{"report_id":"1e3e0f73-550c-4a0e-90bb-c5f4a16464ed","version":0,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-06-08T13:34:00Z","url":{"schema":"http","addr":"regulatory-review.com","fqdn":"regulatory-review.com","domain":"regulatory-review.com","tld":"com"},"ip":{"addr":"91.92.241.250","port":0,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"regulatory-review.com/","fqdn":"regulatory-review.com","domain":"regulatory-review.com","tld":"com"},"title":"DocuSign - Download to View Document","dom":{"size":10777,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3308)","md5":"cb87d1f6cc1e02cf0e2a8252d28ac8d4","sha1":"b10980c0ee4fc54a7164fdb4bf5342334a3560f5","sha256":"61eee50ebea1c00f1e7244e3cfa43d88d47173682a41c5670b06068a570de857","sha512":"04e4d78825ba6189391abb43f26bfdefbe80bfc02fc03492b1d896348a9e0e5705f81587f4a1495a5363be71233f1c4de8b128f2d68775dc4b5a6c43819eb19e","ssdeep":"192:Br+S2fsVcz3yNjM1P9esMiJQIQwRPep6kU+RvVa2HMp6T6ua5EA+lIn3ZarWm0pR:BrbZU4vVa2sua5EA+l+aCm0yy","tlshash":"7522e68746b34236180aa1acaba736003027c01bf575fef47e9e4544df4ead4a8977de","dom_hash":"domhashbe3c99d69d175da70383f0eec89f48bd","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"regulatory-review.com","fqdn":"regulatory-review.com","domain":"regulatory-review.com","tld":"com"},"ip":{"addr":"91.92.241.250","port":0,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-13T13:34:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-08","alert":"Detects file containing Telegram Bot API","trigger":"regulatory-review.com/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"regulatory-review.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"regulatory-review.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"regulatory-review.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"regulatory-review.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"i.ibb.co","ip":{"addr":"45.43.142.8","port":443,"asn":215751,"as":"Mikhail Fedorov","country":"Israel","country_code":"IL"},"domain_registered":"2010-07-20","domain_rank":21643,"first_seen":"2018-11-25T10:13:48Z","last_seen":"2026-06-04T17:14:59.116895Z","alert_count":0,"request_count":1,"received_data":1169,"sent_data":546,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"regulatory-review.com","ip":{"addr":"91.92.241.250","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"domain_registered":"2026-06-04","domain_rank":0,"first_seen":"2026-06-08T13:34:00.84711Z","last_seen":"2026-06-08T13:34:00.84711Z","alert_count":6,"request_count":1,"received_data":10901,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"files.manuscdn.com","ip":{"addr":"65.9.62.67","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-02-27","domain_rank":1414307,"first_seen":"2025-03-12T08:00:03.578177Z","last_seen":"2026-06-06T20:46:26.018898Z","alert_count":0,"request_count":2,"received_data":48161,"sent_data":1224,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-07T22:22:03.23237Z","alert_count":0,"request_count":1,"received_data":10792,"sent_data":537,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-07T22:18:26.533791Z","alert_count":0,"request_count":3,"received_data":148035,"sent_data":1740,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"regulatory-review.com/","fqdn":"regulatory-review.com","domain":"regulatory-review.com","tld":"com"},"ip":{"addr":"91.92.241.250","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"md5":"009183e403b8b617f659b9c0745ff2f7","sha1":"3540385df6c8d8b1087a079b00749fa1fb2115d9","sha256":"fd95bfd23593453d4c0bd841b4b378261098a6ba04f2687a66511d328d2d43a1","sha512":"0828c928dfdeafc1c6107d0ba626fecf49c6be743f7c3da167360b4a00e5b669f5fcaa6038021cc3fba929ecaf761ef351720c8f3204a6bc0795294a6a90db8a","size":2244,"token":"8274219888:AAHv3JGiUDweqYmFZc3kj4rfoQf-Mw2WAi8","is_revoked":false,"bot":{"token":"8274219888:AAHv3JGiUDweqYmFZc3kj4rfoQf-Mw2WAi8","user_id":"8274219888","username":"hitpanel_bot","first_name":"hitpanelbot","last_name":"","chat":{"chat_id":"6650556502","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":0}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"regulatory-review.com/","fqdn":"regulatory-review.com","domain":"regulatory-review.com","tld":"com"},"ip":{"addr":"91.92.241.250","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"009183e403b8b617f659b9c0745ff2f7","sha1":"3540385df6c8d8b1087a079b00749fa1fb2115d9","sha256":"fd95bfd23593453d4c0bd841b4b378261098a6ba04f2687a66511d328d2d43a1","sha512":"0828c928dfdeafc1c6107d0ba626fecf49c6be743f7c3da167360b4a00e5b669f5fcaa6038021cc3fba929ecaf761ef351720c8f3204a6bc0795294a6a90db8a","ssdeep":"","tlshash":"c5413fdf247b4022426370aab68fa0042423e02f7d5afd5ab28cc7254f53a28d613bdd","size":2244,"data":"","first_seen":"2026-06-08T08:26:14.107975Z","last_seen":"2026-06-12T01:18:23.281884Z","times_seen":6,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-08","alert":"Detects file containing Telegram Bot API","trigger":"regulatory-review.com/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://regulatory-review.com/","date":"2026-06-08T13:33:37.642Z","timestamp":1780925617642,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:22 GMT","end":"Mon, 10 Aug 2026 18:37:21 GMT"},"fingerprint":{"sha1":"09:D4:FC:2F:81:37:26:42:91:15:6F:27:1B:72:A7:D2:1A:FC:31:72","sha256":"E9:45:95:A3:A1:F2:6E:F0:08:73:C1:35:32:67:E6:72:BB:89:C7:27:C0:8F:D7:48:6F:0A:88:7E:8B:00:2F:B9"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://regulatory-review.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 08 Jun 2026 13:33:37 GMT\r\ndate: Mon, 08 Jun 2026 13:33:37 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":1447,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-06-14T07:25:49.022329Z","times_seen":30247,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":4,"connect":16,"send":0,"wait":33,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://regulatory-review.com/","date":"2026-06-08T13:33:37.772Z","timestamp":1780925617772,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://regulatory-review.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 04 Jun 2026 01:46:47 GMT\r\nexpires: Fri, 04 Jun 2027 01:46:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 388010\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-14T07:30:07.093477Z","times_seen":210286,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":16,"dns":0,"connect":0,"send":0,"wait":31,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i.ibb.co/yF35Jv2Q/docu-ico.png","fqdn":"i.ibb.co","domain":"ibb.co","tld":"co"},"ip":{"addr":"45.43.142.8","port":443,"asn":215751,"as":"Mikhail Fedorov","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://regulatory-review.com/","date":"2026-06-08T13:33:38.053Z","timestamp":1780925618053,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ibb.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 08:46:45 GMT","end":"Tue, 14 Jul 2026 08:46:44 GMT"},"fingerprint":{"sha1":"AB:FE:0C:54:E2:24:E0:D9:B7:F9:DC:18:02:C9:05:26:34:63:E8:65","sha256":"F0:A7:95:74:CF:C2:BC:7A:69:1D:6A:03:47:B4:D3:2A:76:24:DE:28:F8:31:95:41:B2:F8:86:C9:B3:F8:E3:01"}}},"request":{"raw":"GET /yF35Jv2Q/docu-ico.png HTTP/1.1\r\nHost: i.ibb.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://regulatory-review.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: openresty\r\ndate: Mon, 08 Jun 2026 13:33:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 1031\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1031,"size_decoded":1169,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 4-bit colormap, non-interlaced","md5":"7325e2012a6cf941a6ea14f0061ff764","sha1":"0d2ba63e280b979a98bc431bec8a7af985578769","sha256":"63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69","sha512":"602ab2e43f39d22edc6368f8c82cac6f7ffd2120f5eecaf7b129381044452c3c29ab88befada1ca789604ffaa180ac5f6776f4132b4aa648baf962add500d7b6","ssdeep":"","tlshash":"bb11d812ade29148cbdba42513e363a00e4419be1411a221e614a72e5bd8284764f319","first_seen":"2023-05-01T10:28:56Z","last_seen":"2026-06-14T05:59:56.796637Z","times_seen":2924,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":0,"dns":57,"connect":22,"send":0,"wait":24,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"regulatory-review.com/","fqdn":"regulatory-review.com","domain":"regulatory-review.com","tld":"com"},"ip":{"addr":"91.92.241.250","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-08T13:33:37.000Z","timestamp":1780925617000,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"regulatory-review.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Jun 2026 22:31:00 GMT","end":"Wed, 02 Sep 2026 22:30:59 GMT"},"fingerprint":{"sha1":"14:49:E4:F2:A8:DC:F0:16:DF:93:A4:44:4C:73:F0:C8:F6:F7:12:8B","sha256":"2A:0C:71:16:C6:CA:08:1D:DA:D7:2B:82:F9:05:7B:EC:D2:C8:5A:67:3E:B6:D8:8C:90:2B:85:48:21:A6:6D:D6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: regulatory-review.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nalt-svc: h3=\":443\"; ma=2592000\r\ncontent-encoding: zstd\r\ncontent-type: text/html\r\ndate: Mon, 08 Jun 2026 13:33:37 GMT\r\netag: \"6a24feed-298a\"\r\nlast-modified: Sun, 07 Jun 2026 05:17:33 GMT\r\nserver: nginx/1.31.1\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10634,"size_decoded":5221,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3308)","md5":"8bd6fb1147d99fb18c382aa7bdc1626e","sha1":"fc3571436a8677ca6f0b34b14e86b21af4d4bfba","sha256":"173fa301211b5b3b492614213c9de07245cfd0609c576adbc41794068e537b60","sha512":"0eab8caf00d426d15b72d428f39268e4213d1950b0862d6e5172084f2a4776418e5fdac9a23e518f8c0cf369e9a5ac1ad942af4b8d0b2cab8925438acd39e235","ssdeep":"192:BrBS2fsVcz3yNjM1P9esMiJQIQwRPep6kU+RvVa2HMp6T6ua5DA2lIn3ZarWz0Pn:BrSZU4vVa2sua5DA2l+aCz0P","tlshash":"0c22e58b46b34236180791ad6bb775003026c01bf468fdb47fde4544df4eae4a8967de","first_seen":"2026-06-08T08:26:14.101874Z","last_seen":"2026-06-12T01:18:23.276026Z","times_seen":6,"resource_available":true,"data":null}},"time_used":260,"timings":{"blocked":0,"dns":36,"connect":60,"send":0,"wait":62,"receive":0,"ssl":102},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-08","alert":"Detects file containing Telegram Bot API","trigger":"regulatory-review.com/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"regulatory-review.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"regulatory-review.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"regulatory-review.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"regulatory-review.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"files.manuscdn.com/user_upload_by_module/session_file/310519663393250296/dzJmWMgSMhqxTgHN.jpg","fqdn":"files.manuscdn.com","domain":"manuscdn.com","tld":"com"},"ip":{"addr":"65.9.62.67","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://regulatory-review.com/","date":"2026-06-08T13:33:37.647Z","timestamp":1780925617647,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manuscdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 28 Jan 2026 00:00:00 GMT","end":"Fri, 26 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:26:53:A4:8F:42:CA:32:56:77:AB:8D:05:F6:35:79:D5:77:6B:C5","sha256":"62:A5:BB:25:A0:6D:BC:C1:7F:C7:5B:97:44:4F:7D:57:48:3F:08:9B:73:C5:D4:BF:83:F0:3B:31:7E:4D:AC:C1"}}},"request":{"raw":"GET /user_upload_by_module/session_file/310519663393250296/dzJmWMgSMhqxTgHN.jpg HTTP/1.1\r\nHost: files.manuscdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://regulatory-review.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/jpeg\r\ncontent-length: 35594\r\nlast-modified: Mon, 30 Mar 2026 14:59:47 GMT\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 08 Jun 2026 13:33:39 GMT\r\netag: \"54b4e606a1f57df524838c9fc0fef857\"\r\nx-cache: RefreshHit from cloudfront\r\nvia: 1.1 140115c3495d5599ad031adfa66ddd1c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P4\r\nx-amz-cf-id: PJMTIN1RUBBOa6RhPqeIk9BDMDC8mb-Ik-0oDWsCaGFFQjlqiFq5cA==\r\ncache-control: max-age=31536000\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":35594,"size_decoded":36148,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 842x498, components 3","md5":"54b4e606a1f57df524838c9fc0fef857","sha1":"a801910c4e9051702ee2f4d3ac7882855bd204bc","sha256":"3d09e0f344f1f23478b42b51760f5d959fb6a507939365377eefd16e83d8128a","sha512":"54d2a79a2a5f1924173b7af5b3c19bf13131099fe1818512ffe27518e4d5e269ddd8e8c1dd5129bb23d4847852897990101b6a1b5a99bb9e72fca28b2a175848","ssdeep":"768:qwbjjjjjjjjVbbbbbbbb8bbbbbbbVm77XKttCjz1M1zFVjZwOO9rOQBzwvwmUswr:qwbjjjjjjjjbTKnzzSOYOQWvwiwQYyOJ","tlshash":"f5f2ae931844efb3962980b0e9d4b36e31918114d9dfdb61247867fba3dc29b8e6fd01","first_seen":"2024-09-25T02:41:37Z","last_seen":"2026-06-12T01:18:23.277388Z","times_seen":101,"resource_available":false,"data":null}},"time_used":573,"timings":{"blocked":78,"dns":0,"connect":8,"send":0,"wait":469,"receive":1,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"files.manuscdn.com/user_upload_by_module/session_file/310519663393250296/QoKXgNnABcjXFUkf.png","fqdn":"files.manuscdn.com","domain":"manuscdn.com","tld":"com"},"ip":{"addr":"65.9.62.67","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://regulatory-review.com/","date":"2026-06-08T13:33:37.649Z","timestamp":1780925617649,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manuscdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 28 Jan 2026 00:00:00 GMT","end":"Fri, 26 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:26:53:A4:8F:42:CA:32:56:77:AB:8D:05:F6:35:79:D5:77:6B:C5","sha256":"62:A5:BB:25:A0:6D:BC:C1:7F:C7:5B:97:44:4F:7D:57:48:3F:08:9B:73:C5:D4:BF:83:F0:3B:31:7E:4D:AC:C1"}}},"request":{"raw":"GET /user_upload_by_module/session_file/310519663393250296/QoKXgNnABcjXFUkf.png HTTP/1.1\r\nHost: files.manuscdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://regulatory-review.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncontent-length: 11460\r\nlast-modified: Mon, 30 Mar 2026 14:59:47 GMT\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 08 Jun 2026 13:33:39 GMT\r\netag: \"a74f925f8c71704166ffa3433e9b96d5\"\r\nx-cache: RefreshHit from cloudfront\r\nvia: 1.1 140115c3495d5599ad031adfa66ddd1c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P4\r\nx-amz-cf-id: ZYF2XOtOTQQ68-BEpy7qza_D-LYXuszHZ6G31hC7dGAWOp4YVwag6w==\r\ncache-control: max-age=31536000\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":11460,"size_decoded":12013,"mime_type":"image/png","magic":"PNG image data, 1107 x 391, 8-bit/color RGBA, non-interlaced","md5":"a74f925f8c71704166ffa3433e9b96d5","sha1":"e621c220c2f75d184dd3202ce6df1e586bdc3aa5","sha256":"326b79b9d1123740137a2eadd44ed4db857d8a7928f095a385fa1593526471bf","sha512":"8b75b9b327371180546e62169a7d589c671423edd606937bb4b660aaaeaeb93819ad9505a6522af0bf86c772203986bef89a85cf3bfde9c4338e1afc4e2711cc","ssdeep":"192:3S7kxV4aS6F4CzlcIGCVTuHMiCXyaOYpukk9dlfFHXvdIdTiWwB1GNHe3333333r:i7kxmAGCmCBYD5F35H1GRe","tlshash":"9b32496eef09cfa4a81a6d2077546b15fb3a97c85643d06349a16eb54f0f8338a36384","first_seen":"2025-01-14T12:40:44.080764Z","last_seen":"2026-06-12T01:18:23.27861Z","times_seen":454,"resource_available":false,"data":null}},"time_used":767,"timings":{"blocked":78,"dns":0,"connect":10,"send":0,"wait":441,"receive":0,"ssl":238},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://regulatory-review.com/","date":"2026-06-08T13:33:37.754Z","timestamp":1780925617754,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://regulatory-review.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 04 Jun 2026 01:46:47 GMT\r\nexpires: Fri, 04 Jun 2027 01:46:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 388010\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-14T07:30:07.093477Z","times_seen":210286,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":0,"dns":2,"connect":30,"send":0,"wait":19,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://regulatory-review.com/","date":"2026-06-08T13:33:37.770Z","timestamp":1780925617770,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://regulatory-review.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 04 Jun 2026 01:46:47 GMT\r\nexpires: Fri, 04 Jun 2027 01:46:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 388010\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-14T07:30:07.093477Z","times_seen":210286,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":16,"dns":0,"connect":0,"send":0,"wait":23,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}