{"report_id":"9a22804f-96d2-478c-81da-0144bb0f7a4c","version":6,"status":"done","tags":[],"date":"2026-01-02T11:27:29Z","url":{"schema":"http","addr":"prada808gcr.online/","fqdn":"prada808gcr.online","domain":"prada808gcr.online","tld":"online"},"ip":{"addr":"172.67.219.175","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"prada808gcr.online/","fqdn":"prada808gcr.online","domain":"prada808gcr.online","tld":"online"},"title":"PRADA808GCR : Platform Situs Slot Paling Nyata Memberikan Kemenangan Besar","dom":{"size":104628,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6883)","md5":"d005b5b0cabaa43dffb0bfdc96b0a5d3","sha1":"77116ef0bbc0da6f5c1c8c3e8ccf05e9d691c85a","sha256":"1d9a8077befaf128f2fd3a6ec421572a0a161e569f76d7e444126a4957b0195d","sha512":"7554c652932ea067250de41ae4cc6629bbe565516a0160062258bbb23222de119020bef59121846d088596eca6ca7aa4ce6c983057c436acd7d49691e01cc795","ssdeep":"1536:2Z5F4g5A4WR2vkqmTwfA/D29BgR+iajF5Ph:4mEfACbjF5Ph","tlshash":"e4a3a51b9652204d5807d23827e86b573338d413d62afdb5bedea780cf49680dde278e","dom_hash":"domhash6de594c89e3b473602c483580dac1038","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"prada808gcr.online/","fqdn":"prada808gcr.online","domain":"prada808gcr.online","tld":"online"},"ip":{"addr":"172.67.219.175","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-06T11:27:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"claudedexter.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"baubauindex.edgeone.dev","ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2025-06-09","domain_rank":0,"first_seen":"2025-12-27T00:37:01.586479Z","last_seen":"2025-12-27T00:37:01.586479Z","alert_count":14,"request_count":14,"received_data":1381034,"sent_data":5711,"comment":"","tags":null,"fingerprints":null},{"fqdn":"claudedexter.edgeone.dev","ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2025-06-09","domain_rank":0,"first_seen":"2025-12-10T07:42:35.986776Z","last_seen":"2025-12-25T07:45:19.91813Z","alert_count":3,"request_count":3,"received_data":920498,"sent_data":1227,"comment":"","tags":null,"fingerprints":null},{"fqdn":"prada808gcr.online","ip":{"addr":"104.21.45.228","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-01","domain_rank":0,"first_seen":"2026-01-02T11:27:30.199706Z","last_seen":"2026-01-02T11:27:30.199706Z","alert_count":0,"request_count":2,"received_data":811153,"sent_data":929,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"cdn.ampproject.org","ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2015-08-31","domain_rank":3289,"first_seen":"2015-10-09T04:27:01Z","last_seen":"2025-12-29T04:06:58.325492Z","alert_count":0,"request_count":4,"received_data":345582,"sent_data":1668,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-auto-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"36e68547fd31649fcac8856096da5e94","sha1":"cfa28bfde148c37cd6b94329ab7f8c1140625d5c","sha256":"5b870594007123f179856f463a72e0a31eb2e005acbb719cf9d56c242927547e","sha512":"3ce62d0c066399122ce7defb585fc4de3c39a02daba060cc9c03a9326e5ee8ef0f4a8d46f14e5f1f7b319944cee0d1c7c3ef2dcc08091a517f3c10b12bf46486","ssdeep":"96:+KoAosPGpz3pMDc0jxAMhG0mj1hVXxSZ4tqSKN0OV0TjLRkiGj0ldmq43bDjHI:+Kqswz3pv0jxAyCPX/tqKyWp4M0rDTI","tlshash":"9ef196dc7ac2f83a5757b4b780af414fa23bb94624ad9120d120f4d83cb995ed623e5c","size":7812,"data":"","first_seen":"2025-10-21T18:06:54.954761Z","last_seen":"2026-01-17T06:31:39.884543Z","times_seen":1718,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-loader-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a87e2cce7117be00fc8129abfc72b1a1","sha1":"26d9bc2bbbd56217163ec1ccf05a4b4698e5c11a","sha256":"f65efecffe50465d1ffa59d289200cb42ae6115fac8232946635cedf4dd241ef","sha512":"d9232a321d406c6d15a92fcfb3266ab1a049fee6099c19fb010ee7913e2d6c1a65868a2f529ffca06dfb96b312a78429b07c3a5bd56b14f53199ce88af09a458","ssdeep":"192:8fQHMOgzKBbnnRrVGjoPGlxrO2tHxg7HzMb5F4g5A4WR2vN:20g2BbnnHUgTzMb5F4g5A4WR2vN","tlshash":"d042a424a54be2ac530341b484fab94a757ecd4fb8104035f0118ededf99e48bd7ba6e","size":12729,"data":"","first_seen":"2025-10-21T18:07:40.626035Z","last_seen":"2026-01-17T06:31:39.878615Z","times_seen":1395,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8059fb84783c3f43b7b5b66a3883bcb6","sha1":"335cfb79c7c772225bc9a0a0d17d5d435e30a247","sha256":"977e140b62a9228c0815a6ce26e63df7def2817315581cb3e29c52a9d5959754","sha512":"2a0c05b24ac683756cc15e857c5445e62aa1f00134e8fa0f0c966510b1ec778a4570ab2c09dd2791a8a769f36c64a304fc816228fb54367af99657f3c49bb385","ssdeep":"3072:j4UQbNOu6mF8g8aLymSt85Li48lnQYxQEnswf2l3sVsmgQ:j4UQbNOu6mFTLs8f8lnQebsw+l3sVsg","tlshash":"db54839db296b0764793b074803f150aa33ba855240a812cf56de9d67cbcd8ea137f7c","size":284545,"data":"","first_seen":"2025-10-21T18:06:54.94219Z","last_seen":"2026-01-06T14:38:02.926695Z","times_seen":1886,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-carousel-0.2.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ea7abb549e2c19a2c32e68327000ce6","sha1":"8bd23eaad4f73679769ce7c99442e1921dc5a078","sha256":"ab5300a79449b51ebf247cf379402924b46328baf6c01d2238899648ff46c953","sha512":"2eeee59954da428d513d4ae1469b6e145f87f5deb71804a55cf132de5d1793de3b2a36e8d75e043ebf807117696fd4d80371476fa72d46181af36e29a6a107f4","ssdeep":"384:vaOOJPxlfgGYc3+Wy2CAp0hXuWHQs+ik1rdkfwf7L4GOkon9pYnzQquyhSzhl7am:SZPxRgTWylApuQRRfPq3CsquyhSH7NT7","tlshash":"6fe2965ab24270b54a57f170402f050ea13bb455548a4c2cb0aaeee69d7ce8db17bf7c","size":34086,"data":"","first_seen":"2025-10-22T15:17:27.469772Z","last_seen":"2026-01-06T04:59:31.961306Z","times_seen":102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-carousel-0.2.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:51:58 GMT","end":"Wed, 25 Feb 2026 15:51:57 GMT"},"fingerprint":{"sha1":"A6:E2:0F:FD:DB:D5:79:15:DB:03:17:B1:87:6D:6F:C0:EB:2D:6D:66","sha256":"BA:31:F8:9D:3F:78:C8:EE:37:67:8A:D7:B5:BC:FF:EF:1D:90:DE:A3:25:9C:F0:9C:47:C8:B8:DE:95:8C:2B:39"}}},"request":{"raw":"GET /v0/amp-carousel-0.2.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 9610\r\ndate: Fri, 02 Jan 2026 11:27:06 GMT\r\nexpires: Fri, 02 Jan 2026 11:27:06 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"b706ce8dc3dcb0b7\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34086,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (33969)","md5":"4ea7abb549e2c19a2c32e68327000ce6","sha1":"8bd23eaad4f73679769ce7c99442e1921dc5a078","sha256":"ab5300a79449b51ebf247cf379402924b46328baf6c01d2238899648ff46c953","sha512":"2eeee59954da428d513d4ae1469b6e145f87f5deb71804a55cf132de5d1793de3b2a36e8d75e043ebf807117696fd4d80371476fa72d46181af36e29a6a107f4","ssdeep":"384:vaOOJPxlfgGYc3+Wy2CAp0hXuWHQs+ik1rdkfwf7L4GOkon9pYnzQquyhSzhl7am:SZPxRgTWylApuQRRfPq3CsquyhSH7NT7","tlshash":"6fe2965ab24270b54a57f170402f050ea13bb455548a4c2cb0aaeee69d7ce8db17bf7c","first_seen":"2025-10-22T15:17:27.469772Z","last_seen":"2026-01-06T04:59:31.961306Z","times_seen":102,"resource_available":true,"data":null}},"time_used":637,"timings":{"blocked":282,"dns":101,"connect":27,"send":0,"wait":60,"receive":1,"ssl":162},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/danamon.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /danamon.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"34cb075b5e35d5e3c64a1360d5b4a0b0\"\r\nContent-Type: image/webp\r\nAge: 540647\r\nContent-Length: 3856\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 14290310820205825610\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3856,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"34cb075b5e35d5e3c64a1360d5b4a0b0","sha1":"b2b93a4360ae03efbef1bc5b40a035d651623751","sha256":"814949476ca9d0e9722f6883ccdec66c44adc0449820f58c11d89da35bbd67fc","sha512":"9ba9942bbab14c5ee1a4edd071a5782d41bf714a3e78fec32135e47b7ee06a92f1bdd898414aecfceb7918267134b4a2ffe5742e6a7b47b50e3ebcb80d3cfb49","ssdeep":"","tlshash":"85813b6ce3a03796d200727f7f11e3a43092c92eab79865b74db376a59e486c3601a24","first_seen":"2025-11-24T05:06:28.094727Z","last_seen":"2026-03-21T12:20:50.140126Z","times_seen":87,"resource_available":false,"data":null}},"time_used":706,"timings":{"blocked":-1,"dns":250,"connect":19,"send":0,"wait":20,"receive":0,"ssl":416},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/permata.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /permata.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"fe365f932db522c4cb39463485d7b375\"\r\nContent-Type: image/webp\r\nAge: 540647\r\nContent-Length: 3696\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 1870160877396858436\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3696,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fe365f932db522c4cb39463485d7b375","sha1":"54b3d144204ebd0bb0133745a29baee5ba11d9b1","sha256":"38effacbbb361c62550afbc25b090d66a7d1def4aec8393b62760e664d5ed585","sha512":"f5ab4a12e74076d1560d3f3bea41d2ae712a70883a6ba784e544319170ad2d74dfa2677ecc87e0d80ef1738201f2e93685a3bd93b167f2e79fa2042030f7b341","ssdeep":"","tlshash":"60712c00d7a5c808e1d5093afdd14704fba2da95db5387e1c82b777b12b2308a7db315","first_seen":"2025-11-24T05:06:28.098318Z","last_seen":"2026-03-21T12:20:50.149992Z","times_seen":89,"resource_available":false,"data":null}},"time_used":701,"timings":{"blocked":682,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/dana.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /dana.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"405dd7c2dc996e16e679d6504410ffc0\"\r\nContent-Type: image/webp\r\nAge: 540645\r\nContent-Length: 3362\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 12256083355919184714\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3362,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"405dd7c2dc996e16e679d6504410ffc0","sha1":"3448c61187653f996c99c93ce0880b0d915b56d9","sha256":"0fb3722d931596b6a569533e298e86eb8bc7414457c7dedfdac361e38c6f2fe0","sha512":"557a1594cc94263cc0dd57f6a404b2ed272377860d77e6189f07a99d5c86a3baa1445fac77964f489c1ada9451f29d981709326366c27a8bcd0d08e2ef13c77d","ssdeep":"","tlshash":"99617f15d3a30d53f124997779ba9380a2c119538605d3e97103fcb6d0f14167fc77aa","first_seen":"2025-11-24T05:06:28.099711Z","last_seen":"2026-03-21T12:20:50.146498Z","times_seen":88,"resource_available":false,"data":null}},"time_used":709,"timings":{"blocked":690,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/footer.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /footer.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"8834a8fbbd13a887e31349bef87ad063\"\r\nContent-Type: image/webp\r\nAge: 540644\r\nContent-Length: 1333998\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 4704802055708723497\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1333998,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"617afa0e7487f69693062346aa4e693f","sha1":"324faa58d97ed7c822d184132e788b2ba2005589","sha256":"855c8b11b948dc1eb069c68ed475373b86f4c70b4c37b40c0fb7f0b5a222cdf4","sha512":"b0826f8a473a8fd6fe6f6cb5eaf12f07d81f988448158a12c2e4b9c8e5b65b3e55a6420e56d8eb2076f2a6e40b67b3384bf43b9f685ce43830ccec4ecca2d97a","ssdeep":"24576:4NYIMhlGTBsNVSwDzjsH+MelhYbQ8DnGOCQzY42y:yYIMOtsjBU0hYbnGOCQ8ly","tlshash":"64253303f6025d49d86ab2f63f8cca46c75b1e4f26de08e2b5157bd8f07a500bf91299","first_seen":"2025-09-01T16:54:13.229763Z","last_seen":"2026-03-21T12:20:50.138464Z","times_seen":88,"resource_available":false,"data":null}},"time_used":1039,"timings":{"blocked":689,"dns":0,"connect":0,"send":0,"wait":20,"receive":330,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/online.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /online.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"d66b792fb15816f740777398448c4ef9\"\r\nContent-Type: image/webp\r\nAge: 540647\r\nContent-Length: 3542\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:07 GMT\r\nEO-LOG-UUID: 13598371040714544355\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3542,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d66b792fb15816f740777398448c4ef9","sha1":"1759494726f9a2dc9f0ae18bef138f4212a804ea","sha256":"3fa7ef5746584f69cf993b1a7488c3c2c39ae29f4dd681c31c77de634ab241c1","sha512":"2e3a316a577bb8471623e533b841f7059a5106cf08e09602aaa8a9445200808d056c6954162f7790656d7c727d890d68bde0359492423ee02c8c422328611447","ssdeep":"","tlshash":"a9716c6a5540248eccf78f7e32ca8161b8932440fda50eb2b233bc77061388d7529dde","first_seen":"2025-11-24T05:06:28.096922Z","last_seen":"2026-03-21T12:20:50.13959Z","times_seen":86,"resource_available":false,"data":null}},"time_used":2170,"timings":{"blocked":1068,"dns":253,"connect":20,"send":0,"wait":20,"receive":0,"ssl":800},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claudedexter.edgeone.dev/logo.png","fqdn":"claudedexter.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: claudedexter.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 26 Dec 2025 10:15:04 GMT\r\nEtag: \"4d082290a413f561d41ade812338c83d\"\r\nContent-Type: image/png\r\nAge: 143705\r\nContent-Length: 913394\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 10666701601602264251\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":913394,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5000 x 1558, 8-bit colormap, non-interlaced","md5":"4d082290a413f561d41ade812338c83d","sha1":"dc08d121c3a4f77a476438b77990899c36d4fda8","sha256":"539a0c9fdf9a14d6d37bafca08ceb6213cfcb40dc61869e175a762f794491128","sha512":"2397e8bb129f1620dfbac924c7690079e9d2bcddae99d9f61c2ac8aefa394c1cb948f27db752dc19b37c145344cf59848ed7de69e81ad83c8c9c220e9d5c7b81","ssdeep":"12288:aU0Tav8koPtGsVU0PNKa7jpvrTh8Z9YWCzSpnOp3htTiyLKsisW8Jrv8RKb+drDY:SiNolx6wvpqIW9hOvt5isHJAY","tlshash":"991533590512b32df16e0bbc2c9d8e6575038b18cf717ab2db17b1fbc7202817596e86","first_seen":"2026-01-02T11:27:37.106664Z","last_seen":"2026-02-04T07:46:33.05468Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1585,"timings":{"blocked":696,"dns":254,"connect":17,"send":0,"wait":20,"receive":158,"ssl":436},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"claudedexter.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/bca.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /bca.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"ee1167ca6ddce43dea19fea9640c6545\"\r\nContent-Type: image/webp\r\nAge: 540646\r\nContent-Length: 4466\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 11820120379648430487\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4466,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ee1167ca6ddce43dea19fea9640c6545","sha1":"6bf012a30f9a0f1e6881400325563066d1f523ab","sha256":"d72eeb6806fca9c3e5da7be04a602648740f1a375e5299092fa83acd556f9816","sha512":"9f5362f20df56bd4ea0481f64bc37c680674c2ae8121f3a55a9498ab3f3107514f9f6e213182ba75859f2fbc6f95951ed3305954da9708dc1e72428c4d711531","ssdeep":"96:qkoSbIJ2nlNhb1d0sZZeGcFnRAcv/U+mjiNn2VoentSAZK5aIat:toSbIJ2lfhkZFScvcTtg5aIe","tlshash":"fd913b48c3a853ecd1a8147f57625aa99389e00d91876656142bb8bf4cf533df72aa30","first_seen":"2025-11-24T05:06:28.112695Z","last_seen":"2026-03-21T12:20:50.14527Z","times_seen":88,"resource_available":false,"data":null}},"time_used":1389,"timings":{"blocked":675,"dns":254,"connect":20,"send":0,"wait":19,"receive":2,"ssl":407},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/gopay.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /gopay.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"b7c788bd4f1a0c742c8660f0501d4550\"\r\nContent-Type: image/webp\r\nAge: 540647\r\nContent-Length: 3828\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 7656254303766378656\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3828,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b7c788bd4f1a0c742c8660f0501d4550","sha1":"abd516bd75aa9a0281bf1dac435fe08a754f879d","sha256":"7c76abe7cca74ad6ba675e2ef5ab3078b9b4541c3481a5c7b7a1e93e2e08e333","sha512":"4963144930555c59dd4674e92696c71911b09aacc32667d6ee06f695a3a6de9b398b7ae94b8f51c34eac86c5ca4ab3ed2c94be55a08b6580732efecb59e0ba1f","ssdeep":"","tlshash":"14815c74eb525901d09419f268018b595d0bd0c8dfc023fa5ee6b0be2c38585f157af6","first_seen":"2025-11-24T05:06:28.068089Z","last_seen":"2026-03-21T12:20:50.141553Z","times_seen":88,"resource_available":false,"data":null}},"time_used":700,"timings":{"blocked":681,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/linkaja.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /linkaja.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"d3db9b229e1d8654fc1986ad479575bf\"\r\nContent-Type: image/webp\r\nAge: 540645\r\nContent-Length: 3232\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 3409851310192812972\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3232,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d3db9b229e1d8654fc1986ad479575bf","sha1":"ced4812448ec1cd337cfb306d008f8636b871add","sha256":"1bbf0d0b4611826d0b240473b0b4808ec3b510698dd75e7bae2d5d18d83ae3d3","sha512":"2858e4d1606636bb16b3adab39ec2823c5167330fb00fe962474b9e8a9cb2212f607d9610d083be0fb5dbb5fb38ad9c67d56e0a601fc4e9dde78762bd0eda714","ssdeep":"","tlshash":"40614bacc3615fc4fc9c98fe60e8d887b0d2d1250f5a8be72605303fa464457ea96a59","first_seen":"2025-11-24T05:06:28.070666Z","last_seen":"2026-03-21T12:20:50.142414Z","times_seen":89,"resource_available":false,"data":null}},"time_used":712,"timings":{"blocked":693,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prada808gcr.online/banner.png","fqdn":"prada808gcr.online","domain":"prada808gcr.online","tld":"online"},"ip":{"addr":"104.21.45.228","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prada808gcr.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 08:03:53 GMT","end":"Wed, 01 Apr 2026 09:02:33 GMT"},"fingerprint":{"sha1":"A4:40:3E:AC:10:AF:D1:57:57:C4:0A:1B:3F:D2:47:0C:B9:6D:A4:3B","sha256":"0D:0D:92:09:14:82:3D:64:2A:46:D4:D0:B3:83:93:74:10:C5:00:7D:F4:72:D7:27:7A:72:BB:21:70:F9:CE:A9"}}},"request":{"raw":"GET /banner.png HTTP/1.1\r\nHost: prada808gcr.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://prada808gcr.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 02 Jan 2026 11:27:06 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 01 Jan 2026 11:59:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"695661a7-b17be\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zzdaWn6XP0OINfKljPH%2FP98Bwbn4Iq09UNlYVBiItydqmtIoz%2FLFI%2FvO35QXdBynL2riW7gYlZmJygw03A0xNuyxCcvHoYviEkcyk6CQwQ6c9g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b79e7bfaf5f4c11-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":726974,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 736 x 736, 8-bit/color RGB, non-interlaced","md5":"2957958364ae0c6e897c7c87e9b66619","sha1":"d6d3e384f647b47c9f50ec30340875eac0b8c90e","sha256":"3f6530ab3a7dadaf147b003c381fed6e031792d65711096a84f55567b5fe7086","sha512":"3c77aa34c1ae8c1d69963de15e60e5b3f55ac3efe4f227136d2f4f7e5cc2822aabd786246784ea5cf148d700f4ba5a0a1d5fd236b6833990de5c7f1aba217628","ssdeep":"12288:22H7Bch9g+Z/eELpg2uhHHBRba3/MlauH7p071ugpCy2K5GXNIMQz12:57BtS/eENheHHikll7QCThXGMQE","tlshash":"1df423eed13707ab04ff56e2a45a7812e0d1e5d880b8296895047961fdb2fecf2d27d0","first_seen":"2026-01-02T11:27:37.115231Z","last_seen":"2026-01-02T11:27:37.115231Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1913,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":665,"receive":1248,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-auto-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:51:58 GMT","end":"Wed, 25 Feb 2026 15:51:57 GMT"},"fingerprint":{"sha1":"A6:E2:0F:FD:DB:D5:79:15:DB:03:17:B1:87:6D:6F:C0:EB:2D:6D:66","sha256":"BA:31:F8:9D:3F:78:C8:EE:37:67:8A:D7:B5:BC:FF:EF:1D:90:DE:A3:25:9C:F0:9C:47:C8:B8:DE:95:8C:2B:39"}}},"request":{"raw":"GET /rtv/012510081644000/v0/amp-auto-lightbox-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://prada808gcr.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 2976\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 17:13:49 GMT\r\nexpires: Wed, 30 Dec 2026 17:13:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 238397\r\netag: \"9215b9e0dcad338a\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7812,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7690)","md5":"36e68547fd31649fcac8856096da5e94","sha1":"cfa28bfde148c37cd6b94329ab7f8c1140625d5c","sha256":"5b870594007123f179856f463a72e0a31eb2e005acbb719cf9d56c242927547e","sha512":"3ce62d0c066399122ce7defb585fc4de3c39a02daba060cc9c03a9326e5ee8ef0f4a8d46f14e5f1f7b319944cee0d1c7c3ef2dcc08091a517f3c10b12bf46486","ssdeep":"96:+KoAosPGpz3pMDc0jxAMhG0mj1hVXxSZ4tqSKN0OV0TjLRkiGj0ldmq43bDjHI:+Kqswz3pv0jxAyCPX/tqKyWp4M0rDTI","tlshash":"9ef196dc7ac2f83a5757b4b780af414fa23bb94624ad9120d120f4d83cb995ed623e5c","first_seen":"2025-10-21T18:06:54.954761Z","last_seen":"2026-01-17T06:31:39.884543Z","times_seen":1718,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prada808gcr.online/","fqdn":"prada808gcr.online","domain":"prada808gcr.online","tld":"online"},"ip":{"addr":"104.21.45.228","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-02T11:27:05.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prada808gcr.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 08:03:53 GMT","end":"Wed, 01 Apr 2026 09:02:33 GMT"},"fingerprint":{"sha1":"A4:40:3E:AC:10:AF:D1:57:57:C4:0A:1B:3F:D2:47:0C:B9:6D:A4:3B","sha256":"0D:0D:92:09:14:82:3D:64:2A:46:D4:D0:B3:83:93:74:10:C5:00:7D:F4:72:D7:27:7A:72:BB:21:70:F9:CE:A9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: prada808gcr.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 02 Jan 2026 11:27:05 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Thu, 01 Jan 2026 11:59:52 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-permitted-cross-domain-policies: master-only\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r7VeBxJeYIZ519qyW2Dg%2BvJ8kdYxswjyZVSSVtfMQx5emwewPtG1BDUuhB7ydHAoF79YLAP5NAYB5h1LbRzK5PYkaIhV2JgNUfvTjJ4R044%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b79e7b99b565684-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":82660,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ff099f9b62c2f83c8e6e5b15638a7e89","sha1":"1f03d5bb7d26c8f2110ba0ad057b9365af2d5a42","sha256":"c8f01ae9eacf693efcb9e6e911f6ac355205d96aeb015fe2911985641758e274","sha512":"97ebd25421a7295b7610f1e5f092ba9350d4e1076f44c7c643e6e3a11634086b3f2c9d7906bbb9fd86bf475f57c4096dd2a575e5650f18da403eb987d3652942","ssdeep":"768:iA31L2QWJ5C4gV1rV4UkkfY8go0MoQEML0QV1le7MIR0qWlpVJ1RFR1JAhNAAlXM:Zl9wfA/D29BgR+ia6","tlshash":"8b83412b9663250e6803e57c37e82a423379e113d65afdb57ede9240cf49580cce27da","first_seen":"2026-01-02T11:27:37.118421Z","last_seen":"2026-01-02T11:27:37.118421Z","times_seen":1,"resource_available":false,"data":null}},"time_used":820,"timings":{"blocked":65,"dns":42,"connect":1,"send":0,"wait":690,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:51:58 GMT","end":"Wed, 25 Feb 2026 15:51:57 GMT"},"fingerprint":{"sha1":"A6:E2:0F:FD:DB:D5:79:15:DB:03:17:B1:87:6D:6F:C0:EB:2D:6D:66","sha256":"BA:31:F8:9D:3F:78:C8:EE:37:67:8A:D7:B5:BC:FF:EF:1D:90:DE:A3:25:9C:F0:9C:47:C8:B8:DE:95:8C:2B:39"}}},"request":{"raw":"GET /v0.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 73132\r\ndate: Fri, 02 Jan 2026 11:27:06 GMT\r\nexpires: Fri, 02 Jan 2026 11:27:06 GMT\r\ncache-control: private, max-age=3000, stale-while-revalidate=1206600\r\netag: \"b52f38ef99ad402e\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":284545,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64627)","md5":"8059fb84783c3f43b7b5b66a3883bcb6","sha1":"335cfb79c7c772225bc9a0a0d17d5d435e30a247","sha256":"977e140b62a9228c0815a6ce26e63df7def2817315581cb3e29c52a9d5959754","sha512":"2a0c05b24ac683756cc15e857c5445e62aa1f00134e8fa0f0c966510b1ec778a4570ab2c09dd2791a8a769f36c64a304fc816228fb54367af99657f3c49bb385","ssdeep":"3072:j4UQbNOu6mF8g8aLymSt85Li48lnQYxQEnswf2l3sVsmgQ:j4UQbNOu6mFTLs8f8lnQebsw+l3sVsg","tlshash":"db54839db296b0764793b074803f150aa33ba855240a812cf56de9d67cbcd8ea137f7c","first_seen":"2025-10-21T18:06:54.94219Z","last_seen":"2026-01-06T14:38:02.926695Z","times_seen":1886,"resource_available":true,"data":null}},"time_used":605,"timings":{"blocked":251,"dns":101,"connect":31,"send":0,"wait":40,"receive":49,"ssl":129},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/mandiri.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /mandiri.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"29a381e77775da1aa9d177a24b8f1d25\"\r\nContent-Type: image/webp\r\nAge: 540646\r\nContent-Length: 1338\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 8120004862308301008\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1338,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"29a381e77775da1aa9d177a24b8f1d25","sha1":"53bcf555779129c6daf585c1fe4b85826bcd732f","sha256":"c5aeb819dccdde5bbbf612ddc8d1e62228f21f23cc172769e4770341b938e741","sha512":"23a5d37b64a81b6c0d8b69e03eb0351d53a42913a10b5203b3a9cd09029e6a28989169fc181279f7b6595cc57fa8c2be63e24cb6d15deceb63adcec50b4b2749","ssdeep":"","tlshash":"3321c88799f753509a88e45ab839ffdd8ed1724d9004d73c99eaa50d2c788102be465c","first_seen":"2025-11-24T05:06:28.103178Z","last_seen":"2026-03-21T12:20:50.145986Z","times_seen":87,"resource_available":false,"data":null}},"time_used":1387,"timings":{"blocked":674,"dns":254,"connect":20,"send":0,"wait":19,"receive":0,"ssl":405},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/bri.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /bri.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"4788eced74e3ecb7806f276a3e84e32c\"\r\nContent-Type: image/webp\r\nAge: 540647\r\nContent-Length: 1106\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 11847400382780170296\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1106,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4788eced74e3ecb7806f276a3e84e32c","sha1":"e981510ea34f911ec7f5948a3071ccd7b1853df1","sha256":"2c772494e4192fa239b915c42296c62caed0ef06a1761905496a861fcb7574d6","sha512":"e1feac80720cfc985829c9e0e824a27ebf3d8e2017f92300806f20c95fafafe90f17f0dc3a54081fab90cbbfa7317420c61e701309190bcb84767fa928324de8","ssdeep":"","tlshash":"fd11c6daad8503dae990fff39a7060006f827a26c9a8a542701729b20017963c00afc4","first_seen":"2025-11-24T05:06:28.078302Z","last_seen":"2026-03-21T12:20:50.148924Z","times_seen":86,"resource_available":false,"data":null}},"time_used":722,"timings":{"blocked":-1,"dns":252,"connect":20,"send":0,"wait":19,"receive":0,"ssl":426},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/cimb.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /cimb.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"0d084b23dc239d6200bc2aa5467b1e61\"\r\nContent-Type: image/webp\r\nAge: 540645\r\nContent-Length: 3334\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 7280563349874501365\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3334,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0d084b23dc239d6200bc2aa5467b1e61","sha1":"5fe5a44231e4fbbbca15b6720f716a9d80890b6a","sha256":"11e57738d0ccd7aeae205991ab55a831247176b4b3c32f052154ad19e27f6da9","sha512":"1bc9ca938ddffbd41f31e23d0a10fdf5a2b5c4f7b1050f018e370d52b0fa3c4e111d9a9d8a15affcf38672f05b6454ced9d822fced5b976f5b8bddc607af3c10","ssdeep":"","tlshash":"27611905d22b5e9ceb90923728a04b64b6b42c349ed6676da24a60f38171601b384f54","first_seen":"2025-11-24T05:06:28.065564Z","last_seen":"2026-03-21T12:20:50.137402Z","times_seen":89,"resource_available":false,"data":null}},"time_used":702,"timings":{"blocked":683,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/qris.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /qris.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"116edff8080f009113cb7a21000b526f\"\r\nContent-Type: image/webp\r\nAge: 540645\r\nContent-Length: 2850\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 2683395315169164129\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2850,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"116edff8080f009113cb7a21000b526f","sha1":"54501d38a907cebbd889c290733d1aa1efdabf25","sha256":"128134d609d3adbd1d7cda184dfe653fd575646a17a4d60ac97d100d42327f02","sha512":"32d7d6b470b80a4398d246d05a09387f11f0780b6b9b0ef5f989c826216b9994470180297c7e8356d973c8092b8f65b1a82b3c30929bcfd4ed99d84f5346a600","ssdeep":"","tlshash":"ec51f90ad7191ed3c6c4b23b22e91d12b7981640cfb3d667069b35f68a293367191b54","first_seen":"2025-11-24T05:06:28.073084Z","last_seen":"2026-03-21T12:20:50.137958Z","times_seen":89,"resource_available":false,"data":null}},"time_used":710,"timings":{"blocked":690,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-loader-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:07.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:51:58 GMT","end":"Wed, 25 Feb 2026 15:51:57 GMT"},"fingerprint":{"sha1":"A6:E2:0F:FD:DB:D5:79:15:DB:03:17:B1:87:6D:6F:C0:EB:2D:6D:66","sha256":"BA:31:F8:9D:3F:78:C8:EE:37:67:8A:D7:B5:BC:FF:EF:1D:90:DE:A3:25:9C:F0:9C:47:C8:B8:DE:95:8C:2B:39"}}},"request":{"raw":"GET /rtv/012510081644000/v0/amp-loader-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://prada808gcr.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 3937\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 09:32:41 GMT\r\nexpires: Wed, 30 Dec 2026 09:32:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 266066\r\netag: \"a1ee3895c747c6e2\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12729,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (12614)","md5":"a87e2cce7117be00fc8129abfc72b1a1","sha1":"26d9bc2bbbd56217163ec1ccf05a4b4698e5c11a","sha256":"f65efecffe50465d1ffa59d289200cb42ae6115fac8232946635cedf4dd241ef","sha512":"d9232a321d406c6d15a92fcfb3266ab1a049fee6099c19fb010ee7913e2d6c1a65868a2f529ffca06dfb96b312a78429b07c3a5bd56b14f53199ce88af09a458","ssdeep":"192:8fQHMOgzKBbnnRrVGjoPGlxrO2tHxg7HzMb5F4g5A4WR2vN:20g2BbnnHUgTzMb5F4g5A4WR2vN","tlshash":"d042a424a54be2ac530341b484fab94a757ecd4fb8104035f0118ededf99e48bd7ba6e","first_seen":"2025-10-21T18:07:40.626035Z","last_seen":"2026-01-17T06:31:39.878615Z","times_seen":1395,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":67,"dns":1,"connect":0,"send":0,"wait":29,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claudedexter.edgeone.dev/favicon.png","fqdn":"claudedexter.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:07.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: claudedexter.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 26 Dec 2025 10:15:04 GMT\r\nEtag: \"983c520382d3b2b8f12ba2d38ac46aac\"\r\nContent-Type: image/png\r\nAge: 609080\r\nContent-Length: 2970\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:07 GMT\r\nEO-LOG-UUID: 3784918992278161549\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2970,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced","md5":"983c520382d3b2b8f12ba2d38ac46aac","sha1":"53b7d0171636d3d387b152799d3156f0ca871dcc","sha256":"e6fe8a40732c5dd61a07fb41f39b742c4aff7e78c964d6ac6f1ce5e5179352c7","sha512":"62ae277b26852c2008eada4ce69cab916c28e2fdbf8741327391d2cd6c87c8f6801a8b08539914bce3042d389d546dd0150b45d9e6b8395033c6b9cb89d67118","ssdeep":"","tlshash":"8e512a8bfda56b81e459f1c114ee0137af3b8a5098c499a4e9cec81706717b8888dcc7","first_seen":"2025-12-17T11:45:45.461831Z","last_seen":"2026-02-04T07:46:33.042498Z","times_seen":11,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"claudedexter.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/bni.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /bni.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"2ad18c61adc3ace6d770bffb7bea94c2\"\r\nContent-Type: image/webp\r\nAge: 540647\r\nContent-Length: 3972\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 15552128607512708801\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3972,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2ad18c61adc3ace6d770bffb7bea94c2","sha1":"1264ecf2f46f3334d9f451d588fd6ecee1114871","sha256":"b40e52388437db707197dd122d363c4fd50887a9fa8576170917f33a71f32f8b","sha512":"3f4ef6e9785cbd27430e00acd72663ee6424ed1865a18b4465eb9413b8cacc1781104aaf1d6ec019705597bf429333e92d77e24f9ffacc14c5dd4ca914e8d094","ssdeep":"","tlshash":"3e814a0cc354560ce281313fb291b316f5d0ce36564526a9ab8e3aef82e65889563e63","first_seen":"2025-11-24T05:06:28.108625Z","last_seen":"2026-03-21T12:20:50.149409Z","times_seen":86,"resource_available":false,"data":null}},"time_used":707,"timings":{"blocked":-1,"dns":251,"connect":20,"send":0,"wait":19,"receive":0,"ssl":414},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/ovo.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:06.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /ovo.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"140dc185a3b57a3b1f4b5c4d0f1724a7\"\r\nContent-Type: image/webp\r\nAge: 540645\r\nContent-Length: 3012\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:06 GMT\r\nEO-LOG-UUID: 15854190133155435661\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3012,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"140dc185a3b57a3b1f4b5c4d0f1724a7","sha1":"95835539e5afdf4ca5f55f167fdf9ef1bb1e4bad","sha256":"719b2382d06def41ed7eaee82bd3d37dbd43551fed4f9e89236ff2477aa67565","sha512":"decf75546046b537a52c75da1818b38cd7e9fe0f6c82e192f6c50b3729ec707508e42e71420b09f08325ad8b06868cf1d36fd84520f320d0ac22343dd75f0f9b","ssdeep":"","tlshash":"e9513b4bdac0056cebf07476d8d3c93bf882a0f886563a29494a31fd64d8a1d7d49f70","first_seen":"2025-11-24T05:06:28.088012Z","last_seen":"2026-03-21T12:20:50.140765Z","times_seen":90,"resource_available":false,"data":null}},"time_used":700,"timings":{"blocked":681,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claudedexter.edgeone.dev/favicon.png","fqdn":"claudedexter.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prada808gcr.online/","date":"2026-01-02T11:27:07.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: claudedexter.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 26 Dec 2025 10:15:04 GMT\r\nEtag: \"983c520382d3b2b8f12ba2d38ac46aac\"\r\nContent-Type: image/png\r\nAge: 609080\r\nContent-Length: 2970\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Fri, 02 Jan 2026 11:27:07 GMT\r\nEO-LOG-UUID: 2050586364107034770\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2970,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced","md5":"983c520382d3b2b8f12ba2d38ac46aac","sha1":"53b7d0171636d3d387b152799d3156f0ca871dcc","sha256":"e6fe8a40732c5dd61a07fb41f39b742c4aff7e78c964d6ac6f1ce5e5179352c7","sha512":"62ae277b26852c2008eada4ce69cab916c28e2fdbf8741327391d2cd6c87c8f6801a8b08539914bce3042d389d546dd0150b45d9e6b8395033c6b9cb89d67118","ssdeep":"","tlshash":"8e512a8bfda56b81e459f1c114ee0137af3b8a5098c499a4e9cec81706717b8888dcc7","first_seen":"2025-12-17T11:45:45.461831Z","last_seen":"2026-02-04T07:46:33.042498Z","times_seen":11,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":1,"connect":17,"send":0,"wait":19,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"claudedexter.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}