{"report_id":"9f24680e-f81b-4046-ae14-618215b5ccf8","version":6,"status":"done","tags":[],"date":"2026-01-04T09:19:41Z","url":{"schema":"http","addr":"betwin178.site/","fqdn":"betwin178.site","domain":"betwin178.site","tld":"site"},"ip":{"addr":"104.21.50.79","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"betwin178.site/","fqdn":"betwin178.site","domain":"betwin178.site","tld":"site"},"title":"BETWIN178 : Situs Slot Gacor Banjir Super Scatter Pecah x1000 Hari Ini","dom":{"size":104605,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6883)","md5":"a39e79ce717e49c9fca17ba7ad138089","sha1":"28f74f5b05c126e06aba7ef151bcc9fabfa6e36d","sha256":"ac67f7bf99e3c0476ea429271bb78b71a5ceee83f7eeb619b3dd2128fe944e9c","sha512":"e100b5c4aa02142ba18ca069c0d24420614b26979fa147576021a8a5b8a64ea762865ccdbd45693f9dc7776ff43b31b08d674a3bed0c5c3d4daf710f0906fa5b","ssdeep":"1536:2Z5F4g5A4WR2vkXap2MmTwfA/D29Bgf+iaWfR5B:9ap2MmEfACLWfR5B","tlshash":"44a3941b9652204d5807d23827e86b573338d013d62afdb5bddea780cf89681dde278e","dom_hash":"domhash6de594c89e3b473602c483580dac1038","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"betwin178.site/","fqdn":"betwin178.site","domain":"betwin178.site","tld":"site"},"ip":{"addr":"104.21.50.79","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-08T09:19:41Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"selerarumahan.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"baubauindex.edgeone.dev","ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2025-06-09","domain_rank":0,"first_seen":"2025-12-27T00:37:01.586479Z","last_seen":"2025-12-27T00:37:01.586479Z","alert_count":14,"request_count":14,"received_data":1381035,"sent_data":5711,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.ampproject.org","ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2015-08-31","domain_rank":3289,"first_seen":"2015-10-09T04:27:01Z","last_seen":"2025-12-29T04:06:58.325492Z","alert_count":0,"request_count":4,"received_data":345560,"sent_data":1660,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"selerarumahan.edgeone.dev","ip":{"addr":"43.174.247.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2025-06-09","domain_rank":0,"first_seen":"2025-12-25T07:25:37.309743Z","last_seen":"2025-12-25T07:25:37.309743Z","alert_count":3,"request_count":3,"received_data":492912,"sent_data":1230,"comment":"","tags":null,"fingerprints":null},{"fqdn":"betwin178.site","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":804138,"sent_data":918,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8059fb84783c3f43b7b5b66a3883bcb6","sha1":"335cfb79c7c772225bc9a0a0d17d5d435e30a247","sha256":"977e140b62a9228c0815a6ce26e63df7def2817315581cb3e29c52a9d5959754","sha512":"2a0c05b24ac683756cc15e857c5445e62aa1f00134e8fa0f0c966510b1ec778a4570ab2c09dd2791a8a769f36c64a304fc816228fb54367af99657f3c49bb385","ssdeep":"3072:j4UQbNOu6mF8g8aLymSt85Li48lnQYxQEnswf2l3sVsmgQ:j4UQbNOu6mFTLs8f8lnQebsw+l3sVsg","tlshash":"db54839db296b0764793b074803f150aa33ba855240a812cf56de9d67cbcd8ea137f7c","size":284545,"data":"","first_seen":"2025-10-21T18:06:54.94219Z","last_seen":"2026-01-06T14:38:02.926695Z","times_seen":1886,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-auto-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"36e68547fd31649fcac8856096da5e94","sha1":"cfa28bfde148c37cd6b94329ab7f8c1140625d5c","sha256":"5b870594007123f179856f463a72e0a31eb2e005acbb719cf9d56c242927547e","sha512":"3ce62d0c066399122ce7defb585fc4de3c39a02daba060cc9c03a9326e5ee8ef0f4a8d46f14e5f1f7b319944cee0d1c7c3ef2dcc08091a517f3c10b12bf46486","ssdeep":"96:+KoAosPGpz3pMDc0jxAMhG0mj1hVXxSZ4tqSKN0OV0TjLRkiGj0ldmq43bDjHI:+Kqswz3pv0jxAyCPX/tqKyWp4M0rDTI","tlshash":"9ef196dc7ac2f83a5757b4b780af414fa23bb94624ad9120d120f4d83cb995ed623e5c","size":7812,"data":"","first_seen":"2025-10-21T18:06:54.954761Z","last_seen":"2026-01-17T06:31:39.884543Z","times_seen":1718,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-loader-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a87e2cce7117be00fc8129abfc72b1a1","sha1":"26d9bc2bbbd56217163ec1ccf05a4b4698e5c11a","sha256":"f65efecffe50465d1ffa59d289200cb42ae6115fac8232946635cedf4dd241ef","sha512":"d9232a321d406c6d15a92fcfb3266ab1a049fee6099c19fb010ee7913e2d6c1a65868a2f529ffca06dfb96b312a78429b07c3a5bd56b14f53199ce88af09a458","ssdeep":"192:8fQHMOgzKBbnnRrVGjoPGlxrO2tHxg7HzMb5F4g5A4WR2vN:20g2BbnnHUgTzMb5F4g5A4WR2vN","tlshash":"d042a424a54be2ac530341b484fab94a757ecd4fb8104035f0118ededf99e48bd7ba6e","size":12729,"data":"","first_seen":"2025-10-21T18:07:40.626035Z","last_seen":"2026-01-17T06:31:39.878615Z","times_seen":1395,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-carousel-0.2.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ea7abb549e2c19a2c32e68327000ce6","sha1":"8bd23eaad4f73679769ce7c99442e1921dc5a078","sha256":"ab5300a79449b51ebf247cf379402924b46328baf6c01d2238899648ff46c953","sha512":"2eeee59954da428d513d4ae1469b6e145f87f5deb71804a55cf132de5d1793de3b2a36e8d75e043ebf807117696fd4d80371476fa72d46181af36e29a6a107f4","ssdeep":"384:vaOOJPxlfgGYc3+Wy2CAp0hXuWHQs+ik1rdkfwf7L4GOkon9pYnzQquyhSzhl7am:SZPxRgTWylApuQRRfPq3CsquyhSH7NT7","tlshash":"6fe2965ab24270b54a57f170402f050ea13bb455548a4c2cb0aaeee69d7ce8db17bf7c","size":34086,"data":"","first_seen":"2025-10-22T15:17:27.469772Z","last_seen":"2026-01-06T04:59:31.961306Z","times_seen":102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/online.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /online.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"d66b792fb15816f740777398448c4ef9\"\r\nContent-Type: image/webp\r\nAge: 705779\r\nContent-Length: 3542\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 1355248362776310752\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3542,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d66b792fb15816f740777398448c4ef9","sha1":"1759494726f9a2dc9f0ae18bef138f4212a804ea","sha256":"3fa7ef5746584f69cf993b1a7488c3c2c39ae29f4dd681c31c77de634ab241c1","sha512":"2e3a316a577bb8471623e533b841f7059a5106cf08e09602aaa8a9445200808d056c6954162f7790656d7c727d890d68bde0359492423ee02c8c422328611447","ssdeep":"","tlshash":"a9716c6a5540248eccf78f7e32ca8161b8932440fda50eb2b233bc77061388d7529dde","first_seen":"2025-11-24T05:06:28.096922Z","last_seen":"2026-03-21T12:20:50.13959Z","times_seen":86,"resource_available":false,"data":null}},"time_used":2075,"timings":{"blocked":1017,"dns":428,"connect":19,"send":0,"wait":19,"receive":1,"ssl":589},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/bri.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /bri.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"4788eced74e3ecb7806f276a3e84e32c\"\r\nContent-Type: image/webp\r\nAge: 705780\r\nContent-Length: 1106\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 16982785064194238984\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1106,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4788eced74e3ecb7806f276a3e84e32c","sha1":"e981510ea34f911ec7f5948a3071ccd7b1853df1","sha256":"2c772494e4192fa239b915c42296c62caed0ef06a1761905496a861fcb7574d6","sha512":"e1feac80720cfc985829c9e0e824a27ebf3d8e2017f92300806f20c95fafafe90f17f0dc3a54081fab90cbbfa7317420c61e701309190bcb84767fa928324de8","ssdeep":"","tlshash":"fd11c6daad8503dae990fff39a7060006f827a26c9a8a542701729b20017963c00afc4","first_seen":"2025-11-24T05:06:28.078302Z","last_seen":"2026-03-21T12:20:50.148924Z","times_seen":86,"resource_available":false,"data":null}},"time_used":819,"timings":{"blocked":-1,"dns":423,"connect":19,"send":0,"wait":19,"receive":0,"ssl":351},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/bni.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /bni.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"2ad18c61adc3ace6d770bffb7bea94c2\"\r\nContent-Type: image/webp\r\nAge: 705780\r\nContent-Length: 3972\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 10144462581775695680\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3972,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2ad18c61adc3ace6d770bffb7bea94c2","sha1":"1264ecf2f46f3334d9f451d588fd6ecee1114871","sha256":"b40e52388437db707197dd122d363c4fd50887a9fa8576170917f33a71f32f8b","sha512":"3f4ef6e9785cbd27430e00acd72663ee6424ed1865a18b4465eb9413b8cacc1781104aaf1d6ec019705597bf429333e92d77e24f9ffacc14c5dd4ca914e8d094","ssdeep":"","tlshash":"3e814a0cc354560ce281313fb291b316f5d0ce36564526a9ab8e3aef82e65889563e63","first_seen":"2025-11-24T05:06:28.108625Z","last_seen":"2026-03-21T12:20:50.149409Z","times_seen":86,"resource_available":false,"data":null}},"time_used":1053,"timings":{"blocked":-1,"dns":422,"connect":19,"send":0,"wait":20,"receive":0,"ssl":587},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/gopay.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /gopay.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"b7c788bd4f1a0c742c8660f0501d4550\"\r\nContent-Type: image/webp\r\nAge: 705780\r\nContent-Length: 3828\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 4905032555467057251\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3828,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b7c788bd4f1a0c742c8660f0501d4550","sha1":"abd516bd75aa9a0281bf1dac435fe08a754f879d","sha256":"7c76abe7cca74ad6ba675e2ef5ab3078b9b4541c3481a5c7b7a1e93e2e08e333","sha512":"4963144930555c59dd4674e92696c71911b09aacc32667d6ee06f695a3a6de9b398b7ae94b8f51c34eac86c5ca4ab3ed2c94be55a08b6580732efecb59e0ba1f","ssdeep":"","tlshash":"14815c74eb525901d09419f268018b595d0bd0c8dfc023fa5ee6b0be2c38585f157af6","first_seen":"2025-11-24T05:06:28.068089Z","last_seen":"2026-03-21T12:20:50.141553Z","times_seen":88,"resource_available":false,"data":null}},"time_used":730,"timings":{"blocked":711,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/bca.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /bca.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"ee1167ca6ddce43dea19fea9640c6545\"\r\nContent-Type: image/webp\r\nAge: 705779\r\nContent-Length: 4466\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 16502102074557303525\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4466,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ee1167ca6ddce43dea19fea9640c6545","sha1":"6bf012a30f9a0f1e6881400325563066d1f523ab","sha256":"d72eeb6806fca9c3e5da7be04a602648740f1a375e5299092fa83acd556f9816","sha512":"9f5362f20df56bd4ea0481f64bc37c680674c2ae8121f3a55a9498ab3f3107514f9f6e213182ba75859f2fbc6f95951ed3305954da9708dc1e72428c4d711531","ssdeep":"96:qkoSbIJ2nlNhb1d0sZZeGcFnRAcv/U+mjiNn2VoentSAZK5aIat:toSbIJ2lfhkZFScvcTtg5aIe","tlshash":"fd913b48c3a853ecd1a8147f57625aa99389e00d91876656142bb8bf4cf533df72aa30","first_seen":"2025-11-24T05:06:28.112695Z","last_seen":"2026-03-21T12:20:50.14527Z","times_seen":88,"resource_available":false,"data":null}},"time_used":1410,"timings":{"blocked":686,"dns":424,"connect":19,"send":0,"wait":19,"receive":0,"ssl":251},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/danamon.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /danamon.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"34cb075b5e35d5e3c64a1360d5b4a0b0\"\r\nContent-Type: image/webp\r\nAge: 705780\r\nContent-Length: 3856\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 4910269894054619843\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3856,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"34cb075b5e35d5e3c64a1360d5b4a0b0","sha1":"b2b93a4360ae03efbef1bc5b40a035d651623751","sha256":"814949476ca9d0e9722f6883ccdec66c44adc0449820f58c11d89da35bbd67fc","sha512":"9ba9942bbab14c5ee1a4edd071a5782d41bf714a3e78fec32135e47b7ee06a92f1bdd898414aecfceb7918267134b4a2ffe5742e6a7b47b50e3ebcb80d3cfb49","ssdeep":"","tlshash":"85813b6ce3a03796d200727f7f11e3a43092c92eab79865b74db376a59e486c3601a24","first_seen":"2025-11-24T05:06:28.094727Z","last_seen":"2026-03-21T12:20:50.140126Z","times_seen":87,"resource_available":false,"data":null}},"time_used":719,"timings":{"blocked":-1,"dns":421,"connect":19,"send":0,"wait":19,"receive":0,"ssl":257},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/ovo.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /ovo.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"140dc185a3b57a3b1f4b5c4d0f1724a7\"\r\nContent-Type: image/webp\r\nAge: 705778\r\nContent-Length: 3012\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 12550450832579463619\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3012,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"140dc185a3b57a3b1f4b5c4d0f1724a7","sha1":"95835539e5afdf4ca5f55f167fdf9ef1bb1e4bad","sha256":"719b2382d06def41ed7eaee82bd3d37dbd43551fed4f9e89236ff2477aa67565","sha512":"decf75546046b537a52c75da1818b38cd7e9fe0f6c82e192f6c50b3729ec707508e42e71420b09f08325ad8b06868cf1d36fd84520f320d0ac22343dd75f0f9b","ssdeep":"","tlshash":"e9513b4bdac0056cebf07476d8d3c93bf882a0f886563a29494a31fd64d8a1d7d49f70","first_seen":"2025-11-24T05:06:28.088012Z","last_seen":"2026-03-21T12:20:50.140765Z","times_seen":90,"resource_available":false,"data":null}},"time_used":716,"timings":{"blocked":697,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/dana.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /dana.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"405dd7c2dc996e16e679d6504410ffc0\"\r\nContent-Type: image/webp\r\nAge: 705778\r\nContent-Length: 3362\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 14800147412809824602\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3362,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"405dd7c2dc996e16e679d6504410ffc0","sha1":"3448c61187653f996c99c93ce0880b0d915b56d9","sha256":"0fb3722d931596b6a569533e298e86eb8bc7414457c7dedfdac361e38c6f2fe0","sha512":"557a1594cc94263cc0dd57f6a404b2ed272377860d77e6189f07a99d5c86a3baa1445fac77964f489c1ada9451f29d981709326366c27a8bcd0d08e2ef13c77d","ssdeep":"","tlshash":"99617f15d3a30d53f124997779ba9380a2c119538605d3e97103fcb6d0f14167fc77aa","first_seen":"2025-11-24T05:06:28.099711Z","last_seen":"2026-03-21T12:20:50.146498Z","times_seen":88,"resource_available":false,"data":null}},"time_used":730,"timings":{"blocked":711,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/linkaja.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /linkaja.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"d3db9b229e1d8654fc1986ad479575bf\"\r\nContent-Type: image/webp\r\nAge: 705778\r\nContent-Length: 3232\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 12176482094346932554\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3232,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d3db9b229e1d8654fc1986ad479575bf","sha1":"ced4812448ec1cd337cfb306d008f8636b871add","sha256":"1bbf0d0b4611826d0b240473b0b4808ec3b510698dd75e7bae2d5d18d83ae3d3","sha512":"2858e4d1606636bb16b3adab39ec2823c5167330fb00fe962474b9e8a9cb2212f607d9610d083be0fb5dbb5fb38ad9c67d56e0a601fc4e9dde78762bd0eda714","ssdeep":"","tlshash":"40614bacc3615fc4fc9c98fe60e8d887b0d2d1250f5a8be72605303fa464457ea96a59","first_seen":"2025-11-24T05:06:28.070666Z","last_seen":"2026-03-21T12:20:50.142414Z","times_seen":89,"resource_available":false,"data":null}},"time_used":731,"timings":{"blocked":712,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/qris.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /qris.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"116edff8080f009113cb7a21000b526f\"\r\nContent-Type: image/webp\r\nAge: 705778\r\nContent-Length: 2850\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 17533731646983982045\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2850,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"116edff8080f009113cb7a21000b526f","sha1":"54501d38a907cebbd889c290733d1aa1efdabf25","sha256":"128134d609d3adbd1d7cda184dfe653fd575646a17a4d60ac97d100d42327f02","sha512":"32d7d6b470b80a4398d246d05a09387f11f0780b6b9b0ef5f989c826216b9994470180297c7e8356d973c8092b8f65b1a82b3c30929bcfd4ed99d84f5346a600","ssdeep":"","tlshash":"ec51f90ad7191ed3c6c4b23b22e91d12b7981640cfb3d667069b35f68a293367191b54","first_seen":"2025-11-24T05:06:28.073084Z","last_seen":"2026-03-21T12:20:50.137958Z","times_seen":89,"resource_available":false,"data":null}},"time_used":745,"timings":{"blocked":726,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-auto-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:19.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:50:23 GMT","end":"Wed, 25 Feb 2026 15:50:22 GMT"},"fingerprint":{"sha1":"8C:22:B0:36:FF:44:17:0C:D7:23:B5:FF:95:73:C9:21:89:15:5B:A8","sha256":"89:0D:D4:C7:A7:53:0B:46:DA:82:A1:15:39:BB:C8:3D:D7:5E:B7:2D:B4:21:52:28:84:00:82:ED:48:91:43:A1"}}},"request":{"raw":"GET /rtv/012510081644000/v0/amp-auto-lightbox-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://betwin178.site\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 2976\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 03 Jan 2026 10:57:50 GMT\r\nexpires: Sun, 03 Jan 2027 10:57:50 GMT\r\ncache-control: public, max-age=31536000\r\nage: 80489\r\netag: \"9215b9e0dcad338a\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7812,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7690)","md5":"36e68547fd31649fcac8856096da5e94","sha1":"cfa28bfde148c37cd6b94329ab7f8c1140625d5c","sha256":"5b870594007123f179856f463a72e0a31eb2e005acbb719cf9d56c242927547e","sha512":"3ce62d0c066399122ce7defb585fc4de3c39a02daba060cc9c03a9326e5ee8ef0f4a8d46f14e5f1f7b319944cee0d1c7c3ef2dcc08091a517f3c10b12bf46486","ssdeep":"96:+KoAosPGpz3pMDc0jxAMhG0mj1hVXxSZ4tqSKN0OV0TjLRkiGj0ldmq43bDjHI:+Kqswz3pv0jxAyCPX/tqKyWp4M0rDTI","tlshash":"9ef196dc7ac2f83a5757b4b780af414fa23bb94624ad9120d120f4d83cb995ed623e5c","first_seen":"2025-10-21T18:06:54.954761Z","last_seen":"2026-01-17T06:31:39.884543Z","times_seen":1718,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":31,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012510081644000/v0/amp-loader-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:19.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:50:23 GMT","end":"Wed, 25 Feb 2026 15:50:22 GMT"},"fingerprint":{"sha1":"8C:22:B0:36:FF:44:17:0C:D7:23:B5:FF:95:73:C9:21:89:15:5B:A8","sha256":"89:0D:D4:C7:A7:53:0B:46:DA:82:A1:15:39:BB:C8:3D:D7:5E:B7:2D:B4:21:52:28:84:00:82:ED:48:91:43:A1"}}},"request":{"raw":"GET /rtv/012510081644000/v0/amp-loader-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://betwin178.site\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 3937\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 03 Jan 2026 10:55:43 GMT\r\nexpires: Sun, 03 Jan 2027 10:55:43 GMT\r\ncache-control: public, max-age=31536000\r\nage: 80616\r\netag: \"a1ee3895c747c6e2\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12729,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (12614)","md5":"a87e2cce7117be00fc8129abfc72b1a1","sha1":"26d9bc2bbbd56217163ec1ccf05a4b4698e5c11a","sha256":"f65efecffe50465d1ffa59d289200cb42ae6115fac8232946635cedf4dd241ef","sha512":"d9232a321d406c6d15a92fcfb3266ab1a049fee6099c19fb010ee7913e2d6c1a65868a2f529ffca06dfb96b312a78429b07c3a5bd56b14f53199ce88af09a458","ssdeep":"192:8fQHMOgzKBbnnRrVGjoPGlxrO2tHxg7HzMb5F4g5A4WR2vN:20g2BbnnHUgTzMb5F4g5A4WR2vN","tlshash":"d042a424a54be2ac530341b484fab94a757ecd4fb8104035f0118ededf99e48bd7ba6e","first_seen":"2025-10-21T18:07:40.626035Z","last_seen":"2026-01-17T06:31:39.878615Z","times_seen":1395,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"selerarumahan.edgeone.dev/favicon.png","fqdn":"selerarumahan.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.247.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:20.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: selerarumahan.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 03 Dec 2025 08:49:20 GMT\r\nEtag: \"5cd99dd5efdce055e975b480e436465c\"\r\nContent-Type: image/png\r\nAge: 2746796\r\nContent-Length: 108787\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:20 GMT\r\nEO-LOG-UUID: 10541914830704015304\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":108787,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 241, 8-bit/color RGBA, non-interlaced","md5":"5cd99dd5efdce055e975b480e436465c","sha1":"42ab2da3e356aeab46a15a1e3768724bef7b3429","sha256":"ec945759c9581caaaa9abfd3448c588ef4a51e123f48f4955463d260faa6c9fc","sha512":"221c0cd462d23c8b360fa25886e739a2f96e5faa194bc1a2b359e82a0e096fce2f9edb8761fe74b078be09ceb68445dcb3b1ea75649922cc695127f83e649ce9","ssdeep":"3072:FstuvRyBTHIpaaRLoQI8qmbb37IkeFfsQeTL:Oo4BTopFoQnqyLcstTL","tlshash":"c0b31273d9b50118952a8eb213d9e4fc72e3d2f88369469e0f221d6c32dfe1c4b457a6","first_seen":"2025-06-08T12:59:17.189844Z","last_seen":"2026-01-18T12:46:20.619832Z","times_seen":11,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":1,"connect":17,"send":0,"wait":20,"receive":34,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"selerarumahan.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/mandiri.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /mandiri.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"29a381e77775da1aa9d177a24b8f1d25\"\r\nContent-Type: image/webp\r\nAge: 705779\r\nContent-Length: 1338\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 10763156382038291603\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1338,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"29a381e77775da1aa9d177a24b8f1d25","sha1":"53bcf555779129c6daf585c1fe4b85826bcd732f","sha256":"c5aeb819dccdde5bbbf612ddc8d1e62228f21f23cc172769e4770341b938e741","sha512":"23a5d37b64a81b6c0d8b69e03eb0351d53a42913a10b5203b3a9cd09029e6a28989169fc181279f7b6595cc57fa8c2be63e24cb6d15deceb63adcec50b4b2749","ssdeep":"","tlshash":"3321c88799f753509a88e45ab839ffdd8ed1724d9004d73c99eaa50d2c788102be465c","first_seen":"2025-11-24T05:06:28.103178Z","last_seen":"2026-03-21T12:20:50.145986Z","times_seen":87,"resource_available":false,"data":null}},"time_used":1417,"timings":{"blocked":687,"dns":428,"connect":19,"send":0,"wait":19,"receive":0,"ssl":250},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/cimb.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /cimb.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"0d084b23dc239d6200bc2aa5467b1e61\"\r\nContent-Type: image/webp\r\nAge: 705778\r\nContent-Length: 3334\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 4978045800935431633\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3334,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0d084b23dc239d6200bc2aa5467b1e61","sha1":"5fe5a44231e4fbbbca15b6720f716a9d80890b6a","sha256":"11e57738d0ccd7aeae205991ab55a831247176b4b3c32f052154ad19e27f6da9","sha512":"1bc9ca938ddffbd41f31e23d0a10fdf5a2b5c4f7b1050f018e370d52b0fa3c4e111d9a9d8a15affcf38672f05b6454ced9d822fced5b976f5b8bddc607af3c10","ssdeep":"","tlshash":"27611905d22b5e9ceb90923728a04b64b6b42c349ed6676da24a60f38171601b384f54","first_seen":"2025-11-24T05:06:28.065564Z","last_seen":"2026-03-21T12:20:50.137402Z","times_seen":89,"resource_available":false,"data":null}},"time_used":717,"timings":{"blocked":698,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/permata.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /permata.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"fe365f932db522c4cb39463485d7b375\"\r\nContent-Type: image/webp\r\nAge: 16516\r\nContent-Length: 3696\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 8810292787788551052\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3696,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fe365f932db522c4cb39463485d7b375","sha1":"54b3d144204ebd0bb0133745a29baee5ba11d9b1","sha256":"38effacbbb361c62550afbc25b090d66a7d1def4aec8393b62760e664d5ed585","sha512":"f5ab4a12e74076d1560d3f3bea41d2ae712a70883a6ba784e544319170ad2d74dfa2677ecc87e0d80ef1738201f2e93685a3bd93b167f2e79fa2042030f7b341","ssdeep":"","tlshash":"60712c00d7a5c808e1d5093afdd14704fba2da95db5387e1c82b777b12b2308a7db315","first_seen":"2025-11-24T05:06:28.098318Z","last_seen":"2026-03-21T12:20:50.149992Z","times_seen":89,"resource_available":false,"data":null}},"time_used":717,"timings":{"blocked":698,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"baubauindex.edgeone.dev/footer.webp","fqdn":"baubauindex.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /footer.webp HTTP/1.1\r\nHost: baubauindex.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Dec 2025 05:16:07 GMT\r\nEtag: \"8834a8fbbd13a887e31349bef87ad063\"\r\nContent-Type: image/webp\r\nAge: 705777\r\nContent-Length: 1333998\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:19 GMT\r\nEO-LOG-UUID: 11463054853405141439\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1333998,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"617afa0e7487f69693062346aa4e693f","sha1":"324faa58d97ed7c822d184132e788b2ba2005589","sha256":"855c8b11b948dc1eb069c68ed475373b86f4c70b4c37b40c0fb7f0b5a222cdf4","sha512":"b0826f8a473a8fd6fe6f6cb5eaf12f07d81f988448158a12c2e4b9c8e5b65b3e55a6420e56d8eb2076f2a6e40b67b3384bf43b9f685ce43830ccec4ecca2d97a","ssdeep":"24576:4NYIMhlGTBsNVSwDzjsH+MelhYbQ8DnGOCQzY42y:yYIMOtsjBU0hYbnGOCQ8ly","tlshash":"64253303f6025d49d86ab2f63f8cca46c75b1e4f26de08e2b5157bd8f07a500bf91299","first_seen":"2025-09-01T16:54:13.229763Z","last_seen":"2026-03-21T12:20:50.138464Z","times_seen":88,"resource_available":false,"data":null}},"time_used":991,"timings":{"blocked":723,"dns":0,"connect":0,"send":0,"wait":19,"receive":249,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"baubauindex.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"betwin178.site/banner2.png","fqdn":"betwin178.site","domain":"betwin178.site","tld":"site"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"betwin178.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 04 Jan 2026 05:26:28 GMT","end":"Sat, 04 Apr 2026 06:24:13 GMT"},"fingerprint":{"sha1":"A1:94:9B:37:C4:B5:CA:F1:B2:41:7E:C6:54:DC:A6:C4:5E:80:23:B3","sha256":"40:4D:88:4E:36:63:60:F8:60:44:10:CC:86:B8:81:F1:33:7C:E8:92:76:3D:AC:08:92:8A:E4:A4:7A:E1:B4:7C"}}},"request":{"raw":"GET /banner2.png HTTP/1.1\r\nHost: betwin178.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://betwin178.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 04 Jan 2026 09:19:19 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 04 Jan 2026 08:24:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"695a23c9-afc76\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yuLDlNCmcoqajZSY1kp8sdzFcLpccmQ2fh6LVzgs2XPA2EdmL8yUmSB%2Fq0lb5Xg%2F9zn8s51LEQg1O6fKre8CdByrCd9Pr5JgkadtyJcT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b89a74ed9718deb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":719990,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 736 x 736, 8-bit/color RGB, non-interlaced","md5":"d5e88c620e8f334a5e010b008f9af198","sha1":"ba8975ac5c429efe05e7fc2f68c8ed6cc89974e2","sha256":"e3ab330fe20f46b14bd6cad98541de987b435871d9552cc71cc95b63114e26b5","sha512":"cda4db28225eeb2614b80a8f791d2ebc2fb6c56dd71ae3664d703f7d7f202d2658945718fb2e1c6c4dccf6cdf22caf564be4600edefbd2e85b056d4dbb8bffab","ssdeep":"12288:55l7OOpZymwC3DtpSPpsdCxQJybCb0gR7rFoeS9kL/efR3sakMcqM:nFOOpcmr3caC2JLhnoeSeL/efliV","tlshash":"4ae423522ff327e368661f1a15e3604ebc163553d9f55032259e13ea29cbdaf72a70c0","first_seen":"2026-01-04T09:19:48.678386Z","last_seen":"2026-01-04T09:19:48.678386Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1621,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":565,"receive":1056,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"selerarumahan.edgeone.dev/favicon.png","fqdn":"selerarumahan.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.247.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:20.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: selerarumahan.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 03 Dec 2025 08:49:20 GMT\r\nEtag: \"5cd99dd5efdce055e975b480e436465c\"\r\nContent-Type: image/png\r\nAge: 2746796\r\nContent-Length: 108787\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:20 GMT\r\nEO-LOG-UUID: 12265786361379767924\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":108787,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 241, 8-bit/color RGBA, non-interlaced","md5":"5cd99dd5efdce055e975b480e436465c","sha1":"42ab2da3e356aeab46a15a1e3768724bef7b3429","sha256":"ec945759c9581caaaa9abfd3448c588ef4a51e123f48f4955463d260faa6c9fc","sha512":"221c0cd462d23c8b360fa25886e739a2f96e5faa194bc1a2b359e82a0e096fce2f9edb8761fe74b078be09ceb68445dcb3b1ea75649922cc695127f83e649ce9","ssdeep":"3072:FstuvRyBTHIpaaRLoQI8qmbb37IkeFfsQeTL:Oo4BTopFoQnqyLcstTL","tlshash":"c0b31273d9b50118952a8eb213d9e4fc72e3d2f88369469e0f221d6c32dfe1c4b457a6","first_seen":"2025-06-08T12:59:17.189844Z","last_seen":"2026-01-18T12:46:20.619832Z","times_seen":11,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":19,"send":0,"wait":20,"receive":29,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"selerarumahan.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"betwin178.site/","fqdn":"betwin178.site","domain":"betwin178.site","tld":"site"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T09:19:17.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"betwin178.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 04 Jan 2026 05:26:28 GMT","end":"Sat, 04 Apr 2026 06:24:13 GMT"},"fingerprint":{"sha1":"A1:94:9B:37:C4:B5:CA:F1:B2:41:7E:C6:54:DC:A6:C4:5E:80:23:B3","sha256":"40:4D:88:4E:36:63:60:F8:60:44:10:CC:86:B8:81:F1:33:7C:E8:92:76:3D:AC:08:92:8A:E4:A4:7A:E1:B4:7C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: betwin178.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 04 Jan 2026 09:19:18 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sun, 04 Jan 2026 08:28:32 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-permitted-cross-domain-policies: master-only\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WLlGB%2B%2B6MbqlMEIe8iFx1df0D7Ypi8256djIQpuWSvA1%2Bipg58Nh8s1WJvj3aG%2BxsNU6813gN3Dc115HBGcWn06ZT8T0yWo%2FUDgGgw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b89a7494b1b5689-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]}],"data":{"size":82637,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"38fb6343240381635afa83afbffa3966","sha1":"e521b5b194b31309b2b4154bcac87bad5765e8a3","sha256":"71127a1eeb24305a298caf50e0ebb4fcc782c68d6444922770cfd1e90470afbc","sha512":"9f721fefaf7ef2e10f9df6edd33210a80d07efefce249d9c6ba47c335d470abdbeaedb45a39f3ed1e623706a462b42e1414b957e5a1296d325ab67b890b1aad2","ssdeep":"768:BeR31L2QWJ5C4gV1rV4UkkfY8go0MoQEML0QV1le7MIR0qWlpVJ1RFR1JAhNAAlF:oRl9wfA/D29Bgf+ia3","tlshash":"da83522b8663250e6803e57c37e82a423379e113d65afdb57ede9640cf49680ccd27da","first_seen":"2026-01-04T09:19:48.681845Z","last_seen":"2026-01-04T09:19:48.681845Z","times_seen":1,"resource_available":false,"data":null}},"time_used":790,"timings":{"blocked":60,"dns":39,"connect":1,"send":0,"wait":670,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-carousel-0.2.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:50:23 GMT","end":"Wed, 25 Feb 2026 15:50:22 GMT"},"fingerprint":{"sha1":"8C:22:B0:36:FF:44:17:0C:D7:23:B5:FF:95:73:C9:21:89:15:5B:A8","sha256":"89:0D:D4:C7:A7:53:0B:46:DA:82:A1:15:39:BB:C8:3D:D7:5E:B7:2D:B4:21:52:28:84:00:82:ED:48:91:43:A1"}}},"request":{"raw":"GET /v0/amp-carousel-0.2.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 9610\r\ndate: Sun, 04 Jan 2026 09:19:19 GMT\r\nexpires: Sun, 04 Jan 2026 09:19:19 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"b706ce8dc3dcb0b7\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34086,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (33969)","md5":"4ea7abb549e2c19a2c32e68327000ce6","sha1":"8bd23eaad4f73679769ce7c99442e1921dc5a078","sha256":"ab5300a79449b51ebf247cf379402924b46328baf6c01d2238899648ff46c953","sha512":"2eeee59954da428d513d4ae1469b6e145f87f5deb71804a55cf132de5d1793de3b2a36e8d75e043ebf807117696fd4d80371476fa72d46181af36e29a6a107f4","ssdeep":"384:vaOOJPxlfgGYc3+Wy2CAp0hXuWHQs+ik1rdkfwf7L4GOkon9pYnzQquyhSzhl7am:SZPxRgTWylApuQRRfPq3CsquyhSH7NT7","tlshash":"6fe2965ab24270b54a57f170402f050ea13bb455548a4c2cb0aaeee69d7ce8db17bf7c","first_seen":"2025-10-22T15:17:27.469772Z","last_seen":"2026-01-06T04:59:31.961306Z","times_seen":102,"resource_available":true,"data":null}},"time_used":449,"timings":{"blocked":197,"dns":76,"connect":21,"send":0,"wait":35,"receive":3,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:50:23 GMT","end":"Wed, 25 Feb 2026 15:50:22 GMT"},"fingerprint":{"sha1":"8C:22:B0:36:FF:44:17:0C:D7:23:B5:FF:95:73:C9:21:89:15:5B:A8","sha256":"89:0D:D4:C7:A7:53:0B:46:DA:82:A1:15:39:BB:C8:3D:D7:5E:B7:2D:B4:21:52:28:84:00:82:ED:48:91:43:A1"}}},"request":{"raw":"GET /v0.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 73132\r\ndate: Sun, 04 Jan 2026 09:19:19 GMT\r\nexpires: Sun, 04 Jan 2026 09:19:19 GMT\r\ncache-control: private, max-age=3000, stale-while-revalidate=1206600\r\netag: \"b52f38ef99ad402e\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":284545,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64627)","md5":"8059fb84783c3f43b7b5b66a3883bcb6","sha1":"335cfb79c7c772225bc9a0a0d17d5d435e30a247","sha256":"977e140b62a9228c0815a6ce26e63df7def2817315581cb3e29c52a9d5959754","sha512":"2a0c05b24ac683756cc15e857c5445e62aa1f00134e8fa0f0c966510b1ec778a4570ab2c09dd2791a8a769f36c64a304fc816228fb54367af99657f3c49bb385","ssdeep":"3072:j4UQbNOu6mF8g8aLymSt85Li48lnQYxQEnswf2l3sVsmgQ:j4UQbNOu6mFTLs8f8lnQebsw+l3sVsg","tlshash":"db54839db296b0764793b074803f150aa33ba855240a812cf56de9d67cbcd8ea137f7c","first_seen":"2025-10-21T18:06:54.94219Z","last_seen":"2026-01-06T14:38:02.926695Z","times_seen":1886,"resource_available":true,"data":null}},"time_used":1016,"timings":{"blocked":460,"dns":78,"connect":8,"send":0,"wait":34,"receive":39,"ssl":394},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"selerarumahan.edgeone.dev/logo.png","fqdn":"selerarumahan.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://betwin178.site/","date":"2026-01-04T09:19:18.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: selerarumahan.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 03 Dec 2025 08:49:20 GMT\r\nEtag: \"0a2af24e203690baadb96e795b9665e6\"\r\nContent-Type: image/png\r\nAge: 2746799\r\nContent-Length: 274166\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Sun, 04 Jan 2026 09:19:20 GMT\r\nEO-LOG-UUID: 2231104621558378491\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":274166,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 300, 8-bit/color RGBA, non-interlaced","md5":"0a2af24e203690baadb96e795b9665e6","sha1":"e3cc30de869bc0bba6588766975e2ed4ee64d2c0","sha256":"8d27fba3c4423f564a879ab7a4c3617f89f5bee9c4cd36a9c56400501b843b81","sha512":"b218fcd1beeb1ed50b245c1cc5d9ed7918d3c8d6c9f25237f9b863f7efa41bad7758025b736469b036cb6d00742532dd1d08508716b59095e85bd7f41abd1800","ssdeep":"6144:8wVRuQ8GIgMAs2FL58RlPUgecOhW6cqPDb5hL4e:8auQ8GXrFL58zPUgWhRPB","tlshash":"fb44128b618e1c37ce4ea140bcf05d1e91a618b983d350d8ef141ef99e66e8d1e4c76b","first_seen":"2025-08-06T11:46:48.184546Z","last_seen":"2026-01-18T12:46:20.611351Z","times_seen":8,"resource_available":false,"data":null}},"time_used":2645,"timings":{"blocked":1281,"dns":429,"connect":17,"send":0,"wait":19,"receive":43,"ssl":854},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"selerarumahan.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}