{"report_id":"feb887d3-ca4f-4a2b-8416-ffd9234e7dc0","version":6,"status":"done","tags":[],"date":"2026-04-03T08:37:24Z","url":{"schema":"https","addr":"win138cu4n.sbs/","fqdn":"win138cu4n.sbs","domain":"win138cu4n.sbs","tld":"sbs"},"ip":{"addr":"104.21.46.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"win138cu4n.sbs/","fqdn":"win138cu4n.sbs","domain":"win138cu4n.sbs","tld":"sbs"},"title":"WIN138CU4N | Pilihan Utama Provider Game Slot Online Unggulan Dengan Pola Akurat Hari Ini","dom":{"size":58103,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (40550)","md5":"6b323dde07a385c2db4b0152045f7b7b","sha1":"2989f43c7ef29406b8afaa776f3009f4c03e4c43","sha256":"d465151858be8db2623d0666cd1a88b82e81705d4b39b538fa17345386c45873","sha512":"c3d5e243b53e6bbf3814a5c66612c5c962a83af4d0be02c9469c6245aaa5249a0d577beef963d5cc79777bbee220ec8f46da21a2c4fc9b6d5caa43ef48e450fd","ssdeep":"768:TWpZJCdaMK64GWdMupzyq84tCLrvddzU7VqzDlGc:Ttap64G7yyq84tCLr1wEDlGc","tlshash":"2643a4719541112de013d71789e1afae3538d903d223086ea7272be5cf92bffa372a15","dom_hash":"domhashe1c3fab456930541d45677d95d606387","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"win138cu4n.sbs/","fqdn":"win138cu4n.sbs","domain":"win138cu4n.sbs","tld":"sbs"},"ip":{"addr":"104.21.46.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-08T08:37:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"miyanice.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"miyanice.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"miyanice.edgeone.dev","ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2025-06-09","domain_rank":0,"first_seen":"2026-01-12T07:56:07.655705Z","last_seen":"2026-03-30T05:01:37.599189Z","alert_count":6,"request_count":3,"received_data":50028,"sent_data":1215,"comment":"","tags":null,"fingerprints":null},{"fqdn":"win138cu4n.sbs","ip":{"addr":"172.67.222.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-31","domain_rank":0,"first_seen":"2026-04-03T08:37:24.608736Z","last_seen":"2026-04-03T08:37:24.608736Z","alert_count":0,"request_count":2,"received_data":657872,"sent_data":917,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"cdn.ampproject.org","ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2015-08-31","domain_rank":3289,"first_seen":"2015-10-09T04:27:01Z","last_seen":"2026-03-30T09:48:23.713174Z","alert_count":0,"request_count":2,"received_data":295629,"sent_data":825,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c54252d732bff78217cfbeff950b3476","sha1":"960deb0b579fba259aa9865d3b1deadff0538bff","sha256":"852bb88969e8e21c5f7403b97cdb69b072a54f60214690cee9f1dad4db2d6740","sha512":"e75fc0cc5405ac64ddce8e210062fda91bf50d668d8cbef548f54b22b311082da8d3830d9092375ab69a6d8def15d9889f195f03269ecc9f570ba7afbf77f7e2","ssdeep":"6144:ixUXfTWCOu6qiieuIbno1uzRePNS+7HYo:yqftp/0RENS+74o","tlshash":"e754949db286b0724793b075803f150aa33ba859244a812cf56de9d67cbcd89b137f7c","size":284617,"data":"","first_seen":"2026-03-17T22:15:38.805176Z","last_seen":"2026-04-22T19:06:27.401296Z","times_seen":1786,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012603032146000/v0/amp-auto-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dfd43df9e3425f6077d3bd69d5928cfd","sha1":"d5b1138d94904e2ab07092a86614976e1c2f543c","sha256":"94922d1f912dea5b7dd68a1a62d746f58d44a0c8305607aca116d6f08ba46708","sha512":"1f42867fd9dce4ae9a17c2a13be535196920068b4ca5b52b256baa92c48150b0f725a5f977ac59bafe6187e06e25aa2ff2787c37e23485bb943cd05fd126b6f5","ssdeep":"96:jKoAosPGpV3yMDc0jGAM+G0mj1hVXxSZ4tqSKN0OV0TjLRkiGj0ldmq43bDjHI:jKqswV3yv0jGAFCPX/tqKyWp4M0rDTI","tlshash":"d7f196dc7ac2b83a5757b4b780af414fa63ba94624ad9120d120f0d83cb995ed633e5c","size":7798,"data":"","first_seen":"2026-03-17T22:15:38.806244Z","last_seen":"2026-04-22T19:06:27.404584Z","times_seen":1718,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"miyanice.edgeone.dev/logo.png","fqdn":"miyanice.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win138cu4n.sbs/","date":"2026-04-03T08:37:03.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: miyanice.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 18 Feb 2026 12:27:10 GMT\r\nEtag: \"2140d1f86ca8a676445124c531688839\"\r\nContent-Type: image/png\r\nCache-Control: public, must-revalidate, max-age=0\r\nAge: 3787688\r\nContent-Length: 41413\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nDate: Fri, 03 Apr 2026 08:37:03 GMT\r\nEO-LOG-UUID: 455262501231095038\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":41413,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 540 x 135, 8-bit/color RGBA, non-interlaced","md5":"2140d1f86ca8a676445124c531688839","sha1":"1c39b89fa6e4830d9a07a849fc419b4002039a4f","sha256":"4fd2e1745c31c976d2903c726ecdc77a672ba789032af7c4b8939cfada73caec","sha512":"3d031dbce978e449f0c80d5f4bd126e8c2f33ccef2987fd9d098b155da5aa348f94fca9d7c271fa0a10b14f8cdeef3335fc63ee42dfd5dd59738af7bbde571d0","ssdeep":"768:x+tpq485BLys/GdarduUZFjHawrQClbeVaNXlyv8SYyFURcL:xqy5xlsUqwrRlbewNclYH4","tlshash":"2303f1d2fc40adf8ec9eb53975e62cc49dd7481a610d231eefa20ab70c705458daaa43","first_seen":"2026-02-20T10:07:49.805662Z","last_seen":"2026-04-05T19:17:08.423636Z","times_seen":32,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":278,"dns":1,"connect":18,"send":0,"wait":20,"receive":2,"ssl":258},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"miyanice.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"miyanice.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"win138cu4n.sbs/banner.jpg","fqdn":"win138cu4n.sbs","domain":"win138cu4n.sbs","tld":"sbs"},"ip":{"addr":"172.67.222.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win138cu4n.sbs/","date":"2026-04-03T08:37:03.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win138cu4n.sbs","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 05:17:36 GMT","end":"Mon, 29 Jun 2026 05:17:35 GMT"},"fingerprint":{"sha1":"33:54:5B:27:85:68:DF:89:21:68:AE:83:5B:32:7D:BE:4B:C5:93:94","sha256":"80:71:1D:BC:2B:B2:6C:27:A5:6B:88:44:B5:DB:B8:CA:A5:76:6C:58:A8:74:B9:EC:79:E9:7A:DA:98:C9:F1:43"}}},"request":{"raw":"GET /banner.jpg HTTP/1.1\r\nHost: win138cu4n.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://win138cu4n.sbs/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 03 Apr 2026 08:37:04 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 01 Apr 2026 03:49:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69cc95e0-94ed1\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kcxfuvsFpAV1pvBbAIEuO9sMn6cENcqWAz23qj2FSEvbDAJXp%2FsR0jGrmO58ZCzcz5LoiupHfRl89yZIq%2FAc%2BZqtpbwwjy3HpnTawMj7bZTP9HrjecJLuM3JPwkc4omquQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e66bfc9cf21568b-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":610001,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1080x1080, components 3","md5":"3c88571def4cda0844ba630adcb21279","sha1":"9c984d197234d6c029988278dee91a2a7c4fcf25","sha256":"f382094641b5a9cd2abfcecfe8c02c95657c599017f84b0ee7304fced50e24c2","sha512":"aa4eecd62c9000daa381e24a798c11b9bdae666c065929efa0fb45c2875e267fc0f21fb592fe5ba3e0b9763482cadf153c8c7da7ab49b6d9a1a8ffdc75504d70","ssdeep":"12288:ZRzG0GEHjzUob5kgBD6eWblpA27AupInsoBTbmzDhpS:jaUzHVH969bxBpjoJQhc","tlshash":"bbd422e0fac501eb185d0b30a4d7751eb0639b392448d98c3bec5d766beeea17d840e9","first_seen":"2026-04-03T08:37:29.909766Z","last_seen":"2026-04-03T08:37:29.909766Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1657,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":604,"receive":1053,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"win138cu4n.sbs/","fqdn":"win138cu4n.sbs","domain":"win138cu4n.sbs","tld":"sbs"},"ip":{"addr":"172.67.222.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-03T08:37:02.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win138cu4n.sbs","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 05:17:36 GMT","end":"Mon, 29 Jun 2026 05:17:35 GMT"},"fingerprint":{"sha1":"33:54:5B:27:85:68:DF:89:21:68:AE:83:5B:32:7D:BE:4B:C5:93:94","sha256":"80:71:1D:BC:2B:B2:6C:27:A5:6B:88:44:B5:DB:B8:CA:A5:76:6C:58:A8:74:B9:EC:79:E9:7A:DA:98:C9:F1:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: win138cu4n.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 03 Apr 2026 08:37:02 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 01 Apr 2026 03:49:51 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-permitted-cross-domain-policies: master-only\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=99Po58RhLKprLZaWactun33uLQoRoOEHkItmu6zZFR9G25Xe0PWuELE1k950m5y2ls6SovwA7ywLff38ZG2ORDXHt8mnJZHuoPShion%2BQOsXVZpmDY1EyCRC0Jeh4lrVHQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9e66bfc21add4e4c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]}],"data":{"size":46305,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (40544), with CRLF line terminators","md5":"044d87d3c3fa891970523df1e5992713","sha1":"fea0e4c03b3eab168702c13b5af1536d7cca86fb","sha256":"28d3bd9f3780958d2939ca921e4cb3d35ec6496182e1079aaccbaaa399415c25","sha512":"53d1d34499eed74782b3287643f02ab52095ed23e575590b3ff9d16fb027108b2f36a3af99833c1500547eea4b2eea94bfaa98433d00a23bb43f2a91d9f0f518","ssdeep":"768:T9rCsaMK64GWdMupzyq84tCLrvddzU7VQCn:hap64G7yyq84tCLr1wQCn","tlshash":"9223a4b045021229f053d727d9e1ae9d71789d03e123486eb37b26d69fd26fe83b3a14","first_seen":"2026-04-03T08:37:29.912941Z","last_seen":"2026-04-03T08:37:29.912941Z","times_seen":1,"resource_available":true,"data":null}},"time_used":721,"timings":{"blocked":66,"dns":51,"connect":1,"send":0,"wait":584,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://win138cu4n.sbs/","date":"2026-04-03T08:37:03.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:36:44 GMT","end":"Mon, 01 Jun 2026 08:36:43 GMT"},"fingerprint":{"sha1":"67:A7:60:5D:C5:C4:DB:ED:0D:A1:70:F2:6C:0F:18:61:29:4A:D2:49","sha256":"8E:A9:A8:B3:90:65:71:66:2C:CD:33:92:74:7F:99:EC:5F:57:13:49:15:9F:6E:54:59:ED:22:72:3A:41:00:F0"}}},"request":{"raw":"GET /v0.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 73113\r\ndate: Fri, 03 Apr 2026 08:37:03 GMT\r\nexpires: Fri, 03 Apr 2026 08:37:03 GMT\r\ncache-control: private, max-age=3000, stale-while-revalidate=1206600\r\netag: \"5b239dc189f888b8\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":284617,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64627)","md5":"c54252d732bff78217cfbeff950b3476","sha1":"960deb0b579fba259aa9865d3b1deadff0538bff","sha256":"852bb88969e8e21c5f7403b97cdb69b072a54f60214690cee9f1dad4db2d6740","sha512":"e75fc0cc5405ac64ddce8e210062fda91bf50d668d8cbef548f54b22b311082da8d3830d9092375ab69a6d8def15d9889f195f03269ecc9f570ba7afbf77f7e2","ssdeep":"6144:ixUXfTWCOu6qiieuIbno1uzRePNS+7HYo:yqftp/0RENS+74o","tlshash":"e754949db286b0724793b075803f150aa33ba859244a812cf56de9d67cbcd89b137f7c","first_seen":"2026-03-17T22:15:38.805176Z","last_seen":"2026-04-22T19:06:27.401296Z","times_seen":1786,"resource_available":true,"data":null}},"time_used":343,"timings":{"blocked":136,"dns":1,"connect":21,"send":0,"wait":31,"receive":38,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"miyanice.edgeone.dev/favicon.png","fqdn":"miyanice.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win138cu4n.sbs/","date":"2026-04-03T08:37:03.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: miyanice.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 18 Feb 2026 12:27:10 GMT\r\nEtag: \"24d7ddb5c7aa53b8c7ee52120a734171\"\r\nContent-Type: image/png\r\nCache-Control: public, must-revalidate, max-age=0\r\nAge: 412671\r\nContent-Length: 3728\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nDate: Fri, 03 Apr 2026 08:37:03 GMT\r\nEO-LOG-UUID: 11753541785592796869\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3728,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"24d7ddb5c7aa53b8c7ee52120a734171","sha1":"645ae0a128802031ff0240848be6b777fb66d162","sha256":"97613356e02585ed3ce2c878ffc75556a97e6e33d6c96bc7bfddba267dd9dd0e","sha512":"5d15f1a456c4beb0874e6ccdc97407cf85ad3ddca909e58381f2d295fce13863f34b0a06101eea4bf2f4fb2cdf34be70cf39cdacf52ad6dc704e2d76ac45e16d","ssdeep":"","tlshash":"d9713b1ffd512e613399716374f1892b24221e8216e8521de49ec9290db61e758382df","first_seen":"2026-01-20T06:40:19.396642Z","last_seen":"2026-04-13T22:21:37.117234Z","times_seen":50,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":-1,"dns":102,"connect":19,"send":0,"wait":19,"receive":0,"ssl":323},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"miyanice.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"miyanice.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"miyanice.edgeone.dev/favicon.png","fqdn":"miyanice.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win138cu4n.sbs/","date":"2026-04-03T08:37:03.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: miyanice.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 18 Feb 2026 12:27:10 GMT\r\nEtag: \"24d7ddb5c7aa53b8c7ee52120a734171\"\r\nContent-Type: image/png\r\nCache-Control: public, must-revalidate, max-age=0\r\nAge: 412671\r\nContent-Length: 3728\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nDate: Fri, 03 Apr 2026 08:37:03 GMT\r\nEO-LOG-UUID: 609923972076840284\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3728,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"24d7ddb5c7aa53b8c7ee52120a734171","sha1":"645ae0a128802031ff0240848be6b777fb66d162","sha256":"97613356e02585ed3ce2c878ffc75556a97e6e33d6c96bc7bfddba267dd9dd0e","sha512":"5d15f1a456c4beb0874e6ccdc97407cf85ad3ddca909e58381f2d295fce13863f34b0a06101eea4bf2f4fb2cdf34be70cf39cdacf52ad6dc704e2d76ac45e16d","ssdeep":"","tlshash":"d9713b1ffd512e613399716374f1892b24221e8216e8521de49ec9290db61e758382df","first_seen":"2026-01-20T06:40:19.396642Z","last_seen":"2026-04-13T22:21:37.117234Z","times_seen":50,"resource_available":false,"data":null}},"time_used":460,"timings":{"blocked":-1,"dns":101,"connect":17,"send":0,"wait":19,"receive":1,"ssl":322},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"miyanice.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"miyanice.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012603032146000/v0/amp-auto-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://win138cu4n.sbs/","date":"2026-04-03T08:37:03.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:36:44 GMT","end":"Mon, 01 Jun 2026 08:36:43 GMT"},"fingerprint":{"sha1":"67:A7:60:5D:C5:C4:DB:ED:0D:A1:70:F2:6C:0F:18:61:29:4A:D2:49","sha256":"8E:A9:A8:B3:90:65:71:66:2C:CD:33:92:74:7F:99:EC:5F:57:13:49:15:9F:6E:54:59:ED:22:72:3A:41:00:F0"}}},"request":{"raw":"GET /rtv/012603032146000/v0/amp-auto-lightbox-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://win138cu4n.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 2972\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Apr 2026 11:21:57 GMT\r\nexpires: Fri, 02 Apr 2027 11:21:57 GMT\r\ncache-control: public, max-age=31536000\r\netag: \"74a8e6f749d364bb\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 76506\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7798,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7676)","md5":"dfd43df9e3425f6077d3bd69d5928cfd","sha1":"d5b1138d94904e2ab07092a86614976e1c2f543c","sha256":"94922d1f912dea5b7dd68a1a62d746f58d44a0c8305607aca116d6f08ba46708","sha512":"1f42867fd9dce4ae9a17c2a13be535196920068b4ca5b52b256baa92c48150b0f725a5f977ac59bafe6187e06e25aa2ff2787c37e23485bb943cd05fd126b6f5","ssdeep":"96:jKoAosPGpV3yMDc0jGAM+G0mj1hVXxSZ4tqSKN0OV0TjLRkiGj0ldmq43bDjHI:jKqswV3yv0jGAFCPX/tqKyWp4M0rDTI","tlshash":"d7f196dc7ac2b83a5757b4b780af414fa63ba94624ad9120d120f0d83cb995ed633e5c","first_seen":"2026-03-17T22:15:38.806244Z","last_seen":"2026-04-22T19:06:27.404584Z","times_seen":1718,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":32,"dns":1,"connect":8,"send":0,"wait":9,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}