{"report_id":"6865d2ba-2c30-4e00-9ab1-3da7bf8c3baa","version":6,"status":"done","tags":[],"date":"2025-12-31T07:04:56Z","url":{"schema":"http","addr":"maha222pro.online","fqdn":"maha222pro.online","domain":"maha222pro.online","tld":"online"},"ip":{"addr":"104.21.71.196","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"maha222pro.online/","fqdn":"maha222pro.online","domain":"maha222pro.online","tld":"online"},"title":"MAHA222PRO : Bandar Slot Online Deposit Anti Ribet Main Bentar Langsung Wede","dom":{"size":26567,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6883)","md5":"273fce9a1d94beca2413c3b15c526728","sha1":"371b6acd26189c37e9c8a990f0355fe00ec82a2c","sha256":"1340b1e1a6ccb8b4a0acb185f2fae389ffbbce523991b4c4cdd4a732e8c0a5d6","sha512":"3d405c01426e07512472172570e37af4adad503198374ab4022aa2abb6fa322e073bc97dadf7fb95343316204cfb671c0d5e3b91df7663f4ffc49cefd2a27745","ssdeep":"384:VW0A3Xc5F4g5A4WR2vUFxHG/MnptJ2oZDMtkhaAfAdLkoWFteA+WSEC+:VWk5F4g5A4WR2vl4JpD4jMAWF86","tlshash":"1fc24153a588619d6113c31284d1fb7f3d39d8038a364d2af65d3baccf95a86ba3350e","dom_hash":"domhashe79e7027df9c2bfa41309a15aea10800","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"maha222pro.online","fqdn":"maha222pro.online","domain":"maha222pro.online","tld":"online"},"ip":{"addr":"104.21.71.196","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-04T07:04:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"selerarumahan.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"selerarumahan.edgeone.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.ampproject.org","ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2015-08-31","domain_rank":3289,"first_seen":"2015-10-09T04:27:01Z","last_seen":"2025-12-29T04:06:58.325492Z","alert_count":0,"request_count":3,"received_data":309860,"sent_data":1272,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"maha222pro.online","ip":{"addr":"172.67.148.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-29","domain_rank":0,"first_seen":"2025-12-31T07:04:57.089128Z","last_seen":"2025-12-31T07:04:57.089128Z","alert_count":0,"request_count":3,"received_data":1190567,"sent_data":1370,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-28T22:17:10.032556Z","alert_count":0,"request_count":1,"received_data":17441,"sent_data":436,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"selerarumahan.edgeone.dev","ip":{"addr":"43.174.247.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2025-06-09","domain_rank":0,"first_seen":"2025-12-25T07:25:37.309743Z","last_seen":"2025-12-25T07:25:37.309743Z","alert_count":4,"request_count":2,"received_data":218356,"sent_data":822,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8059fb84783c3f43b7b5b66a3883bcb6","sha1":"335cfb79c7c772225bc9a0a0d17d5d435e30a247","sha256":"977e140b62a9228c0815a6ce26e63df7def2817315581cb3e29c52a9d5959754","sha512":"2a0c05b24ac683756cc15e857c5445e62aa1f00134e8fa0f0c966510b1ec778a4570ab2c09dd2791a8a769f36c64a304fc816228fb54367af99657f3c49bb385","ssdeep":"3072:j4UQbNOu6mF8g8aLymSt85Li48lnQYxQEnswf2l3sVsmgQ:j4UQbNOu6mFTLs8f8lnQebsw+l3sVsg","tlshash":"db54839db296b0764793b074803f150aa33ba855240a812cf56de9d67cbcd8ea137f7c","size":284545,"data":"","first_seen":"2025-10-21T18:06:54.94219Z","last_seen":"2026-01-06T14:38:02.926695Z","times_seen":1886,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-auto-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"36e68547fd31649fcac8856096da5e94","sha1":"cfa28bfde148c37cd6b94329ab7f8c1140625d5c","sha256":"5b870594007123f179856f463a72e0a31eb2e005acbb719cf9d56c242927547e","sha512":"3ce62d0c066399122ce7defb585fc4de3c39a02daba060cc9c03a9326e5ee8ef0f4a8d46f14e5f1f7b319944cee0d1c7c3ef2dcc08091a517f3c10b12bf46486","ssdeep":"96:+KoAosPGpz3pMDc0jxAMhG0mj1hVXxSZ4tqSKN0OV0TjLRkiGj0ldmq43bDjHI:+Kqswz3pv0jxAyCPX/tqKyWp4M0rDTI","tlshash":"9ef196dc7ac2f83a5757b4b780af414fa23bb94624ad9120d120f4d83cb995ed623e5c","size":7812,"data":"","first_seen":"2025-10-21T18:06:54.954761Z","last_seen":"2026-01-17T06:31:39.884543Z","times_seen":1718,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-loader-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a87e2cce7117be00fc8129abfc72b1a1","sha1":"26d9bc2bbbd56217163ec1ccf05a4b4698e5c11a","sha256":"f65efecffe50465d1ffa59d289200cb42ae6115fac8232946635cedf4dd241ef","sha512":"d9232a321d406c6d15a92fcfb3266ab1a049fee6099c19fb010ee7913e2d6c1a65868a2f529ffca06dfb96b312a78429b07c3a5bd56b14f53199ce88af09a458","ssdeep":"192:8fQHMOgzKBbnnRrVGjoPGlxrO2tHxg7HzMb5F4g5A4WR2vN:20g2BbnnHUgTzMb5F4g5A4WR2vN","tlshash":"d042a424a54be2ac530341b484fab94a757ecd4fb8104035f0118ededf99e48bd7ba6e","size":12729,"data":"","first_seen":"2025-10-21T18:07:40.626035Z","last_seen":"2026-01-17T06:31:39.878615Z","times_seen":1395,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-auto-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://maha222pro.online/","date":"2025-12-31T07:04:35.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:50:23 GMT","end":"Wed, 25 Feb 2026 15:50:22 GMT"},"fingerprint":{"sha1":"8C:22:B0:36:FF:44:17:0C:D7:23:B5:FF:95:73:C9:21:89:15:5B:A8","sha256":"89:0D:D4:C7:A7:53:0B:46:DA:82:A1:15:39:BB:C8:3D:D7:5E:B7:2D:B4:21:52:28:84:00:82:ED:48:91:43:A1"}}},"request":{"raw":"GET /rtv/012510081644000/v0/amp-auto-lightbox-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://maha222pro.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 2976\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 27 Dec 2025 10:57:50 GMT\r\nexpires: Sun, 27 Dec 2026 10:57:50 GMT\r\ncache-control: public, max-age=31536000\r\nage: 331605\r\netag: \"9215b9e0dcad338a\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7812,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7690)","md5":"36e68547fd31649fcac8856096da5e94","sha1":"cfa28bfde148c37cd6b94329ab7f8c1140625d5c","sha256":"5b870594007123f179856f463a72e0a31eb2e005acbb719cf9d56c242927547e","sha512":"3ce62d0c066399122ce7defb585fc4de3c39a02daba060cc9c03a9326e5ee8ef0f4a8d46f14e5f1f7b319944cee0d1c7c3ef2dcc08091a517f3c10b12bf46486","ssdeep":"96:+KoAosPGpz3pMDc0jxAMhG0mj1hVXxSZ4tqSKN0OV0TjLRkiGj0ldmq43bDjHI:+Kqswz3pv0jxAyCPX/tqKyWp4M0rDTI","tlshash":"9ef196dc7ac2f83a5757b4b780af414fa23bb94624ad9120d120f4d83cb995ed623e5c","first_seen":"2025-10-21T18:06:54.954761Z","last_seen":"2026-01-17T06:31:39.884543Z","times_seen":1718,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maha222pro.online/","fqdn":"maha222pro.online","domain":"maha222pro.online","tld":"online"},"ip":{"addr":"172.67.148.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T07:04:33.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"maha222pro.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 17:37:35 GMT","end":"Sun, 29 Mar 2026 18:36:22 GMT"},"fingerprint":{"sha1":"69:BC:79:B3:81:CD:C0:01:B1:17:F3:FF:F4:C3:1E:96:AB:FC:BB:10","sha256":"3C:4B:AE:4A:F3:D7:03:B3:C1:B2:CD:EE:CC:B6:83:41:F4:C5:64:BC:BF:AF:60:30:A1:30:E7:C6:BA:56:7D:4A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: maha222pro.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 31 Dec 2025 07:04:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 30 Dec 2025 04:18:20 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-permitted-cross-domain-policies: master-only\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cjUzcDaj6X43qVvmoS1PfffLSXXoYBHst3%2BJAJXBE7dE4y%2FsxuI0%2FarhrecJvjMXHRzqckgFxxu43lWIe58ZYEpJRCqKtaMxlYjPjwIP1Q%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b67ec6c3998712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]}],"data":{"size":11665,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (767), with CRLF line terminators","md5":"18048d3a5d8376ce4606c9e75a9b4c27","sha1":"37f214d864202ab26884d652a3cae0e8371b7d9d","sha256":"e8c5609090af8aed30530b0b9536f109eebfd9ade8e00b4daecd511b7c8b22a1","sha512":"670314af33f5cc70c5e549d270fcc35d51a15e0fe9475309d98b28d2deb3370f3f059f92b773375c18bd43fbe1b98e1ce667bd03f5233a8e1020ef44ad0c5127","ssdeep":"192:BeakrI/5pND3pl/j/ieJ+JyNh7HWp/6JUvNfO6ypbFQuogyGPPdMHglqaMQyz+JJ:BeLrI/5pNXdUJU6vo/7K+Jss5","tlshash":"7432a8614542601a6333c4819352a62dea6a9003cf0b561977fd33bbeff1d99da33e9c","first_seen":"2025-12-31T07:05:04.649297Z","last_seen":"2025-12-31T07:05:04.649297Z","times_seen":1,"resource_available":false,"data":null}},"time_used":755,"timings":{"blocked":94,"dns":70,"connect":1,"send":0,"wait":568,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://maha222pro.online/","date":"2025-12-31T07:04:34.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Roboto:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 31 Dec 2025 07:04:34 GMT\r\ndate: Wed, 31 Dec 2025 07:04:34 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"29f45de742f030761fe05d6c7ae7e993","sha1":"895c7dfcc456ee596b5d231edf89672f0dc87631","sha256":"debc0e6a77968e929d8f44cf60feb4856f66ccdc05677a54f3dcd14cc8a1d0bd","sha512":"d78e7b55c690fd186433829030e71a42e15d55dda2677bd29ad874f5bebaeedfe18d2f0bdfb8e828c1da502f43cbc117db7e1ef488814e3c3a88376756def47e","ssdeep":"384:8KfMK1KWK6KyhK/qY4XKNKtKiKfDKOKdKBKyaK/qY4QKGKmK4KfdKkKDK3KyQK/9:8TcfFBhiEymDcTYeBai75tdmtC0BQiVb","tlshash":"7f7210a1041750009b834ce223cebf35fe1f52117142d0b5abfdab6b9dcbc66526935d","first_seen":"2025-11-19T00:03:18.438435Z","last_seen":"2026-02-19T19:35:42.295945Z","times_seen":2829,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":99,"dns":1,"connect":23,"send":0,"wait":33,"receive":0,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maha222pro.online/background.jpg","fqdn":"maha222pro.online","domain":"maha222pro.online","tld":"online"},"ip":{"addr":"172.67.148.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://maha222pro.online/","date":"2025-12-31T07:04:35.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"maha222pro.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 17:37:35 GMT","end":"Sun, 29 Mar 2026 18:36:22 GMT"},"fingerprint":{"sha1":"69:BC:79:B3:81:CD:C0:01:B1:17:F3:FF:F4:C3:1E:96:AB:FC:BB:10","sha256":"3C:4B:AE:4A:F3:D7:03:B3:C1:B2:CD:EE:CC:B6:83:41:F4:C5:64:BC:BF:AF:60:30:A1:30:E7:C6:BA:56:7D:4A"}}},"request":{"raw":"GET /background.jpg HTTP/1.1\r\nHost: maha222pro.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://maha222pro.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 31 Dec 2025 07:04:35 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 30 Dec 2025 04:18:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6953528d-77021\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uSSqdKxHBOwCp%2BW7JukIl9kbzHh5cVWbo%2FUgFeqyJ7NWxm6EtJ%2BfTAs2Jbv2KZkdlfdwHAUBIQlKSkGWtnWvzUgFQiTsjibYNsqC%2BnTqew%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b67ec744e2456c7-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":487457,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2460x4096, components 3","md5":"55ec4df5ef95362aac6db4a82d612a77","sha1":"4056b65cfa9ec2de91e78dc3c5916a4a5563f712","sha256":"4040b291286fb4de7b35e9930d544b103c856d6d32a8b617a83b052c721ac3a6","sha512":"7083b92b6f6d1ff4f57b456c137229689a4f64b14e1d3e8285f0ead08483fbef4e7ab37c758408a322519ef459f3cb2dc841476825c853ed66c1c31be826a042","ssdeep":"12288:bGuLDJd3lL202c/Wr8No2CNTg6oPaW6r9q5V8mL3xfDH:b7RU07/i8Svg6oe5qbZJDH","tlshash":"4da4232be282e63be85cfa343db203d73563dd98d1556e341bbe349d246a904b297c0d","first_seen":"2025-12-31T07:05:04.651291Z","last_seen":"2026-01-21T01:50:37.18423Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1812,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":677,"receive":1135,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-loader-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://maha222pro.online/","date":"2025-12-31T07:04:35.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:50:23 GMT","end":"Wed, 25 Feb 2026 15:50:22 GMT"},"fingerprint":{"sha1":"8C:22:B0:36:FF:44:17:0C:D7:23:B5:FF:95:73:C9:21:89:15:5B:A8","sha256":"89:0D:D4:C7:A7:53:0B:46:DA:82:A1:15:39:BB:C8:3D:D7:5E:B7:2D:B4:21:52:28:84:00:82:ED:48:91:43:A1"}}},"request":{"raw":"GET /rtv/012510081644000/v0/amp-loader-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://maha222pro.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 3937\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 27 Dec 2025 10:55:43 GMT\r\nexpires: Sun, 27 Dec 2026 10:55:43 GMT\r\ncache-control: public, max-age=31536000\r\nage: 331732\r\netag: \"a1ee3895c747c6e2\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12729,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (12614)","md5":"a87e2cce7117be00fc8129abfc72b1a1","sha1":"26d9bc2bbbd56217163ec1ccf05a4b4698e5c11a","sha256":"f65efecffe50465d1ffa59d289200cb42ae6115fac8232946635cedf4dd241ef","sha512":"d9232a321d406c6d15a92fcfb3266ab1a049fee6099c19fb010ee7913e2d6c1a65868a2f529ffca06dfb96b312a78429b07c3a5bd56b14f53199ce88af09a458","ssdeep":"192:8fQHMOgzKBbnnRrVGjoPGlxrO2tHxg7HzMb5F4g5A4WR2vN:20g2BbnnHUgTzMb5F4g5A4WR2vN","tlshash":"d042a424a54be2ac530341b484fab94a757ecd4fb8104035f0118ededf99e48bd7ba6e","first_seen":"2025-10-21T18:07:40.626035Z","last_seen":"2026-01-17T06:31:39.878615Z","times_seen":1395,"resource_available":true,"data":null}},"time_used":85,"timings":{"blocked":55,"dns":1,"connect":0,"send":0,"wait":27,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"selerarumahan.edgeone.dev/favicon.png","fqdn":"selerarumahan.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.247.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://maha222pro.online/","date":"2025-12-31T07:04:35.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: selerarumahan.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 03 Dec 2025 08:49:20 GMT\r\nEtag: \"5cd99dd5efdce055e975b480e436465c\"\r\nContent-Type: image/png\r\nAge: 2393112\r\nContent-Length: 108787\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Wed, 31 Dec 2025 07:04:36 GMT\r\nEO-LOG-UUID: 15206891698784319956\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":108787,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 241, 8-bit/color RGBA, non-interlaced","md5":"5cd99dd5efdce055e975b480e436465c","sha1":"42ab2da3e356aeab46a15a1e3768724bef7b3429","sha256":"ec945759c9581caaaa9abfd3448c588ef4a51e123f48f4955463d260faa6c9fc","sha512":"221c0cd462d23c8b360fa25886e739a2f96e5faa194bc1a2b359e82a0e096fce2f9edb8761fe74b078be09ceb68445dcb3b1ea75649922cc695127f83e649ce9","ssdeep":"3072:FstuvRyBTHIpaaRLoQI8qmbb37IkeFfsQeTL:Oo4BTopFoQnqyLcstTL","tlshash":"c0b31273d9b50118952a8eb213d9e4fc72e3d2f88369469e0f221d6c32dfe1c4b457a6","first_seen":"2025-06-08T12:59:17.189844Z","last_seen":"2026-01-18T12:46:20.619832Z","times_seen":11,"resource_available":false,"data":null}},"time_used":2026,"timings":{"blocked":992,"dns":276,"connect":17,"send":0,"wait":20,"receive":33,"ssl":677},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"selerarumahan.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"selerarumahan.edgeone.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"maha222pro.online/banner.jpg","fqdn":"maha222pro.online","domain":"maha222pro.online","tld":"online"},"ip":{"addr":"172.67.148.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://maha222pro.online/","date":"2025-12-31T07:04:35.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"maha222pro.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 17:37:35 GMT","end":"Sun, 29 Mar 2026 18:36:22 GMT"},"fingerprint":{"sha1":"69:BC:79:B3:81:CD:C0:01:B1:17:F3:FF:F4:C3:1E:96:AB:FC:BB:10","sha256":"3C:4B:AE:4A:F3:D7:03:B3:C1:B2:CD:EE:CC:B6:83:41:F4:C5:64:BC:BF:AF:60:30:A1:30:E7:C6:BA:56:7D:4A"}}},"request":{"raw":"GET /banner.jpg HTTP/1.1\r\nHost: maha222pro.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://maha222pro.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 31 Dec 2025 07:04:36 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 30 Dec 2025 04:18:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6953528d-a8415\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rto4aB5%2FCF9RTDUXCH1PootIMdfZOWbliFOzJwqG9nmOzwHs1nw61mXAFA88Mf6ZqpAsDwYENTCAifA5DXOLV5R25oxGWYh35EZwpN1ciw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b67ec752e2756c7-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":689173,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1080x1080, components 3","md5":"193216c93072799d4d0a14b1cc1eede0","sha1":"4b21992cc674745ad36b3fd1b26e47cb00800b3d","sha256":"51f89d872f6a06cc3ead568db12c079765cb5e4b462440853c02f94b5b5fce7c","sha512":"fb94bf935415b4b25e2175c72dbc39cfcf880e584b611350f8bffcdda7162d6f4c28a438b49856e4f9038a6de7429e6dfe2a4b3cdfa3ac756f999b581f07dc65","ssdeep":"12288:MTz7fd6iY/1aMnV51vCuTe68/bJzloYeUREtqAAOa5RwVmeUje:MTz7f8CMnn1xwNGBUREq/OaTimy","tlshash":"39e42339b422bb2123151ba4b4835d2e5e1c93ba9588b3d5320ddc48f7de1a18db42fe","first_seen":"2025-12-31T07:05:04.653371Z","last_seen":"2025-12-31T07:05:04.653371Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1855,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":651,"receive":1203,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://maha222pro.online/","date":"2025-12-31T07:04:34.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:50:23 GMT","end":"Wed, 25 Feb 2026 15:50:22 GMT"},"fingerprint":{"sha1":"8C:22:B0:36:FF:44:17:0C:D7:23:B5:FF:95:73:C9:21:89:15:5B:A8","sha256":"89:0D:D4:C7:A7:53:0B:46:DA:82:A1:15:39:BB:C8:3D:D7:5E:B7:2D:B4:21:52:28:84:00:82:ED:48:91:43:A1"}}},"request":{"raw":"GET /v0.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 73132\r\ndate: Wed, 31 Dec 2025 07:04:34 GMT\r\nexpires: Wed, 31 Dec 2025 07:04:34 GMT\r\ncache-control: private, max-age=3000, stale-while-revalidate=1206600\r\netag: \"b52f38ef99ad402e\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":284545,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64627)","md5":"8059fb84783c3f43b7b5b66a3883bcb6","sha1":"335cfb79c7c772225bc9a0a0d17d5d435e30a247","sha256":"977e140b62a9228c0815a6ce26e63df7def2817315581cb3e29c52a9d5959754","sha512":"2a0c05b24ac683756cc15e857c5445e62aa1f00134e8fa0f0c966510b1ec778a4570ab2c09dd2791a8a769f36c64a304fc816228fb54367af99657f3c49bb385","ssdeep":"3072:j4UQbNOu6mF8g8aLymSt85Li48lnQYxQEnswf2l3sVsmgQ:j4UQbNOu6mFTLs8f8lnQebsw+l3sVsg","tlshash":"db54839db296b0764793b074803f150aa33ba855240a812cf56de9d67cbcd8ea137f7c","first_seen":"2025-10-21T18:06:54.94219Z","last_seen":"2026-01-06T14:38:02.926695Z","times_seen":1886,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":102,"dns":0,"connect":21,"send":0,"wait":33,"receive":37,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"selerarumahan.edgeone.dev/favicon.png","fqdn":"selerarumahan.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.247.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://maha222pro.online/","date":"2025-12-31T07:04:35.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: selerarumahan.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 03 Dec 2025 08:49:20 GMT\r\nEtag: \"5cd99dd5efdce055e975b480e436465c\"\r\nContent-Type: image/png\r\nAge: 2393111\r\nContent-Length: 108787\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Wed, 31 Dec 2025 07:04:35 GMT\r\nEO-LOG-UUID: 10615003614291304955\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":108787,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 241, 8-bit/color RGBA, non-interlaced","md5":"5cd99dd5efdce055e975b480e436465c","sha1":"42ab2da3e356aeab46a15a1e3768724bef7b3429","sha256":"ec945759c9581caaaa9abfd3448c588ef4a51e123f48f4955463d260faa6c9fc","sha512":"221c0cd462d23c8b360fa25886e739a2f96e5faa194bc1a2b359e82a0e096fce2f9edb8761fe74b078be09ceb68445dcb3b1ea75649922cc695127f83e649ce9","ssdeep":"3072:FstuvRyBTHIpaaRLoQI8qmbb37IkeFfsQeTL:Oo4BTopFoQnqyLcstTL","tlshash":"c0b31273d9b50118952a8eb213d9e4fc72e3d2f88369469e0f221d6c32dfe1c4b457a6","first_seen":"2025-06-08T12:59:17.189844Z","last_seen":"2026-01-18T12:46:20.619832Z","times_seen":11,"resource_available":false,"data":null}},"time_used":673,"timings":{"blocked":-1,"dns":414,"connect":18,"send":0,"wait":19,"receive":34,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"selerarumahan.edgeone.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"selerarumahan.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}