{"report_id":"b7b682f9-d6ea-46c0-b458-90b1c9150c6c","version":0,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-06-27T12:16:15Z","url":{"schema":"http","addr":"amzonin.com","fqdn":"amzonin.com","domain":"amzonin.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":0,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"amzonin.com/","fqdn":"amzonin.com","domain":"amzonin.com","tld":"com"},"title":"Amazon.com - Account Security Verification","dom":{"size":40885,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (367)","md5":"fb8b71a2b8e4c330af2bdc1ecadb491c","sha1":"385ce6a8f27a8d56ac198a985c467ad93ae4d6d2","sha256":"8b968c0a0ec4d2109d2289fcd0d195893947b35cdff30c8ea34f429579bc4cef","sha512":"48ddcb7c0ae63e9e3febae7372b2ea614d9531d9263f7cb8a2f98a383166ea1260e3d93ccad3bf062e999126581d1a1c5629c111fcb4ab799a91aaaf3a135faf","ssdeep":"384:ZwKPF/FjhFqDJVFrrmn6GVVl8VHBXohdslKw20wKLKMKvSOF7YrQSFsFga6W2qy:Z3F/FjhFq7xrEVVl8ddPPqSrBaB2b","tlshash":"9203850169f2886150db1ce963729a2769b883039506c598fe6cc7f58f6ed7cdb73348","dom_hash":"domhashe948fb2c44414514bca69476f5de4028","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"amzonin.com","fqdn":"amzonin.com","domain":"amzonin.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":0,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-01T12:16:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-27","alert":"Detects file containing Telegram Bot API","trigger":"amzonin.com/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"amzonin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"amzonin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"amzonin.com","ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2026-06-26","domain_rank":0,"first_seen":"2026-06-27T06:42:12.751101Z","last_seen":"2026-06-27T06:42:12.751101Z","alert_count":6,"request_count":2,"received_data":43315,"sent_data":978,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-21T22:22:12.048317Z","alert_count":0,"request_count":1,"received_data":2328,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.iconscout.com","ip":{"addr":"172.64.147.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-06-01","domain_rank":1011342,"first_seen":"2017-01-06T17:08:07Z","last_seen":"2026-06-27T01:53:04.344169Z","alert_count":0,"request_count":1,"received_data":10660,"sent_data":558,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"upload.wikimedia.org","ip":{"addr":"185.15.59.240","port":443,"asn":14907,"as":"WIKIMEDIA","country":"United States","country_code":"US"},"domain_registered":"2003-03-16","domain_rank":4329,"first_seen":"2012-05-21T09:39:45Z","last_seen":"2026-06-22T13:57:16.541036Z","alert_count":0,"request_count":1,"received_data":14827,"sent_data":569,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache Traffic Server:9.2.13","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"amzonin.com/","fqdn":"amzonin.com","domain":"amzonin.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"md5":"5d31fcac02de9600fd056493e6b025b3","sha1":"9a56fce8daf036a871c49c9fb735acb41dd07043","sha256":"a4e904bf2df6a3f0f439ab29c5e5976a62645ca3863a2449db53859e543feaec","sha512":"cf5a3ec3751f9e43cc0d5f39d34da4e4599139b790fff7d5f57a34a68ceed57199a1e782d57026e6a6acec4af054612e4bd43a6293bd499b2438cbc74d5d81cf","size":7481,"token":"8417689417:AAG7rfqhGRODR4OKjTz3ShofMcIUegMStNY","is_revoked":false,"bot":{"token":"8417689417:AAG7rfqhGRODR4OKjTz3ShofMcIUegMStNY","user_id":"8417689417","username":"amz_customer_robot","first_name":"AMZ Customer Service","last_name":"","chat":{"chat_id":"-1003887079846","title":"AMZ Customer Service","type":"channel","bot_is":"administrator","total_users":4,"active_members":null,"admins":[{"user_id":8417689417,"username":"amz_customer_robot","first_name":"AMZ Customer Service","last_name":"","is_bot":true},{"user_id":704813628,"username":"spark88","first_name":"Spark","last_name":"","is_bot":false}]},"pending_messages":0}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"amzonin.com/","fqdn":"amzonin.com","domain":"amzonin.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"4d66dde54ac15cc446b08d4981641f2c","sha1":"4d9a17a77f561b80061a31728523efedb8fa81ff","sha256":"c434e515d3b68bee2530c4348192e4ae99e817cbe0ad7f9ddafb06bc1f5d51f2","sha512":"22968de3c520161eaa1f86fb414180f1d5d8a6646ff64223a96a437a9525eb2c1e96ec110e85204def5f743a51e589f6c3f763ec84c5e669f3236eabbf20038d","ssdeep":"","tlshash":"7cf0861b3be31412d063b06a1bbf91d59332456b18c6d904790cc2515fadd2046e6ae4","size":639,"data":"","first_seen":"2026-06-27T06:42:17.306449Z","last_seen":"2026-06-27T12:16:16.418175Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amzonin.com/","fqdn":"amzonin.com","domain":"amzonin.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"5d31fcac02de9600fd056493e6b025b3","sha1":"9a56fce8daf036a871c49c9fb735acb41dd07043","sha256":"a4e904bf2df6a3f0f439ab29c5e5976a62645ca3863a2449db53859e543feaec","sha512":"cf5a3ec3751f9e43cc0d5f39d34da4e4599139b790fff7d5f57a34a68ceed57199a1e782d57026e6a6acec4af054612e4bd43a6293bd499b2438cbc74d5d81cf","ssdeep":"192:tSh6XcXk9pYrgRS/95AD9Fghg0ckW1qLqG5S7Y9Q:tSOF7YrQSFsFga6W2q7","tlshash":"55f1548f35f716b44ee75bb7179ba2023821a4033d46c948ba5c83129f6de94b8773d8","size":7481,"data":"","first_seen":"2026-06-27T06:42:17.308925Z","last_seen":"2026-06-27T12:16:16.418759Z","times_seen":3,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-27","alert":"Detects file containing Telegram Bot API","trigger":"amzonin.com/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"upload.wikimedia.org/wikipedia/commons/thumb/a/a9/Amazon_logo.svg/960px-Amazon_logo.svg.png","fqdn":"upload.wikimedia.org","domain":"wikimedia.org","tld":"org"},"ip":{"addr":"185.15.59.240","port":443,"asn":14907,"as":"WIKIMEDIA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amzonin.com/","date":"2026-06-27T12:15:53.288Z","timestamp":1782562553288,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.wikimedia.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 05:24:58 GMT","end":"Thu, 10 Sep 2026 05:24:57 GMT"},"fingerprint":{"sha1":"5B:35:4A:25:C6:4D:17:23:8B:63:A3:F7:CE:52:1B:B7:22:06:BF:1B","sha256":"FE:D1:85:EF:B6:D0:7E:42:4F:F4:62:C9:8C:A3:BA:2C:88:5E:47:EB:9A:03:3D:30:4B:E3:63:FF:11:AD:F6:0D"}}},"request":{"raw":"GET /wikipedia/commons/thumb/a/a9/Amazon_logo.svg/960px-Amazon_logo.svg.png HTTP/1.1\r\nHost: upload.wikimedia.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sat, 27 Jun 2026 08:03:59 GMT\r\netag: a07a9c879267cf5a7832fc6f20a22ec0\r\nserver: ATS/9.2.13\r\ncontent-type: image/webp\r\ncontent-disposition: inline;filename*=UTF-8''Amazon_logo.svg.webp\r\nlast-modified: Tue, 02 Jun 2026 13:49:19 GMT\r\ncontent-length: 12810\r\nage: 15114\r\naccept-ranges: bytes\r\nx-cache: cp3077 hit, cp3077 hit/104\r\nx-cache-status: hit-front\r\nserver-timing: cache;desc=\"hit-front\", host;desc=\"cp3077\"\r\nstrict-transport-security: max-age=106384710; includeSubDomains; preload\r\nreport-to: { \"group\": \"wm_nel\", \"max_age\": 604800, \"endpoints\": [{ \"url\": \"https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error\u0026schema_uri=/w3c/reportingapi/network_error/1.0.0\" }] }\r\nnel: { \"report_to\": \"wm_nel\", \"max_age\": 604800, \"failure_fraction\": 0.05, \"success_fraction\": 0.0}\r\nx-client-ip: 195.64.118.152\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache\r\ntiming-allow-origin: *\r\ncontent-security-policy-report-only: default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1\u0026source=image\u0026action=cspreport\u0026format=json\u0026\r\nx-content-security-policy-report-only: default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1\u0026source=image\u0026action=cspreport\u0026format=json\u0026\r\nset-cookie: WMF-Uniq=ukzNeTOKu3ocKRky-pK1HgOMAAAAAFvdhg9H2N2Sym5kr_BTXLFTkiT6sFv6l3c0;Domain=upload.wikimedia.org;Path=/;HttpOnly;secure;SameSite=None;Expires=Sun, 27 Jun 2027 00:00:00 GMT\r\nx-request-id: 83f84752-d0bf-4039-9fb0-6e1dd7fac8d9\r\nx-analytics: \r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache Traffic Server:9.2.13","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]}],"data":{"size":12810,"size_decoded":14827,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a07a9c879267cf5a7832fc6f20a22ec0","sha1":"d2ec5a74996887dd32baf8217469edd52f8b5a73","sha256":"c1c4aad0c3d73edb4a38315e1edecca175b35566a90b530e81a992515c9f18f1","sha512":"8ff584fb58cb390fe6ec3251171a684488a447332324532f060a081bbe7c5b40bd6df08ea7eab653d7b4f27f0c7171900e42e23ff716c01eef8a9af6e824ec52","ssdeep":"384:q2GLFNE0FbQZrIEE5+mI1YLtgmh+E/y9AXw49HeW:jGxN/BEE58Mtxh9AKeW","tlshash":"2642c0acf2d87a1d42aacaa188886d7d32f25c10994f770d480c9d377b49517bb87b4a","first_seen":"2026-04-12T22:10:58.29587Z","last_seen":"2026-06-27T12:16:16.41465Z","times_seen":5,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":136,"dns":0,"connect":21,"send":0,"wait":28,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amzonin.com/favicon.ico","fqdn":"amzonin.com","domain":"amzonin.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amzonin.com/","date":"2026-06-27T12:15:53.524Z","timestamp":1782562553524,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amzonin.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 09:09:58 GMT","end":"Thu, 24 Sep 2026 09:09:57 GMT"},"fingerprint":{"sha1":"8D:F7:83:AF:CE:5A:B4:13:BA:05:99:33:76:CC:93:4E:A8:7F:77:69","sha256":"9B:4C:3D:55:2B:84:04:8E:8D:63:00:EB:BB:95:1E:96:97:43:95:31:93:57:5D:8D:0A:94:EB:3C:2E:1A:53:18"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: amzonin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://amzonin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 796\r\ndate: Sat, 27 Jun 2026 20:26:35 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":null,"data":{"size":796,"size_decoded":1129,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"265e51037981a14ed99a5fc8c5ec1b51","sha1":"d12ac588953298fdaf46dd5b4af8eb4cf6b06f0a","sha256":"c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400","sha512":"b18aa610811c5f9bc1dd829ad90a95568e81a41e1fd1472983dc00147f65045fd91fbc498b5263ce4f4c88b041be21f186ed2ce357d3bcf86c0429ca18991151","ssdeep":"","tlshash":"1101f12ac182a80fe0231070fa91e37451594212629b4f647b9ff676f6ce1ab56b22cc","first_seen":"2024-02-05T05:35:22Z","last_seen":"2026-06-30T02:21:24.342165Z","times_seen":50898,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"amzonin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"amzonin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amzonin.com/","fqdn":"amzonin.com","domain":"amzonin.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T12:15:52.676Z","timestamp":1782562552676,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amzonin.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 09:09:58 GMT","end":"Thu, 24 Sep 2026 09:09:57 GMT"},"fingerprint":{"sha1":"8D:F7:83:AF:CE:5A:B4:13:BA:05:99:33:76:CC:93:4E:A8:7F:77:69","sha256":"9B:4C:3D:55:2B:84:04:8E:8D:63:00:EB:BB:95:1E:96:97:43:95:31:93:57:5D:8D:0A:94:EB:3C:2E:1A:53:18"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: amzonin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/html\r\nlast-modified: Sat, 27 Jun 2026 03:59:12 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7259\r\ndate: Sat, 27 Jun 2026 20:26:34 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":41651,"size_decoded":7794,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (367), with CRLF line terminators","md5":"0b840387fc705226d64fc9cf9725f8de","sha1":"f3eece2718273a415edc5c366043aab9ec202514","sha256":"a4b09ba48058f08a773607966d8a6bf6cd1632510e24bdfaf3648de6429e546f","sha512":"16e4029c3221f4c7d233922237652c6d798476de1598dbd5467c13700743e08f3d5c8b0f55600db477e6194267e1d7caf6eb347a5529bd48454ed2fc812328b1","ssdeep":"384:VFWDCj3Z8nny1VQ68GmB9wVoBJ+xRGKw20wKLKMKSSScszKw7bMkgFMyD4fW:+eZdVQ68F0VqVS/nFvEfW","tlshash":"6813230579809811a0fb9ae957728626f979431382064198feadd3f35f7ec38db73788","first_seen":"2026-06-27T06:42:17.293499Z","last_seen":"2026-06-27T12:16:16.416195Z","times_seen":3,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":0,"dns":3,"connect":60,"send":0,"wait":60,"receive":0,"ssl":66},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-27","alert":"Detects file containing Telegram Bot API","trigger":"amzonin.com/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"amzonin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"amzonin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Lato:wght@400;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://amzonin.com/","date":"2026-06-27T12:15:53.279Z","timestamp":1782562553279,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:10 GMT","end":"Mon, 31 Aug 2026 08:38:09 GMT"},"fingerprint":{"sha1":"8A:2F:DC:6F:C0:09:07:D3:E5:9C:B7:EE:C2:C4:63:DC:59:36:B5:1B","sha256":"64:7C:E4:55:AB:5C:58:7E:89:F1:19:3B:95:DB:7B:4B:E6:75:42:2C:0C:51:2E:66:85:F5:BB:51:58:08:39:19"}}},"request":{"raw":"GET /css2?family=Lato:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 27 Jun 2026 12:15:53 GMT\r\ndate: Sat, 27 Jun 2026 12:15:53 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1644,"size_decoded":1099,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"fbea5578099b2a11bc73c082c21f046f","sha1":"38612445ca5462921da82dab5d3eeba5b8e9be48","sha256":"c3e606051dc0106a9e30d26f110dbb1b835f7a7f2042caa0622ff01f13ef7e5e","sha512":"a4b2f66ec6f198bbb8f543c5c30236f5b1cae1b8c31a2cd78f0c4165ea7e6ee18474d62f09ad1263a7caeac3d1fc8c7ec8c0a89219bdb029c2dcdc72fed93fd0","ssdeep":"","tlshash":"5531ae91056ba508db870cc212cd7e32ff1e615064559935aefe14d8bc97c699362b0d","first_seen":"2025-09-17T13:26:47.228197Z","last_seen":"2026-06-30T02:10:22.130448Z","times_seen":5220,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":3,"connect":31,"send":0,"wait":64,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.iconscout.com/icon/free/png-256/free-amazon-icon-svg-download-png-432492.png","fqdn":"cdn.iconscout.com","domain":"iconscout.com","tld":"com"},"ip":{"addr":"172.64.147.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amzonin.com/","date":"2026-06-27T12:15:53.287Z","timestamp":1782562553287,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iconscout.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Jun 2026 02:33:43 GMT","end":"Wed, 23 Sep 2026 03:33:31 GMT"},"fingerprint":{"sha1":"0D:3D:7E:F7:1A:25:AD:24:31:D7:70:06:EC:AA:BD:43:97:C0:7D:A4","sha256":"4C:72:E2:03:8D:2F:BE:8C:CD:3E:85:84:D5:9F:1D:11:DD:0F:C7:E0:43:34:B8:83:3A:96:1E:9B:CE:14:BD:4A"}}},"request":{"raw":"GET /icon/free/png-256/free-amazon-icon-svg-download-png-432492.png HTTP/1.1\r\nHost: cdn.iconscout.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sat, 27 Jun 2026 12:15:53 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9476\r\nset-cookie: __cf_bm=P8HoJlh.9oO9nNkBvA2IgWSCWtcMhaPJE52E_IERR4E-1782562553.3557708-1.0.1.1-jMAbnLx84KqdPYVFptbZ9PMcCZDmHEa4emcaT1T7dt_xQdA01DkR8Lo50H0sBglrl7aZstHl4rBpG4BlcGOPQpRkP6L9po8Y7ciXzRc1Lvm9OQoL1eUt0zAE6ukmKGhE; HttpOnly; SameSite=None; Secure; Path=/; Domain=iconscout.com; Expires=Sat, 27 Jun 2026 12:45:53 GMT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\netag: \"51c145ac86136cf442ad7679bd83769b\"\r\nlast-modified: Wed, 26 Mar 2025 08:15:49 GMT\r\nserver: cloudflare\r\nx-amz-id-2: 0BSGs0MP4oY1p8fNUIuO+oW9BTergGXn6WLUtKlrnPNE7alWV1yFPDNmM1eFQXSNXuShLOC6O8MZbgCPbhOcScAeDtmDf7Wn\r\nx-amz-meta-generator: Iconscout.com\r\nx-amz-request-id: H9YQSYDXC6WQ5EGN\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 0H7WG0LHdNmOSJ7CCGEzkEstQceAgTNq\r\ncf-polished: ok, orig_size=14647\r\ncf-bgj: imgq:100,h2pri\r\npriority: u=4;i=?0,cf-chb=(45;u=5;i=?0)\r\nvary: accept, accept-encoding\r\nage: 241528\r\nexpires: Sun, 27 Jun 2027 12:15:53 GMT\r\ncache-control: public, max-age=31536000\r\ncf-cache-status: HIT\r\ncf-ray: a12461367db1dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":9476,"size_decoded":10660,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ad4f6e0ad286ea74d931bef6b3f68b02","sha1":"245bfd055b4d69f8f8dbd3f552c6849efa647576","sha256":"6aed4c5a2e3ad14b9759fd502b5a9bcd498c217012a6d4ab2827bcb238846f40","sha512":"19e265370c8429fe4e776bc04a48d816ad47d0a4e99babf6a1d79ec81548302d04ab4904d2903e6e77c27f2f98fc6145b52e2ea7b5ca62653f2824f64822bdde","ssdeep":"192:WZgxFvgsdJZYbcDwAgVapKh9UzgLB6ocsl1i2fno+uXG6PoQibhJ/sJ:ZxlvJ2DbV1UsLBBLZfo+uXGzPb2","tlshash":"7c12afd499b6c54209b1fdfcc0109fb29367d1494269eead23de972c8b1912a3c4e63f","first_seen":"2026-06-27T06:42:17.29783Z","last_seen":"2026-06-27T12:16:16.417436Z","times_seen":3,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":64,"dns":0,"connect":2,"send":0,"wait":12,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}