{"report_id":"34c94470-0e94-4123-80d0-4a00e7331451","version":6,"status":"done","tags":[],"date":"2025-01-20T18:42:24Z","url":{"schema":"http","addr":"brttt182.ooguy.com/","fqdn":"brttt182.ooguy.com","domain":"brttt182.ooguy.com","tld":"ooguy.com"},"ip":{"addr":"79.241.151.178","port":0,"asn":3320,"as":"Deutsche Telekom AG","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"http","addr":"brttt182.ooguy.com/","fqdn":"brttt182.ooguy.com","domain":"brttt182.ooguy.com","tld":"ooguy.com"},"title":"CodePen - 404 page"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-03-31T18:42:24Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-01-15T01:35:32.072438Z","alert_count":0,"request_count":1,"received_data":1058,"sent_data":428,"comment":"","tags":null,"fingerprints":null},{"fqdn":"brttt182.ooguy.com","ip":{"addr":"79.241.151.178","port":80,"asn":3320,"as":"Deutsche Telekom AG","country":"Germany","country_code":"DE"},"domain_registered":"2016-02-21","domain_rank":0,"first_seen":"2025-01-20T18:42:24.333949Z","last_seen":"2025-01-20T18:42:24.333949Z","alert_count":2,"request_count":2,"received_data":2104,"sent_data":736,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":235,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-01-15T01:51:31.637272Z","alert_count":0,"request_count":1,"received_data":17163,"sent_data":466,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-01-15T01:38:19.518894Z","alert_count":0,"request_count":1,"received_data":18133,"sent_data":516,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.dribbble.com","ip":{"addr":"143.204.55.105","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-03-19","domain_rank":45168,"first_seen":"2017-04-03T12:44:06Z","last_seen":"2025-01-15T13:07:41.204396Z","alert_count":0,"request_count":1,"received_data":1374468,"sent_data":461,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2025-01-20T18:41:59Z","timestamp":1737398519,"ip_dst":{"addr":"79.241.151.178","port":80,"asn":3320,"as":"Deutsche Telekom AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.21","port":52174,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.ooguy .com Domain","source":"{\"timestamp\":\"2025-01-20T18:41:59.496811+0000\",\"flow_id\":1282771858726073,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.21\",\"src_port\":52174,\"dest_ip\":\"79.241.151.178\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045998,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.ooguy .com Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2023_06_01\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_06_11\"]}},\"http\":{\"hostname\":\"brttt182.ooguy.com\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":818},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":663,\"bytes_toclient\":1272,\"start\":\"2025-01-20T18:41:59.433337+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2025-01-20T18:41:59Z","timestamp":1737398519,"ip_dst":{"addr":"79.241.151.178","port":80,"asn":3320,"as":"Deutsche Telekom AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.21","port":52174,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.ooguy .com Domain","source":"{\"timestamp\":\"2025-01-20T18:41:59.927388+0000\",\"flow_id\":1282771858726073,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.21\",\"src_port\":52174,\"dest_ip\":\"79.241.151.178\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045998,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.ooguy .com Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2023_06_01\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_06_11\"]}},\"http\":{\"hostname\":\"brttt182.ooguy.com\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://brttt182.ooguy.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":818},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":4,\"bytes_toserver\":1144,\"bytes_toclient\":2404,\"start\":\"2025-01-20T18:41:59.433337+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"brttt182.ooguy.com/","fqdn":"brttt182.ooguy.com","domain":"brttt182.ooguy.com","tld":"ooguy.com"},"ip":{"addr":"79.241.151.178","port":80,"asn":3320,"as":"Deutsche Telekom AG","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-20T18:41:59.433Z","timestamp":1737398519433,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: brttt182.ooguy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Mon, 20 Jan 2025 18:41:59 GMT\r\nContent-Type: text/html\r\nLast-Modified: Tue, 02 Apr 2024 22:42:31 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"660c89d7-635\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":808,"size_decoded":1589,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"dbf3f8195283dc84e33ba7cbe4bcb838","sha1":"1b255f2d0f8626b6f0933372db62749f0bf6615e","sha256":"8c389c4faa354ce0d8375ce72fb56063903c01610e21a751cc1db87a46da1f7a","sha512":"05d7f1facd78ce4600767b2ff09725407690b46205a01fd1cdbce2270bb8f0748b92d6aa1da9aa77e1221141215ebbeca5aa7b45ca4e9dd09e785d4c3fae61c7","ssdeep":"","tlshash":"3b313f16b688162b22230a9ba6713b89eb97cc06e6138659f5f62173afc1b5b8487041","first_seen":"2025-01-20T18:42:25.947963Z","last_seen":"2026-03-26T17:07:26.751582Z","times_seen":3,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":32,"dns":1,"connect":32,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-01-20T18:41:59Z","timestamp":1737398519,"ip_dst":{"addr":"79.241.151.178","port":80,"asn":3320,"as":"Deutsche Telekom AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.21","port":52174,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.ooguy .com Domain","source":"{\"timestamp\":\"2025-01-20T18:41:59.496811+0000\",\"flow_id\":1282771858726073,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.21\",\"src_port\":52174,\"dest_ip\":\"79.241.151.178\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045998,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.ooguy .com Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2023_06_01\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_06_11\"]}},\"http\":{\"hostname\":\"brttt182.ooguy.com\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":818},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":663,\"bytes_toclient\":1272,\"start\":\"2025-01-20T18:41:59.433337+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://brttt182.ooguy.com/","date":"2025-01-20T18:41:59.674Z","timestamp":1737398519674,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Nov 2024 07:25:18 GMT","end":"Mon, 24 Feb 2025 07:25:17 GMT"},"fingerprint":{"sha1":"64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02","sha256":"E2:FD:99:E5:FF:2E:79:8A:23:2B:44:C0:93:30:22:99:44:F9:88:0A:8C:26:58:B1:13:F4:D5:05:08:36:E0:2F"}}},"request":{"raw":"GET /ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://brttt182.ooguy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Jan 2025 18:41:59 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 16149\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb04010-1d970\"\r\nlast-modified: Mon, 04 May 2020 16:17:20 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 358949\r\nexpires: Sat, 10 Jan 2026 18:41:59 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=8J2erX%2FDGJoEWSN5%2F6P1cAdGiZDchYPzCFCWoZFdQkoh8nU77Cn4wU52x%2BWA%2FkyHof%2Bc6bCVPLCec%2FdnVoQYdZbdGtnBBZ18%2Fj5GqBMnrTMRYFuH5cujefW%2Fuv1uuypvbgGG3%2Biv\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 905133ac1ede56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16149,"size_decoded":121200,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65371)","md5":"ec3bb52a00e176a7181d454dffaea219","sha1":"6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68","sha256":"f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c","sha512":"e8c5daf01eae68ed7c1e277a6e544c7ad108a0fa877fb531d6d9f2210769b7da88e4e002c7b0be3b72154ebf7cbf01a795c8342ce2dad368bd6351e956195f8b","ssdeep":"768:Vy3Gxw/Vc/QWlJxtQOIuiHlq5mzI4X8OAduFKbv2ctg2Bd8JP7ecQVvH1FS:nw/a1fIuiHlq5mN8lDbNmPbh","tlshash":"2cc3c7a0f21031ea7333c55a75d0ed872219a153e56a4fb7f22f25d88f845ca1673f1a","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-04-05T11:54:25.90909Z","times_seen":56344,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":23,"dns":0,"connect":1,"send":0,"wait":11,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"brttt182.ooguy.com/favicon.ico","fqdn":"brttt182.ooguy.com","domain":"brttt182.ooguy.com","tld":"ooguy.com"},"ip":{"addr":"79.241.151.178","port":80,"asn":3320,"as":"Deutsche Telekom AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://brttt182.ooguy.com/","date":"2025-01-20T18:41:59.897Z","timestamp":1737398519897,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: brttt182.ooguy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://brttt182.ooguy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Mon, 20 Jan 2025 18:41:59 GMT\r\nContent-Type: text/html\r\nLast-Modified: Tue, 02 Apr 2024 22:42:31 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"660c89d7-635\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":808,"size_decoded":1589,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"dbf3f8195283dc84e33ba7cbe4bcb838","sha1":"1b255f2d0f8626b6f0933372db62749f0bf6615e","sha256":"8c389c4faa354ce0d8375ce72fb56063903c01610e21a751cc1db87a46da1f7a","sha512":"05d7f1facd78ce4600767b2ff09725407690b46205a01fd1cdbce2270bb8f0748b92d6aa1da9aa77e1221141215ebbeca5aa7b45ca4e9dd09e785d4c3fae61c7","ssdeep":"","tlshash":"3b313f16b688162b22230a9ba6713b89eb97cc06e6138659f5f62173afc1b5b8487041","first_seen":"2025-01-20T18:42:25.947963Z","last_seen":"2026-03-26T17:07:26.751582Z","times_seen":3,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-01-20T18:41:59Z","timestamp":1737398519,"ip_dst":{"addr":"79.241.151.178","port":80,"asn":3320,"as":"Deutsche Telekom AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.21","port":52174,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.ooguy .com Domain","source":"{\"timestamp\":\"2025-01-20T18:41:59.927388+0000\",\"flow_id\":1282771858726073,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.21\",\"src_port\":52174,\"dest_ip\":\"79.241.151.178\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045998,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.ooguy .com Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2023_06_01\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_06_11\"]}},\"http\":{\"hostname\":\"brttt182.ooguy.com\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://brttt182.ooguy.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":818},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":4,\"bytes_toserver\":1144,\"bytes_toclient\":2404,\"start\":\"2025-01-20T18:41:59.433337+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/arvo/v22/tDbD2oWUg0MKqScQ7Q.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://brttt182.ooguy.com/","date":"2025-01-20T18:41:59.904Z","timestamp":1737398519904,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Dec 2024 08:37:20 GMT","end":"Mon, 03 Mar 2025 08:37:19 GMT"},"fingerprint":{"sha1":"0A:7E:C7:68:03:0C:7D:D9:EA:D1:64:B5:09:F0:73:23:7E:07:0A:F2","sha256":"AC:04:9D:DD:39:52:BA:31:8E:A3:C7:1B:03:53:5D:B4:B0:43:D5:68:D9:70:93:D9:E7:C1:64:4E:8A:D3:72:2B"}}},"request":{"raw":"GET /s/arvo/v22/tDbD2oWUg0MKqScQ7Q.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://brttt182.ooguy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 17300\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 17 Jan 2025 19:07:41 GMT\r\nexpires: Sat, 17 Jan 2026 19:07:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 257658\r\nlast-modified: Thu, 24 Aug 2023 17:32:27 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17300,"size_decoded":17300,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 17300, version 1.0","md5":"2bb7eeed159db804f2e7a9ca64871661","sha1":"d4aa569d336599b0c8a61ddbc2f5151627d0dbe1","sha256":"6a444f75e21c8b900953619df3cbc2ecf9e2227416e07d774709adf722bcb415","sha512":"d445151dd54a363c3555649c32a9bd37c7ab1b58b797ace3616920a56d486255a80a9265942a934b1a3b4173717caea3360edd8dd5a1d362ab0becb2d77ae3ed","ssdeep":"384:62O9VZ6uLb8SwSbLIDHwheiuErBFxhBmuJWQ6yaei1A4JkvQeqhHJoUUPRfow2:e3ZnELQsQuEphnJd6ybIAUm6UPRH2","tlshash":"eb72d0dd20208c2a542a6abb6795a967e3bd5dce082165759c055e33d1ccc6a827f720","first_seen":"2023-04-30T22:25:54Z","last_seen":"2026-04-03T23:28:55.624325Z","times_seen":460,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":54,"dns":1,"connect":7,"send":0,"wait":8,"receive":2,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dribbble.com/users/285475/screenshots/2083086/dribbble_1.gif","fqdn":"cdn.dribbble.com","domain":"dribbble.com","tld":"com"},"ip":{"addr":"143.204.55.105","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://brttt182.ooguy.com/","date":"2025-01-20T18:41:59.901Z","timestamp":1737398519901,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dribbble.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 27 Nov 2024 00:00:00 GMT","end":"Fri, 26 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"ED:5F:90:E1:D7:72:E4:25:25:0D:F0:62:E0:FA:B4:9B:E1:E1:87:56","sha256":"8E:09:06:A6:8F:6B:2D:A4:BD:4F:6B:BB:47:6D:FB:3D:C0:AA:1E:8D:4C:07:E0:0F:5D:DF:23:D5:84:65:9D:1D"}}},"request":{"raw":"GET /users/285475/screenshots/2083086/dribbble_1.gif HTTP/1.1\r\nHost: cdn.dribbble.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://brttt182.ooguy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 1373645\r\ndate: Thu, 09 Jan 2025 16:16:52 GMT\r\nlast-modified: Thu, 28 May 2015 15:21:39 GMT\r\netag: \"e430101033efff9a294eaafecbac846a\"\r\nx-amz-storage-class: STANDARD_IA\r\ncache-control: max-age=315576000\r\nexpires: Wed, 28 May 2025 14:00:13 GMT\r\nx-amz-version-id: P9hxB7tyd4Ch839iBBxh8yD4BWnTGn8Y\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: xRUOzqxePd5RDu04C3PIj7Wjjts-15dJ1pfF1dOQ79QL4SiVCt0RjQ==\r\nage: 959107\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1373645,"size_decoded":1373645,"mime_type":"image/gif","magic":"GIF image data, version 89a, 800 x 600","md5":"e430101033efff9a294eaafecbac846a","sha1":"17ad0e01122a05ef90f9b7d9791cd5772d352708","sha256":"354f63f88b57aceea4536df0c0cff0c3592aa46fe887ff910751fefc12f3e76c","sha512":"3a61a47ce9e1a97d754e0465bca3049c31804ff157c821db0850e4824a0d692097d91ab779924b126b43c2ff0cba9594502e53bb58097acdd0436ac1204d88af","ssdeep":"24576:c7U/O0ckNi61iXdRtxBI+Ma2b7Aw9QuXaJPs2qvEJ3iVnQ74Ix4/TW6kBa:c7Mq6adRtxCVbb7FxX6kT9VINW7W/I","tlshash":"fd55237f82790238753740fc6aae0ea458bfccba5bd0033b5e3b61da915052c952dcb6","first_seen":"2023-05-05T05:36:48Z","last_seen":"2025-07-24T16:20:52.442352Z","times_seen":369,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":84,"dns":71,"connect":1,"send":0,"wait":5,"receive":104,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Arvo","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://brttt182.ooguy.com/","date":"2025-01-20T18:41:59.677Z","timestamp":1737398519677,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Dec 2024 08:37:20 GMT","end":"Mon, 03 Mar 2025 08:37:19 GMT"},"fingerprint":{"sha1":"40:E7:4C:FA:6D:23:B6:A9:19:0C:67:77:3A:43:22:D0:A4:CE:49:24","sha256":"06:52:12:65:60:CA:7F:5D:E6:72:0C:26:3B:A8:C5:A9:51:68:4D:2C:E4:2D:0C:4E:F7:63:D2:99:8C:AE:D8:06"}}},"request":{"raw":"GET /css?family=Arvo HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://brttt182.ooguy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 20 Jan 2025 18:41:59 GMT\r\ndate: Mon, 20 Jan 2025 18:41:59 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":372,"size_decoded":372,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (380), with no line terminators","md5":"6589a63899eac63a2ceb4fec8f3077c7","sha1":"e717b39783e2d366acbe61c9855e148bc7931ab0","sha256":"ca498c70f134b9d468404171e52824ef11c883bbe36336dc1570e1a57bfaee21","sha512":"fa4456f117162899d842172dbc3f2e82ddb2f878cf0eeff5dac860514f41ba0e2998ffa845df78501eedda2e99e7133bf91a64e788f7ac6835a2d2223dd884d3","ssdeep":"","tlshash":"45e06841081b7644e2930ec123da3131ef0ef140646066319bfa14d9bc82c665392b2c","first_seen":"2024-10-17T17:37:28.250241Z","last_seen":"2025-03-31T17:14:44.926052Z","times_seen":10,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":146,"dns":8,"connect":10,"send":0,"wait":19,"receive":0,"ssl":126},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}