{"report_id":"e1244243-df9c-47fd-a0d7-5de7af26fbaf","version":0,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-06-09T12:35:02Z","url":{"schema":"http","addr":"hostmyclaudehtml.com/p/QU_im40Uxk","fqdn":"hostmyclaudehtml.com","domain":"hostmyclaudehtml.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"hostmyclaudehtml.com/p/QU_im40Uxk","fqdn":"hostmyclaudehtml.com","domain":"hostmyclaudehtml.com","tld":"com"},"title":"Bell email","dom":{"size":14998,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (313)","md5":"5543feb2e516548371bbc3f90efcf35c","sha1":"6095dcbc7b1808c89ce22ea38dc1de2be148c828","sha256":"b51b9f8d05200d1fd9f0e00cc2294fc6523d34390812d07f1185a3526434d7d8","sha512":"582a962d5b2f0e8ae4ec0295d836444978b28fbf11c3e5be5bdf2a07a7515e5ccb6fd49a14dc0fa36b104699e0c0a4347729a01dfda4e2fd004a55be0e5d951e","ssdeep":"192:z5mgX3zsWUmwKCXc2Rujr4lAmsGGeSO/61fFxDO9feU90Q7qNM+Sfw+Me0Yp5aJd:NATAQJniclxw3UYyu","tlshash":"a262b56b25b708267d03d07c77eaa79566358003c909cd387a9c1318cfde999a8b3bdc","dom_hash":"domhashed3531e98a1604e03bced91ef4cd4b76","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hostmyclaudehtml.com/p/QU_im40Uxk","fqdn":"hostmyclaudehtml.com","domain":"hostmyclaudehtml.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-14T12:35:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-09","alert":"Detects file containing Telegram Bot API","trigger":"hostmyclaudehtml.com/p/QU_im40Uxk","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"hostmyclaudehtml.com","ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-09T12:35:02.793218Z","last_seen":"2026-06-09T12:35:02.793218Z","alert_count":2,"request_count":2,"received_data":19833,"sent_data":1261,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"webmail.bell.net","ip":{"addr":"209.71.212.18","port":443,"asn":577,"as":"BACOM","country":"Canada","country_code":"CA"},"domain_registered":"1997-05-20","domain_rank":291632,"first_seen":"2014-10-10T12:58:12Z","last_seen":"2026-05-23T21:37:09.740788Z","alert_count":0,"request_count":2,"received_data":19853,"sent_data":1111,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"hostmyclaudehtml.com/p/QU_im40Uxk","fqdn":"hostmyclaudehtml.com","domain":"hostmyclaudehtml.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"md5":"19287289007cc58ac95878b00724d7a6","sha1":"0d233bb42e0512e44a15a07971fdb447db9cbb49","sha256":"cc44190896e3b4ec8748cb94ad9360f1eb066dc90d67c1114d3a40c06663dc40","sha512":"60ce9234a9490f227f425bd43c442765f502609f7766c827a6456c1d0c8d9525372fce4f2cc621c7cfb701ee593a10f8dacb8e29ed1f6b3241337491f8b048a8","size":2986,"token":"8792343576:AAG5-EWC8Oo4xwldUAmnKgFcz_9nmAZXRIc","is_revoked":false,"bot":{"token":"8792343576:AAG5-EWC8Oo4xwldUAmnKgFcz_9nmAZXRIc","user_id":"8792343576","username":"SlyerezultBot","first_name":"SlyeRezult","last_name":"","chat":{"chat_id":"8063700140","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"hostmyclaudehtml.com/p/QU_im40Uxk","fqdn":"hostmyclaudehtml.com","domain":"hostmyclaudehtml.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"19287289007cc58ac95878b00724d7a6","sha1":"0d233bb42e0512e44a15a07971fdb447db9cbb49","sha256":"cc44190896e3b4ec8748cb94ad9360f1eb066dc90d67c1114d3a40c06663dc40","sha512":"60ce9234a9490f227f425bd43c442765f502609f7766c827a6456c1d0c8d9525372fce4f2cc621c7cfb701ee593a10f8dacb8e29ed1f6b3241337491f8b048a8","ssdeep":"","tlshash":"b05115ab39ab08b12e6bf13d479fa244313580031c41de143d2cd1569fe4e68697abdd","size":2986,"data":"","first_seen":"2026-06-09T12:35:07.229236Z","last_seen":"2026-06-09T12:35:07.229236Z","times_seen":1,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-09","alert":"Detects file containing Telegram Bot API","trigger":"hostmyclaudehtml.com/p/QU_im40Uxk","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"hostmyclaudehtml.com/p/QU_im40Uxk","fqdn":"hostmyclaudehtml.com","domain":"hostmyclaudehtml.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-09T12:34:30.630Z","timestamp":1781008470630,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hostmyclaudehtml.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Jun 2026 13:52:25 GMT","end":"Wed, 02 Sep 2026 13:52:24 GMT"},"fingerprint":{"sha1":"41:9D:33:05:88:4D:1C:48:D3:CD:29:8F:AA:97:8E:5F:CE:49:BF:DC","sha256":"F6:DF:2B:D0:35:9B:69:63:A6:B7:FA:D6:41:09:B6:CE:C4:4B:99:AF:EF:00:C4:17:7C:74:D7:2B:89:84:A9:4C"}}},"request":{"raw":"GET /p/QU_im40Uxk HTTP/1.1\r\nHost: hostmyclaudehtml.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-origin: *\r\ncache-control: private\r\ncontent-length: 15190\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 09 Jun 2026 12:34:30 GMT\r\netag: W/\"3b56-TYkK23boKRPwaQCWHM4pioFzsLw\"\r\nexpires: Tue, 09 Jun 2026 12:34:30 GMT\r\nserver: Google Frontend\r\nset-cookie: GAESA=CpgBMDAwN2I3MzRkOWNlNzBlMmI1Y2YxMjYzZWQ5NGVhZDQ2OGU3ODBjYTgxMzc4ZWNjNGVjNWU3ZThiOTU3ZjZkM2YzOTlmMzcxNTI0NDkxNjM3NTBjZGNjNjdiNGQ0NThkZjU4YjcyOGU0MGE5NDgxMzdkNGIyYzI2MzliMzhkZjNmZWQzODZjNmJiMjc2M2QxMGMyMDM2YzgQh6eC4-oz; expires=Thu, 09-Jul-2026 12:34:30 GMT; path=/\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: d12c2c4c3c86a43a863980778815fa4c;o=1\r\nx-powered-by: Express\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":15190,"size_decoded":15970,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (307)","md5":"cf7bb105ad022310d418c63e6004adf9","sha1":"48a4e273d9846021ec7f59a457b27c2be58e7171","sha256":"a1cc76768dc4222e608df5b1bc5f66ab78c6b5f4bf55a127e5f6f5b6ce774e45","sha512":"ada24970ff10892ee0be82137e3cff5543938114d854832dab75b5e92bd240bf040592c76292fbd4bb28e80bf2acb778a1d752b9fc0b4581f0a11b62350dd9f8","ssdeep":"192:n5mgX3XsWUmwKCXc2Rujr4lAmsGGeSO/61fFxDO9feU90Q7qNM+Sfw+Me0Yp5aJB:p0TAQMdqcqxw3UYyG","tlshash":"8062b56b15b708657903d07c77eaa79166359003ca09ce387a9c1358cfde998a8b3bdc","first_seen":"2026-06-09T12:35:07.221036Z","last_seen":"2026-06-09T12:35:07.221036Z","times_seen":1,"resource_available":true,"data":null}},"time_used":373,"timings":{"blocked":-1,"dns":42,"connect":15,"send":0,"wait":266,"receive":7,"ssl":42},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-09","alert":"Detects file containing Telegram Bot API","trigger":"hostmyclaudehtml.com/p/QU_im40Uxk","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"webmail.bell.net/bell/logo/Bell.gif","fqdn":"webmail.bell.net","domain":"bell.net","tld":"net"},"ip":{"addr":"209.71.212.18","port":443,"asn":577,"as":"BACOM","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hostmyclaudehtml.com/p/QU_im40Uxk","date":"2026-06-09T12:34:31.508Z","timestamp":1781008471508,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bell.net","organization":""},"issuer":{"commonName":"Entrust OV TLS Issuing RSA CA 1","organization":"SSL Corporation"},"validity":{"start":"Thu, 12 Jun 2025 19:22:39 GMT","end":"Sun, 12 Jul 2026 04:00:00 GMT"},"fingerprint":{"sha1":"72:97:3C:15:F4:71:8D:3E:D3:97:FB:6A:D1:80:F3:4C:24:58:B4:FB","sha256":"F3:84:20:CB:98:9D:52:4E:CF:9B:63:DC:BB:58:9F:3B:81:A8:96:56:CE:BE:18:7A:F4:65:4C:25:56:D0:93:65"}}},"request":{"raw":"GET /bell/logo/Bell.gif HTTP/1.1\r\nHost: webmail.bell.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://hostmyclaudehtml.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Frame-Options: SAMEORIGIN\r\nStrict-Transport-Security: max-age=16070400; includeSubDomains\r\nX-Dns-Prefetch-Control: off\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nAccept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA\r\nAccept-Ranges: bytes\r\nETag: W/\"5057-1768010528000\"\r\nLast-Modified: Sat, 10 Jan 2026 02:02:08 GMT\r\nContent-Type: image/gif\r\nContent-Length: 5057\r\nDate: Tue, 09 Jun 2026 12:34:32 GMT\r\nKeep-Alive: timeout=20\r\nConnection: keep-alive\r\nSet-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!Fz69ODf65xlwrBNRyCdZDwxLwIDISPccQ/b/Iog8g97fE3ydsnGnyRiAi17G8xVXP8+lLN2n63DZOkBgBztW98Xd6mUmVLJz2rzOuo6eslCb+w==; expires=Tue, 16-Jun-2026 12:34:32 GMT; path=/; Httponly; Secure\r\nCache-Control: no-store\r\nX-Permitted-Cross-Domain-Policies: none\r\nReferrer-Policy: strict-origin\r\nContent-Security-Policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'; img-src * 'self' data: https:\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5057,"size_decoded":6058,"mime_type":"image/gif","magic":"GIF image data, version 89a, 792 x 612","md5":"8f88f8975b7251196f7882a0c14fce1f","sha1":"aa4133fba4cf9edbfe1af3b1092dcc42fb680427","sha256":"7ff67e8218608a0426a8799d1e80cc7ac3885587136982a3b83459f7c760294f","sha512":"48e75048836eb5655c4106b44428d3881ae513388cbb1e83f8b8993eb30f4f9b35e995af2e0b7db910b40ef280e51b76f1dbf2c0b766cd316bbcaa0ea98fcfd6","ssdeep":"96:I0EWq3sShIIrj6xImdCdUopL7gkT2Uj7HmgJToMVervhFviTNHa10+fP7Te:Hw3sqeHCdvJh9KMVervhETN6G8Pu","tlshash":"bea18e86931efc0da9a45c61287594ae34176bf53e77bc361ccaa29d302e01789b3175","first_seen":"2024-12-12T23:54:49.544148Z","last_seen":"2026-06-09T12:35:07.222366Z","times_seen":13,"resource_available":false,"data":null}},"time_used":922,"timings":{"blocked":-1,"dns":109,"connect":100,"send":0,"wait":102,"receive":0,"ssl":611},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webmail.bell.net/bell/logo/Bell_Blue.gif","fqdn":"webmail.bell.net","domain":"bell.net","tld":"net"},"ip":{"addr":"209.71.212.18","port":443,"asn":577,"as":"BACOM","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hostmyclaudehtml.com/p/QU_im40Uxk","date":"2026-06-09T12:34:31.512Z","timestamp":1781008471512,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bell.net","organization":""},"issuer":{"commonName":"Entrust OV TLS Issuing RSA CA 1","organization":"SSL Corporation"},"validity":{"start":"Thu, 12 Jun 2025 19:22:39 GMT","end":"Sun, 12 Jul 2026 04:00:00 GMT"},"fingerprint":{"sha1":"72:97:3C:15:F4:71:8D:3E:D3:97:FB:6A:D1:80:F3:4C:24:58:B4:FB","sha256":"F3:84:20:CB:98:9D:52:4E:CF:9B:63:DC:BB:58:9F:3B:81:A8:96:56:CE:BE:18:7A:F4:65:4C:25:56:D0:93:65"}}},"request":{"raw":"GET /bell/logo/Bell_Blue.gif HTTP/1.1\r\nHost: webmail.bell.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://hostmyclaudehtml.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Frame-Options: SAMEORIGIN\r\nStrict-Transport-Security: max-age=16070400; includeSubDomains\r\nX-Dns-Prefetch-Control: off\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nAccept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA\r\nAccept-Ranges: bytes\r\nETag: W/\"12792-1768010528000\"\r\nLast-Modified: Sat, 10 Jan 2026 02:02:08 GMT\r\nContent-Type: image/gif\r\nContent-Length: 12792\r\nDate: Tue, 09 Jun 2026 12:34:31 GMT\r\nKeep-Alive: timeout=20\r\nConnection: keep-alive\r\nSet-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!KqJzpmqo60EQi+NRyCdZDwxLwIDISHx/96D7894aQxFNOtJW8ZP80bIv4kTDxT/K4i+ob9BxVWPET3gw6k/H4PjdUVb9yPB6wmebJs/pXqSeyA==; expires=Tue, 16-Jun-2026 12:34:31 GMT; path=/; Httponly; Secure\r\nCache-Control: no-store\r\nX-Permitted-Cross-Domain-Policies: none\r\nReferrer-Policy: strict-origin\r\nContent-Security-Policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'; img-src * 'self' data: https:\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12792,"size_decoded":13795,"mime_type":"image/gif","magic":"GIF image data, version 89a, 792 x 612","md5":"bc396cfa745467a8ef3c226078411045","sha1":"289563f8669584aee0f193231e605d370b31abaa","sha256":"f6f61876256be2e882e57d457ca3812e531548e00c454e83994ae93ae40170e4","sha512":"bbac0ffd1c301dd1117e5cb3464c1ddcd0a2582686e4da2a7da87f3a78a84a21461987f736e7bdaaf23fb67b97c598d03d54f56d63c5a86fc82b4243a7c26d36","ssdeep":"192:t4onnCzqEsC5TFLZ84N8bVBEh80/RWEYI/LFf3hAVyxLjOn6kNNc:NCJ5ZrCB6lOI/pxI6On6kNm","tlshash":"1542cef5b976b012fc4e0d0d28d341846cc640ed6eaf86ab55527ba10f00eb0aac9ed8","first_seen":"2025-11-07T14:39:25.203099Z","last_seen":"2026-06-09T12:35:07.224173Z","times_seen":8,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":104,"connect":98,"send":0,"wait":101,"receive":0,"ssl":206},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hostmyclaudehtml.com/favicon.ico","fqdn":"hostmyclaudehtml.com","domain":"hostmyclaudehtml.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hostmyclaudehtml.com/p/QU_im40Uxk","date":"2026-06-09T12:34:31.736Z","timestamp":1781008471736,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hostmyclaudehtml.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Jun 2026 13:52:25 GMT","end":"Wed, 02 Sep 2026 13:52:24 GMT"},"fingerprint":{"sha1":"41:9D:33:05:88:4D:1C:48:D3:CD:29:8F:AA:97:8E:5F:CE:49:BF:DC","sha256":"F6:DF:2B:D0:35:9B:69:63:A6:B7:FA:D6:41:09:B6:CE:C4:4B:99:AF:EF:00:C4:17:7C:74:D7:2B:89:84:A9:4C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hostmyclaudehtml.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://hostmyclaudehtml.com/p/QU_im40Uxk\r\nCookie: GAESA=CpgBMDAwN2I3MzRkOWNlNzBlMmI1Y2YxMjYzZWQ5NGVhZDQ2OGU3ODBjYTgxMzc4ZWNjNGVjNWU3ZThiOTU3ZjZkM2YzOTlmMzcxNTI0NDkxNjM3NTBjZGNjNjdiNGQ0NThkZjU4YjcyOGU0MGE5NDgxMzdkNGIyYzI2MzliMzhkZjNmZWQzODZjNmJiMjc2M2QxMGMyMDM2YzgQh6eC4-oz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-length: 3461\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 09 Jun 2026 12:34:31 GMT\r\nlast-modified: Fri, 05 Jun 2026 06:58:25 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: ac37e66191064d4e7fbd63d6b0b52c8e\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":3461,"size_decoded":3863,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"a6d5df242884aad6a9b671fa254ed3ea","sha1":"01cfcd17ffa96cc5724b246c9d8dde1945220024","sha256":"48d86b5d6dcc1c269081c35e42fb88508a3a3a47fdf7f5c0b5eabdb378526332","sha512":"0e7e1a49fcc530cc3cf3d9d7c315dfa7b13bc4da46b9ef63757f6828d192c667842786d71e885b3c04ef00b06b0bfb4cf095de295232d17416d7a6fd0065dde9","ssdeep":"","tlshash":"c8611f939ea8c90c1650c17125e2b04cbd1b858b47486ce47aac10cd0fda7de86f73f5","first_seen":"2026-06-09T12:35:07.225592Z","last_seen":"2026-06-09T12:36:58.145175Z","times_seen":2,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}