0NUxGxyEPP99SvdoAlAvtQJ","tlshash":"1b0209a4d4f959b32167c4e6b5e29f9f7ed0e607c68a150476ec0bea0f93cc2c95700a","dom_hash":"domhash9a3cda651c056b75afc5b2032407429f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"breakingbad.gd/","fqdn":"breakingbad.gd","domain":"breakingbad.gd","tld":"gd"},"ip":{"addr":"172.67.178.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-13T21:05:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"breakingbad.gd","ip":{"addr":"104.21.43.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-26","domain_rank":0,"first_seen":"2026-02-06T20:58:46.42344Z","last_seen":"2026-02-06T20:58:46.42344Z","alert_count":0,"request_count":6,"received_data":183371,"sent_data":2615,"comment":"","tags":null,"fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}]},{"fqdn":"telegram.org","ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":499,"first_seen":"2013-12-18T13:14:30Z","last_seen":"2026-02-04T11:51:17.83194Z","alert_count":0,"request_count":1,"received_data":114323,"sent_data":422,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"breakingbad.gd/","fqdn":"breakingbad.gd","domain":"breakingbad.gd","tld":"gd"},"ip":{"addr":"104.21.43.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"041fbbcaf18c8c52e2288bd39476f71a","sha1":"dfd0a1aa1c2b2118e4b3ce37f60fedb6e41d8138","sha256":"ea08e5ca956c96e897458f5ce2cbabdd47a0cdbcbc2c3507ae8ed75b01bc4f03","sha512":"9b7d9aa0a5903f699e0df32f23b3667aa894b8c0d94709a90c6ac6e99ca8c28db147d5114173e3466b9d6c3aa8b36f4074f21af38f917a12317cfe479a49d819","ssdeep":"","tlshash":"91f05c2d4ef310610933603b573ee1526163c46b16cae9613f0de71e6f50d2191e67f2","size":520,"data":"","first_seen":"2026-02-06T20:58:49.7337Z","last_seen":"2026-02-06T21:05:50.437553Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/telegram-web-app.js","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"70dbd7ade763706614c7ee99973dcc9c","sha1":"0b980ef4fe3e17d253fc2cdb672f1208736b733f","sha256":"b47f6cb105860d35b4ae512c22696a33157a365f4c885a33488f22ea8a3b6a03","sha512":"03c1f60831856975b61bea126ead239f116235fb0422178425d6b8c86553a3548d487c919f0f3f81e14de201680f63b7be24106589faffd8f3c56b28c2d19b45","ssdeep":"1536:pO5TpRdo54F0WN2Zbjcn9cF9KTfVjLo03ueLE+wFFz1NIVIB/MGYV76/xHK8ITrm:s5TpRdccKFU76x1H","tlshash":"6eb32e4d6cb3612285b3b1bf8b5f924172759883301def20794d9b646f80e7c53eaad8","size":113990,"data":"","first_seen":"2025-07-29T21:33:08.487755Z","last_seen":"2026-05-12T02:27:32.127067Z","times_seen":3808,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"breakingbad.gd/app.js?v=mlbdjv30_8ws","fqdn":"breakingbad.gd","domain":"breakingbad.gd","tld":"gd"},"ip":{"addr":"104.21.43.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e845cc6da21d3cfb1bbae6aac06a266d","sha1":"a8e16dc6c1a39e24a869358783f5a09008ca1a0c","sha256":"1986b7c0254074eb8ee39287266fe9f6fbb73c6b73a3f5b3e1771dac76418d2e","sha512":"82444f23c4565ba13603325557142bb705d9f1e90e6a690ac63c7b87b4ac511422493e9d9ce94e97ca601fd49fa0e92ae629a7a1b96d924e584a3502d7da640e","ssdeep":"384:o/B3WTnCq2QUkQqiQqPCqkFGZro6VClGO4ZGaX2ab5upnCeloZeKJDcTucYT5y5Z:okMxo6VkG6GuAe2V4/6V4","tlshash":"a703b658b4fb0530417ba0ba33efa6597aa440037566dd8178dc894c2fe1e91d6fbacc","size":39216,"data":"","first_seen":"2026-02-06T20:58:49.731429Z","last_seen":"2026-02-06T21:05:50.435892Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"breakingbad.gd/styles.css","fqdn":"breakingbad.gd","domain":"breakingbad.gd","tld":"gd"},"ip":{"addr":"104.21.43.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://breakingbad.gd/","date":"2026-02-06T21:05:27.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"breakingbad.gd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 07:08:49 GMT","end":"Sun, 26 Apr 2026 08:07:30 GMT"},"fingerprint":{"sha1":"D9:A3:2B:7B:F9:5D:41:44:EA:13:89:C3:4F:5C:3B:7E:3E:F6:3D:17","sha256":"E6:A3:C1:DF:74:B6:73:BE:F5:34:9C:EA:EF:F7:89:51:34:06:6B:47:C0:4E:A7:7A:AC:10:65:A1:50:1D:0A:FC"}}},"request":{"raw":"GET /styles.css HTTP/1.1\r\nHost: breakingbad.gd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://breakingbad.gd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, must-revalidate, private\r\npragma: no-cache\r\nexpires: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 27 Nov 2025 07:25:12 GMT\r\netag: W/\"6059-19ac433abc0\"\r\ncontent-type: text/css; charset=utf-8\r\npriority: u=2,i=?0\r\ndate: Fri, 06 Feb 2026 21:05:27 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EF0hMb9nXzL6idsJdlnjEGKukSYEx9uIPNGyVV5TjFx968%2FGYSRn4I0H8Sn7Vn%2FSQlJzaDOe1XFThTsl7Lp2r3ch9MSjP4NjtbMcLTbP\"}]}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\ncf-ray: 9c9d9b13f8a2b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":24665,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ad6821a5396c3970ffb1dd43d6305824","sha1":"f3fd634c447b5cef5f5b0daa4424a1d02a9b621a","sha256":"750c3cbceef76a2577caab211cb0f609d31fce7ec082bcfbc421bd40e6c7031b","sha512":"8985e207c4226108c246dbf22d068759ba8198c1df3ec1d121c4fb2c38252f536a8c19ae25c590ffa16bcc51acb4967c19d54f379171bbe707ec54e5b31096df","ssdeep":"384:E1IpEkVoQXXP+cBgthSMyOQUhl11cd23Y:AIpEkVoQXXP+mgthSMyOQUhlrY23Y","tlshash":"78b232a667a41424b93fe9687993df87f39de182810dca7d6fd4100c5d893ec91b2b88","first_seen":"2026-02-06T20:58:49.729187Z","last_seen":"2026-02-06T21:05:50.432311Z","times_seen":2,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/telegram-web-app.js","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://breakingbad.gd/","date":"2026-02-06T21:05:27.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Mon, 11 Aug 2025 13:36:48 GMT","end":"Sat, 12 Sep 2026 13:36:48 GMT"},"fingerprint":{"sha1":"85:08:98:2F:A3:60:90:21:E8:78:21:C8:A4:96:E1:A2:E6:9D:2C:64","sha256":"49:35:FF:BC:17:D1:E9:B3:15:37:E4:67:C2:3A:A0:69:6C:37:DC:52:3F:7C:02:D6:30:C4:6E:45:7C:CA:F0:D2"}}},"request":{"raw":"GET /js/telegram-web-app.js HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://breakingbad.gd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Fri, 06 Feb 2026 21:05:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 29 Jul 2025 14:26:51 GMT\r\netag: W/\"6888da2b-1bd46\"\r\nexpires: Tue, 10 Feb 2026 21:05:28 GMT\r\ncache-control: max-age=345600\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":113990,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (768)","md5":"70dbd7ade763706614c7ee99973dcc9c","sha1":"0b980ef4fe3e17d253fc2cdb672f1208736b733f","sha256":"b47f6cb105860d35b4ae512c22696a33157a365f4c885a33488f22ea8a3b6a03","sha512":"03c1f60831856975b61bea126ead239f116235fb0422178425d6b8c86553a3548d487c919f0f3f81e14de201680f63b7be24106589faffd8f3c56b28c2d19b45","ssdeep":"1536:pO5TpRdo54F0WN2Zbjcn9cF9KTfVjLo03ueLE+wFFz1NIVIB/MGYV76/xHK8ITrm:s5TpRdccKFU76x1H","tlshash":"6eb32e4d6cb3612285b3b1bf8b5f924172759883301def20794d9b646f80e7c53eaad8","first_seen":"2025-07-29T21:33:08.487755Z","last_seen":"2026-05-12T02:27:32.127067Z","times_seen":3808,"resource_available":true,"data":null}},"time_used":2153,"timings":{"blocked":1049,"dns":0,"connect":24,"send":0,"wait":48,"receive":0,"ssl":1028},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"breakingbad.gd/","fqdn":"breakingbad.gd","domain":"breakingbad.gd","tld":"gd"},"ip":{"addr":"104.21.43.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T21:05:27.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"breakingbad.gd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 07:08:49 GMT","end":"Sun, 26 Apr 2026 08:07:30 GMT"},"fingerprint":{"sha1":"D9:A3:2B:7B:F9:5D:41:44:EA:13:89:C3:4F:5C:3B:7E:3E:F6:3D:17","sha256":"E6:A3:C1:DF:74:B6:73:BE:F5:34:9C:EA:EF:F7:89:51:34:06:6B:47:C0:4E:A7:7A:AC:10:65:A1:50:1D:0A:FC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: breakingbad.gd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Feb 2026 21:05:27 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, must-revalidate, private\r\npragma: no-cache\r\nexpires: 0\r\nlast-modified: Sun, 01 Feb 2026 06:12:21 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vuR4Qg4qD2GZ5jchGUdO7RYAb3yaBeXReElR0h%2B5ISwI8yq01ZRa48gKRECx4mmLBsOfGfxJnpm0JJBSa%2Faa9Bakdf%2BZJ313PWL5%2Bg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9c9d9b118a70568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8143,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"3d6190828a27721194cbf5fc54919a6a","sha1":"60f02ad2965ece9bbae1defd446129f899f73d07","sha256":"2003c0a625b0e06d6f85285e965441b669b52fc0c58cbfb0a43d61d5857e2440","sha512":"5a38e5b67468cfd6c24a6398f740ed956fa8f769e5015db2c51f6572f73588a5c7c29b14ec7855667f3f1f0267a33cd22f279c70f60db729b0fb58c26f2cc11d","ssdeep":"96:WRDHUUqPOUqyh3/aPnRziSPjyw0d0cRN4CZZAmlRae8PQ2SJWhbBQN:WRLUxGxyZCP9iSP6brA1tQN","tlshash":"d6f11aa4d4fa59b32167c4e6b5e29f9f7ed0e603c69a150472ec0be90fa3cc2c917009","first_seen":"2026-02-06T20:58:49.726826Z","last_seen":"2026-02-06T21:05:50.434Z","times_seen":2,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":19,"dns":5,"connect":1,"send":0,"wait":114,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"breakingbad.gd/bot-avatar.jpg","fqdn":"breakingbad.gd","domain":"breakingbad.gd","tld":"gd"},"ip":{"addr":"104.21.43.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://breakingbad.gd/","date":"2026-02-06T21:05:27.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"breakingbad.gd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 07:08:49 GMT","end":"Sun, 26 Apr 2026 08:07:30 GMT"},"fingerprint":{"sha1":"D9:A3:2B:7B:F9:5D:41:44:EA:13:89:C3:4F:5C:3B:7E:3E:F6:3D:17","sha256":"E6:A3:C1:DF:74:B6:73:BE:F5:34:9C:EA:EF:F7:89:51:34:06:6B:47:C0:4E:A7:7A:AC:10:65:A1:50:1D:0A:FC"}}},"request":{"raw":"GET /bot-avatar.jpg HTTP/1.1\r\nHost: breakingbad.gd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://breakingbad.gd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, must-revalidate, private\r\npragma: no-cache\r\nexpires: 0\r\naccept-ranges: bytes\r\nlast-modified: Sun, 01 Feb 2026 05:25:19 GMT\r\netag: W/\"1a045-19c17a9a5d1\"\r\ncontent-type: image/jpeg\r\npriority: u=4,i=?0\r\ndate: Fri, 06 Feb 2026 21:05:27 GMT\r\ncontent-length: 106565\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O0tcJQFTr%2Bo25FS32l2VgrT8dhPLRW7W79O46S3dMB8H6ozTsclobM95kBe1KipKdGftnDuTWYEC6WwL%2BpvHZWBGRSUsFwXWajj%2BS3k2\"}]}\r\ncf-ray: 9c9d9b1408a8b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":106565,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 640x640, components 3","md5":"c77cfdff2f0b3e3405cdd6e33e362bd2","sha1":"06bb4a261ec5b78c958d62c897dc9c18765f7caf","sha256":"6e5bd8d7984e6883ad9f051c6a3a57c06012729ffd8efd55eb4fe20d56e18977","sha512":"ff3499adbf07457a3bfc0230da9cda6664043515faaf571427a325db87b771675c8f30a896edc47cf99978d8bd132c11cbfc7402288f21f9d118948afda9809d","ssdeep":"3072:7wPNO65NVs3CvzfrUlVo35Tm0+h9ndD1KLmKj1Yb:7wPN1OS7IE35Tm00d1KKKY","tlshash":"03a312447c62a5eef05c0ef8c0f5b339ad65f922fa591a8bcfd8961b8297141c885638","first_seen":"2026-02-06T20:58:49.721958Z","last_seen":"2026-02-06T21:05:50.43494Z","times_seen":2,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"breakingbad.gd/app.js?v=mlbdjv30_8ws","fqdn":"breakingbad.gd","domain":"breakingbad.gd","tld":"gd"},"ip":{"addr":"104.21.43.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://breakingbad.gd/","date":"2026-02-06T21:05:28.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"breakingbad.gd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 07:08:49 GMT","end":"Sun, 26 Apr 2026 08:07:30 GMT"},"fingerprint":{"sha1":"D9:A3:2B:7B:F9:5D:41:44:EA:13:89:C3:4F:5C:3B:7E:3E:F6:3D:17","sha256":"E6:A3:C1:DF:74:B6:73:BE:F5:34:9C:EA:EF:F7:89:51:34:06:6B:47:C0:4E:A7:7A:AC:10:65:A1:50:1D:0A:FC"}}},"request":{"raw":"GET /app.js?v=mlbdjv30_8ws HTTP/1.1\r\nHost: breakingbad.gd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://breakingbad.gd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, must-revalidate, private\r\npragma: no-cache\r\nexpires: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sun, 01 Feb 2026 05:35:57 GMT\r\netag: W/\"9930-19c17b361bc\"\r\ncontent-type: text/javascript; charset=utf-8\r\npriority: u=3,i=?0\r\ndate: Fri, 06 Feb 2026 21:05:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x4%2FGYmgz3ZrKQOdWzSYPcvTAEmwfi9ByA%2FR6U7XWMSwA8PEKhCpbgD7CGe2G6NYNlSiTF95aUj3pIi126A2%2FRUAddfHFpHaW8Dhypdmy\"}]}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\ncf-ray: 9c9d9b1b79dbb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39216,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"e845cc6da21d3cfb1bbae6aac06a266d","sha1":"a8e16dc6c1a39e24a869358783f5a09008ca1a0c","sha256":"1986b7c0254074eb8ee39287266fe9f6fbb73c6b73a3f5b3e1771dac76418d2e","sha512":"82444f23c4565ba13603325557142bb705d9f1e90e6a690ac63c7b87b4ac511422493e9d9ce94e97ca601fd49fa0e92ae629a7a1b96d924e584a3502d7da640e","ssdeep":"384:o/B3WTnCq2QUkQqiQqPCqkFGZro6VClGO4ZGaX2ab5upnCeloZeKJDcTucYT5y5Z:okMxo6VkG6GuAe2V4/6V4","tlshash":"a703b658b4fb0530417ba0ba33efa6597aa440037566dd8178dc894c2fe1e91d6fbacc","first_seen":"2026-02-06T20:58:49.731429Z","last_seen":"2026-02-06T21:05:50.435892Z","times_seen":2,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"breakingbad.gd/favicon.ico","fqdn":"breakingbad.gd","domain":"breakingbad.gd","tld":"gd"},"ip":{"addr":"104.21.43.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://breakingbad.gd/","date":"2026-02-06T21:05:29.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"breakingbad.gd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 07:08:49 GMT","end":"Sun, 26 Apr 2026 08:07:30 GMT"},"fingerprint":{"sha1":"D9:A3:2B:7B:F9:5D:41:44:EA:13:89:C3:4F:5C:3B:7E:3E:F6:3D:17","sha256":"E6:A3:C1:DF:74:B6:73:BE:F5:34:9C:EA:EF:F7:89:51:34:06:6B:47:C0:4E:A7:7A:AC:10:65:A1:50:1D:0A:FC"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: breakingbad.gd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://breakingbad.gd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, must-revalidate, private\r\npragma: no-cache\r\nexpires: 0\r\ncontent-security-policy: default-src 'none'\r\nx-content-type-options: nosniff\r\ncontent-type: text/html; charset=utf-8\r\npriority: u=6,i=?0\r\ndate: Fri, 06 Feb 2026 21:05:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dvz97YfIHdpYkw0ZT2mZCzWVO4hmdyGD92e97%2FhUZgmealGs2X%2FZwTGFbmbgPlV0zJy%2Bn83am9IFndlFzpPh02IeZh6RPaZ8nHdf9%2BXY\"}]}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c9d9b1c79edb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"84241342d84ac29592a5d9516f8edf7f","sha1":"03c53980e18e17625f439c20e7d438f066202428","sha256":"6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c","sha512":"7509483335c7a30365f7f403098491ac0b44fffcc68a5cdacb86ec191f02dbda5b16a20a09e924b6a29ac938578d43bacb9a50115db5c5668ea27fe1811bd530","ssdeep":"","tlshash":"34c08c9e140012010b2087042ac1326464973b992de685006a87e027ece8a1ad987288","first_seen":"2023-04-05T13:59:49Z","last_seen":"2026-06-06T11:44:37.408886Z","times_seen":7216,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"breakingbad.gd/api/products","fqdn":"breakingbad.gd","domain":"breakingbad.gd","tld":"gd"},"ip":{"addr":"104.21.43.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://breakingbad.gd/","date":"2026-02-06T21:05:29.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"breakingbad.gd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 07:08:49 GMT","end":"Sun, 26 Apr 2026 08:07:30 GMT"},"fingerprint":{"sha1":"D9:A3:2B:7B:F9:5D:41:44:EA:13:89:C3:4F:5C:3B:7E:3E:F6:3D:17","sha256":"E6:A3:C1:DF:74:B6:73:BE:F5:34:9C:EA:EF:F7:89:51:34:06:6B:47:C0:4E:A7:7A:AC:10:65:A1:50:1D:0A:FC"}}},"request":{"raw":"GET /api/products HTTP/1.1\r\nHost: breakingbad.gd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://breakingbad.gd/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, must-revalidate, private\r\npragma: no-cache\r\nexpires: 0\r\ncontent-type: application/json; charset=utf-8\r\npriority: u=4,i=?0\r\netag: W/\"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w\"\r\ndate: Fri, 06 Feb 2026 21:05:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RjyGc%2FUv3H7DePRi2wkvLm8Yt72ZKvY6URDqEzQSFkZOxCgEJTIojcEIrg3bnV0ddy24BaO3xbJa%2BoxU1mUvsBeg7DHZVPzu%2BUZXZJAp\"}]}\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c9d9b1c89eeb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d751713988987e9331980363e24189ce","sha1":"97d170e1550eee4afc0af065b78cda302a97674c","sha256":"4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945","sha512":"b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af","ssdeep":"","tlshash":"c7100000000000000000000000000000000003000000c0000000000000000000000000","first_seen":"2023-03-08T00:02:47Z","last_seen":"2026-06-06T12:11:54.737603Z","times_seen":290098,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}