{"report_id":"392d222d-9e3d-4e45-98ad-29ef1dc00539","version":6,"status":"done","tags":[],"date":"2025-11-26T17:20:39Z","url":{"schema":"http","addr":"buzzheavier.com/g572kmijds7r","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.2.146","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"buzzheavier.com/g572kmijds7r","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"title":"NieR-Automata-SteamRIP.com.rar","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"buzzheavier.com/g572kmijds7r","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.2.146","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-31T17:20:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"ukankingwithea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"ukankingwithea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"ukankingwithea.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"dcbbwymp1bhlf.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"d3jzhqnvnvdy34.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"emovementxview.com","ip":{"addr":"3.164.240.68","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-08-08","domain_rank":0,"first_seen":"2025-11-24T14:31:43.728681Z","last_seen":"2025-11-24T14:31:43.728682Z","alert_count":0,"request_count":1,"received_data":4100,"sent_data":1014,"comment":"","tags":null,"fingerprints":[{"name":"Amazon ALB","description":"Amazon Application Load Balancer (ALB) distributes incoming application traffic to increase availability and support content-based routing.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]},{"name":"OpenResty:1.17.8.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"ukankingwithea.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-01-01","domain_rank":32650,"first_seen":"2024-09-05T12:50:03Z","last_seen":"2025-11-24T14:31:44.175228Z","alert_count":3,"request_count":1,"received_data":837,"sent_data":436,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"dcbbwymp1bhlf.cloudfront.net","ip":{"addr":"3.167.7.208","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2024-01-03T03:40:06Z","last_seen":"2025-11-19T22:27:11.177501Z","alert_count":1,"request_count":1,"received_data":191031,"sent_data":431,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2025-11-23T22:15:43.326588Z","alert_count":0,"request_count":1,"received_data":20344,"sent_data":508,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cesosfultrbriol.com","ip":{"addr":"172.67.206.151","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-11","domain_rank":0,"first_seen":"2025-11-23T09:35:45.960537Z","last_seen":"2025-11-23T09:35:45.960537Z","alert_count":0,"request_count":1,"received_data":529,"sent_data":579,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"d3jzhqnvnvdy34.cloudfront.net","ip":{"addr":"3.167.7.55","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2024-01-02T06:30:20Z","last_seen":"2025-11-19T23:26:13.183132Z","alert_count":1,"request_count":1,"received_data":191093,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"accounts.google.com","ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":103,"first_seen":"2012-05-23T06:57:57Z","last_seen":"2025-11-23T22:41:16.042989Z","alert_count":0,"request_count":6,"received_data":13856,"sent_data":3772,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]}]},{"fqdn":"buzzheavier.com","ip":{"addr":"104.18.3.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-01-11","domain_rank":88860,"first_seen":"2024-01-12T13:45:09Z","last_seen":"2025-11-21T17:48:39.856144Z","alert_count":0,"request_count":6,"received_data":535861,"sent_data":2914,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Alpine.js","description":"","website":"https://github.com/alpinejs/alpine","common_platform_enumeration":"","icon":"Alpine.js.png","categories":["JavaScript frameworks"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}]},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":11393,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2025-11-23T22:21:53.253409Z","alert_count":0,"request_count":2,"received_data":100278,"sent_data":974,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"buzzheavier.com/g572kmijds7r","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.3.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5601beb439269a8c41ce52079c7a4328","sha1":"e13353417913b56052ffd1802314acf86abbaeeb","sha256":"467213b6fcd1ae4af26d895776fdeeac9c712fd2432ff9b5795ab5c3d9345997","sha512":"67cfe72e8ed6ae8ee932048a5e856eb06f279377cc6a7241cd246de35ac027426b1c7317fbd21d5ab7857742378182bd2d825209888890c79db8d8cfab650474","ssdeep":"1536:ffAwr2CjuMOAyUdG1uFuyLHIt6+d5Ar/LdZQBLTjcrD5IrWz:fIMjIAyUdGeuyLHIt66edZQBLTjcX5Lz","tlshash":"3953c77ab2d21c91ce90fb64247ff942bcaa741090adfae57c41fa4019b51dd80e7a39","size":65188,"data":"","first_seen":"2025-06-18T21:04:46.340994Z","last_seen":"2026-02-16T02:15:56.165731Z","times_seen":207,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buzzheavier.com/g572kmijds7r","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.3.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1e2d67521034a6770228ca2744f75ebe","sha1":"61df1986a564a732dcfdfedd8422caab924ddb69","sha256":"c2bb564176e030d406ba5a9f8caa3a7e2697faa9d470b3fd822c8a58864c92f8","sha512":"65e5cb16ee8ad1628645944472fdb2bc2b9d21ce040569bb63ebe38815f7679fe63e7509cc27d738f211ea14913ece9c6ca34c2d109e7e8e2af90fb48f5f9c25","ssdeep":"","tlshash":"ace07d4a52280058426804e84d233cf2b25a493fca686cc679ac175c0bad8cbadbc1a3","size":320,"data":"","first_seen":"2025-06-18T21:04:46.342951Z","last_seen":"2026-03-01T14:41:45.530122Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-04T07:35:17.588324Z","times_seen":330130,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buzzheavier.com/xz.js?v=b254bf02b9f0eec2b402ac5b7b619700b9b2309d-dirty","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.3.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4f51977bcc98d269adbcd602851e001","sha1":"c069cb6ca4b3f12bc68f6001fbf49194a0532f24","sha256":"3cbaa688116786be2134162090582674361f5e7e12f7e459cede8a4236e23ad5","sha512":"7bac1b420fc729e69e0dd01a7146bb211876ba6dad3fe8f27d15b36a4448595fed68c56bc47ff4c0c53786d7cfd80ae1951fc7909842b29af6e0dd27ba66bdc4","ssdeep":"6144:2+jNcWsW7sWG8tezhSGmeaQ2F8K9eNleeaJLT0mOj03d5dw+UXjOPKHuUuLXpCy:2gLsWG8IzhSGmeaQ2F8GueeaJLT0mo0f","tlshash":"f58429d67342717286da16e6583b060af3357584340780acf6ac9dcb3c7a98661bbf3d","size":386908,"data":"","first_seen":"2024-12-20T17:52:23.581019Z","last_seen":"2026-03-22T18:36:49.428539Z","times_seen":258,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9c24b8c0b90ddbe66379c2eb5458e2d7","sha1":"55e1ecb91d06532e110b7d5262d941caa3c8f9d1","sha256":"0594e1933828cacea3ac52f9538ab0bf66b987841f45241189a9533af688eee4","sha512":"dca55d18707d8645e9983f3f6d2b933171e15c50eb35a251ab04163dcd0e08c226c7ffc7d1cff7a68c429277e5ee270a10f0087a0c1a5d8d9ea63d61a1351806","ssdeep":"768:1hCnhd620Mg5LUU6OMX0skef2w97+Fsg0D5GHmXuHKQPciAsG91C+8APDGDewY8t:1O62dg5LUU6Ov+2k7rIHPCADt","tlshash":"60231a583296387227d980e5617b63437325753af94ccc50e823d936267cdcad237bba","size":49601,"data":"","first_seen":"2025-11-21T10:20:04.556191Z","last_seen":"2025-12-04T15:38:58.928982Z","times_seen":18890,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"emovementxview.com/cFR4bm0RNhsDUhFpGkgYAjhFS182cUooCRM2GhkUHSRJDAUcMlYNAR8hHAgfHzoMQAMVIF1cKxIGPgYhJDgpACMJARcPFzEsNF0jHDAvKFsUZi4ZCxonQCM+OjgzOh4FBBIvGDwtMRo9JDgfIBQDZRo9PB4fAjdaEyMhKikJHk4iCjEjND8ZCRk7JxsTZioHIzM7HyNeHHFKLCEZFUsLOhwgNBQsHQ4gVwI5ECldJDgZXVwrOxA1WiMaGUs+BCVmGwQoRTARI1ogPj0AJBoCEA8KQWMdAD9JMSBbVT0uPQImGicCJV9FbCItAgM2FhYGFAMQAgseEkspAF1hQDQpPSwyNgUXDS8dJxFmIl4kOGVODTUTNRoAFRsaEVsYFgYuXwxDbR80KkFtHTZZCh0sHQo5DD5cJR44XVwvKgwqAQgeYRQ3OgBjMypdQgQrXgU8Ez4fKShtFg0lKmMZLStFNSlIBwM7Fh5QIhMvB1kKEBAIKA","fqdn":"emovementxview.com","domain":"emovementxview.com","tld":"com"},"ip":{"addr":"3.164.240.68","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9f73422bcc3a1cefebc8d5ef86b60c9a","sha1":"e5e921464f5d00039b5b123be43967f81a0aefd9","sha256":"dc587f7c5b102372fa023ceda0704981e45cbac9959d4540f3d6f20ae6946651","sha512":"631483da32a765bebcbc8612ecfbfaa872f012ec88e73353e49b0a343d40d21a6d0e70387674b07854a458167b31b3825f1958d4c5720d9dc37affc19cc68077","ssdeep":"","tlshash":"bf51fe8d30f360c282b26025413bb59afa285a95934cdb54863d82bcbc715e96357f4c","size":2995,"data":"","first_seen":"2025-11-26T17:20:43.075338Z","last_seen":"2025-11-26T17:20:43.075338Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buzzheavier.com/g572kmijds7r","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.3.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"79e36a1e75dbfce91bf0cf9e1cf672ed","sha1":"5ccb990eb9a052b4b4c3e590db945eeb0a611bac","sha256":"b4ae4021a3f1d833735a916ee9ff1007a1172413440302c2e4dd418401a4f446","sha512":"0014a7c7b8b2c45cbd2bbc68a39e6e9969dcf807d2f2caee56f0575cdbe56b26fd2e02e68a237d352860cf0a0287b8cccd61edeb1473ea244284125e4f71de13","ssdeep":"","tlshash":"29e0bf0da9f2325ca32226364d1b16963d2dd41b9a4d4d14fd4d52506f5072be9c1f84","size":402,"data":"","first_seen":"2025-05-23T14:40:38.92134Z","last_seen":"2026-04-04T01:19:06.22399Z","times_seen":245,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buzzheavier.com/xz.js?v=b254bf02b9f0eec2b402ac5b7b619700b9b2309d-dirty","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.3.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"AsyncFunction","is_inline":false,"md5":"e47352717f427f31b010d7074739317a","sha1":"a1f6d14364908f01517902c1359a59509191e603","sha256":"6919b697a45d06606dbd79d59c92a4655f9070d83651ae476985ed0a3d920c2a","sha512":"49c5e088f08268abaa8c996cb699b16d38fb189c10cb9435cfc1179cd741832673ffc4e94d03a5a70be14184389e42b5fb2ee059d115d26d09753c81289a3ef7","ssdeep":"","tlshash":"18b09bc458c75a00c2133591c035543761391661d17d446d173da354d533156d15cc5d","size":129,"data":"","first_seen":"2024-05-27T04:51:32Z","last_seen":"2026-04-04T08:07:39.532765Z","times_seen":431,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dcbbwymp1bhlf.cloudfront.net/?wbbcd=1191914","fqdn":"dcbbwymp1bhlf.cloudfront.net","domain":"dcbbwymp1bhlf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.208","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7d677a9915d7f294cbeab5f92353891","sha1":"26ea2f35ae596266debb3b8707661403054322d7","sha256":"aa79312b6feffbb1f68fc0e5b918ddafbe62ff1d9659e1032532ac63b4030da4","sha512":"17e48da1ad4e99256ec65872c8093defc3e4d17bf6de627652498d8addefa9dd226c9472f0eb6ac9bca53ab761f288e901acef1b8ac1a3524e68def7ee5b711f","ssdeep":"3072:XBUNP5+Ya/06R42Da7oV6+53UOng7L9vN9c:XuNR+t/06G2D023","tlshash":"cc145dc9be92346d836374b540bf528a723f4a68b8184cd4e496d4d17db8d0a437bfac","size":190570,"data":"","first_seen":"2025-11-26T17:20:43.070709Z","last_seen":"2025-11-26T17:20:43.070709Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026dsh=S1295549417%3A1764177617155610\u0026hl=en\u0026ifkv=ARESoU1j2UZzIB9p2b-b7OGnqzJcaN4zJE_tnfukA6usQFbXYUy_hvx7rvf5SHMfnA9p49MvauKx\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:17.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026dsh=S1295549417%3A1764177617155610\u0026hl=en\u0026ifkv=ARESoU1j2UZzIB9p2b-b7OGnqzJcaN4zJE_tnfukA6usQFbXYUy_hvx7rvf5SHMfnA9p49MvauKx\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://buzzheavier.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Wed, 26 Nov 2025 17:20:17 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\ncontent-security-policy: script-src 'nonce-qOgYTSC0Y5nXOSFC-IAiKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport\r\ncontent-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.gstatic.com/recaptcha/ https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.KEYUHSehrM0.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"emovementxview.com/cFR4bm0RNhsDUhFpGkgYAjhFS182cUooCRM2GhkUHSRJDAUcMlYNAR8hHAgfHzoMQAMVIF1cKxIGPgYhJDgpACMJARcPFzEsNF0jHDAvKFsUZi4ZCxonQCM+OjgzOh4FBBIvGDwtMRo9JDgfIBQDZRo9PB4fAjdaEyMhKikJHk4iCjEjND8ZCRk7JxsTZioHIzM7HyNeHHFKLCEZFUsLOhwgNBQsHQ4gVwI5ECldJDgZXVwrOxA1WiMaGUs+BCVmGwQoRTARI1ogPj0AJBoCEA8KQWMdAD9JMSBbVT0uPQImGicCJV9FbCItAgM2FhYGFAMQAgseEkspAF1hQDQpPSwyNgUXDS8dJxFmIl4kOGVODTUTNRoAFRsaEVsYFgYuXwxDbR80KkFtHTZZCh0sHQo5DD5cJR44XVwvKgwqAQgeYRQ3OgBjMypdQgQrXgU8Ez4fKShtFg0lKmMZLStFNSlIBwM7Fh5QIhMvB1kKEBAIKA","fqdn":"emovementxview.com","domain":"emovementxview.com","tld":"com"},"ip":{"addr":"3.164.240.68","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"emovementxview.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 05 Oct 2025 00:00:00 GMT","end":"Tue, 03 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0E:BE:04:FE:60:92:12:EA:DC:FB:9E:42:CE:90:90:B8:E7:06:95:14","sha256":"04:B1:83:C6:D5:07:2E:DF:23:83:D6:14:C8:AA:50:21:0A:9C:81:05:39:69:EB:DC:12:71:71:CD:EC:D3:E5:1F"}}},"request":{"raw":"GET /cFR4bm0RNhsDUhFpGkgYAjhFS182cUooCRM2GhkUHSRJDAUcMlYNAR8hHAgfHzoMQAMVIF1cKxIGPgYhJDgpACMJARcPFzEsNF0jHDAvKFsUZi4ZCxonQCM+OjgzOh4FBBIvGDwtMRo9JDgfIBQDZRo9PB4fAjdaEyMhKikJHk4iCjEjND8ZCRk7JxsTZioHIzM7HyNeHHFKLCEZFUsLOhwgNBQsHQ4gVwI5ECldJDgZXVwrOxA1WiMaGUs+BCVmGwQoRTARI1ogPj0AJBoCEA8KQWMdAD9JMSBbVT0uPQImGicCJV9FbCItAgM2FhYGFAMQAgseEkspAF1hQDQpPSwyNgUXDS8dJxFmIl4kOGVODTUTNRoAFRsaEVsYFgYuXwxDbR80KkFtHTZZCh0sHQo5DD5cJR44XVwvKgwqAQgeYRQ3OgBjMypdQgQrXgU8Ez4fKShtFg0lKmMZLStFNSlIBwM7Fh5QIhMvB1kKEBAIKA HTTP/1.1\r\nHost: emovementxview.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buzzheavier.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1212\r\ndate: Wed, 26 Nov 2025 17:20:17 GMT\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nset-cookie: AWSALB=vxmNvfI2gTTbxDYoOz5yeBWoXPXZyG0HIPdYYy01CY90DF/Y4K6tffhGXa6laWN+NSz4RaCuWwMXHnvWhwLBy9wuo23HIwBVDgNFOoExFgzwdU3fD0HZP6GvX3hg; Expires=Wed, 03 Dec 2025 17:20:17 GMT; Path=/\nAWSALBCORS=vxmNvfI2gTTbxDYoOz5yeBWoXPXZyG0HIPdYYy01CY90DF/Y4K6tffhGXa6laWN+NSz4RaCuWwMXHnvWhwLBy9wuo23HIwBVDgNFOoExFgzwdU3fD0HZP6GvX3hg; Expires=Wed, 03 Dec 2025 17:20:17 GMT; Path=/; SameSite=None\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: qycJQXPRguC66EKQhIHnS7pd2tAR-r79us43AnPPGTTpe_lOn6eS6A==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon ALB","description":"Amazon Application Load Balancer (ALB) distributes incoming application traffic to increase availability and support content-based routing.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]},{"name":"OpenResty:1.17.8.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3066,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (3066), with no line terminators","md5":"aa71e2dfd63f3a810c617b646da65b20","sha1":"87713f3ba99dbe9c50b2368df15948854a705752","sha256":"a86b7b5420a92c37709de4f0173dd43fa7d96f7817df2bfecde2881f48aee65d","sha512":"f4caa6ede422cd9d6a1311942c357b163187bbccce8cbc26a56a04a5a8ebdbefa048aba6213cd7ffd3c34e2cc55bd0081a615d7988866ab7c2f1c3cd7a7b7929","ssdeep":"","tlshash":"1a510d8d34f360c282f26024453bb59afa289aa5934cdf14863d92bcbc715ed6357f4c","first_seen":"2025-11-26T17:20:43.065916Z","last_seen":"2025-11-26T17:20:43.065916Z","times_seen":1,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":61,"dns":33,"connect":8,"send":0,"wait":121,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ukankingwithea.com/","fqdn":"ukankingwithea.com","domain":"ukankingwithea.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ukankingwithea.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:27:37 GMT","end":"Wed, 21 Jan 2026 15:26:07 GMT"},"fingerprint":{"sha1":"9D:07:9C:6F:57:10:86:CD:16:B0:52:82:27:D1:5A:15:62:C4:01:4D","sha256":"45:86:DC:CE:A9:11:84:B3:7C:78:71:DB:1D:F8:E8:6C:0F:4A:58:72:2C:CF:60:ED:8D:11:60:CB:9F:03:63:EF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ukankingwithea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://buzzheavier.com/\r\nOrigin: https://buzzheavier.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 26 Nov 2025 17:20:17 GMT\r\ncontent-type: text/plain\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: https://buzzheavier.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: X-Requested-With, content-type\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h3TMx0btrAmZj%2BdGhF955geE7eMaEWX99AWLcDQ0RxaeXenf29Uim6abD8%2FgxnWFehgFgxgHKNAL377cOvEGAbDUDMC3V3qbYh1TRtDhs0wWIQ%3D%3D\"}]}\r\ncontent-encoding: br\r\nset-cookie: csu=1344314592040896@1@1764177617; SameSite=None; Secure; Max-Age=31104000\r\ncf-ray: 9a4b0e3a6d9b2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"58b77b6177d4829d2cc4e3be0953306d","sha1":"31d5ccd162fd8a900e56f8304a0f80ccc652808d","sha256":"8a545fedafe7396fb45116ae7583985110d3a9fae834297ea9b17d7eea1f62b3","sha512":"62e4d6cf8ae89566a6c1605a3135a10360db5a52530d70ea875cd883142993795bbaba4a99e6b9ded61ed448ffb0e83390322c68d0becd678396d57d84d90ef7","ssdeep":"","tlshash":"14800080302008a0220c3e30a28a0302002a020a80822a80a32a3208082200bc300800","first_seen":"2025-11-26T17:20:43.066868Z","last_seen":"2025-11-26T17:20:43.066868Z","times_seen":1,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":42,"dns":20,"connect":1,"send":0,"wait":133,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"ukankingwithea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"ukankingwithea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"ukankingwithea.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buzzheavier.com/favicon.ico","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.3.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buzzheavier.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 09:38:01 GMT","end":"Thu, 05 Feb 2026 10:37:59 GMT"},"fingerprint":{"sha1":"2E:5F:2C:CF:0C:5C:6E:47:0C:00:0B:01:96:2B:C2:28:93:AE:3C:0E","sha256":"00:B5:E7:0E:A7:01:2A:79:21:1F:35:18:42:82:C6:B8:90:5C:30:91:90:CE:27:A6:2A:84:41:2B:FB:21:B6:95"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: buzzheavier.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buzzheavier.com/g572kmijds7r\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 26 Nov 2025 17:20:16 GMT\r\ncontent-type: image/x-icon\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=86400000\r\nlast-modified: Fri, 31 Oct 2025 01:44:13 GMT\r\ncf-cache-status: HIT\r\nage: 400271\r\nexpires: Tue, 22 Aug 2028 17:20:16 GMT\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9a4b0e3a2a71b4ff-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34494,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"77321e7a17ae1ce3475fbf2c0ffb8ede","sha1":"a5a195ecfe9dc9eb474e51d4a7818cb745690f18","sha256":"dd438bc9455a8731f081f5274c41b1154687caa80dc8b01204385dfc494b27dc","sha512":"39ec3f6f8c83f6cd2963f51c734cdaa08aeae2cbf62ca67b136a0b78736b4ece1f4844969d5c6e89145710cef1142aa1174ba5dd2cdd4f0730b405afce1763c8","ssdeep":"96:Ljzlin9JReECXtYZpAtUXmRGkkzOZGWsfdRw9vFoZFyjXf3:bli9JR9C90oUXmRzkiZgg1oS","tlshash":"25f262b6a3994e52d8c83b30d0074f1b0a7aef63192279075464bcbb3cbe48d5d2d62d","first_seen":"2024-12-20T17:52:23.585214Z","last_seen":"2026-04-04T01:19:06.213351Z","times_seen":259,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S993466427:1764177617153439\u0026ifkv=ARESoU0JwArmfYAZBxZ3oWyNlZDVxMrof3tfYWTJfvhPQI0U56wnOGZGHlIuIrZ3DfuSfMG0ad8D","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:17.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S993466427:1764177617153439\u0026ifkv=ARESoU0JwArmfYAZBxZ3oWyNlZDVxMrof3tfYWTJfvhPQI0U56wnOGZGHlIuIrZ3DfuSfMG0ad8D HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://buzzheavier.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:HWn0M7Ja0jT1qlC63oncju5aZR_JDQ:_0s1vBy_SxXvdrz3;Path=/;Expires=Fri, 26-Nov-2027 17:20:17 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Wed, 26 Nov 2025 17:20:17 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026dsh=S993466427%3A1764177617153439\u0026hl=en\u0026ifkv=ARESoU2MunMywfYO41CzICMYbU4J4RzL48s3d8ypJ7q-jEfN53iPcTZ5w-0XEmYqg_gNAVbskA0R\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-YjhuVopT37umszaS656ZtA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 419\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"GET /turnstile/v0/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buzzheavier.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 26 Nov 2025 17:20:16 GMT\r\ncontent-length: 0\r\ncf-ray: 9a4b0e37290cb517-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public\r\ncross-origin-resource-policy: cross-origin\r\nlocation: /turnstile/v0/b/13c98df4ef2d/api.js\r\nvary: Accept-Encoding\r\nset-cookie: _cfuvid=ZUw_osYpKAW9zUf0KSWie8iS16DVWnSrrdK7WJpyncM-1764177616513-0.0.1.1-604800000; path=/; domain=.challenges.cloudflare.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49601,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":17,"dns":0,"connect":1,"send":0,"wait":11,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026dsh=S1295549417:1764177617155610\u0026ifkv=ARESoU01sT7TkBFZITPkwliZex5--Ac4wsShIVb3ak7Sog1jwbWT3Z3_Wo_uBt2YeZ22r9Ay8IXm","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:17.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026dsh=S1295549417:1764177617155610\u0026ifkv=ARESoU01sT7TkBFZITPkwliZex5--Ac4wsShIVb3ak7Sog1jwbWT3Z3_Wo_uBt2YeZ22r9Ay8IXm HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://buzzheavier.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:l-ijkeSxwK2P1Ccd1pQb-8yaNyyWfA:F13YK4XOPHHCYcjW;Path=/;Expires=Fri, 26-Nov-2027 17:20:17 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Wed, 26 Nov 2025 17:20:17 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026dsh=S1295549417%3A1764177617155610\u0026hl=en\u0026ifkv=ARESoU1j2UZzIB9p2b-b7OGnqzJcaN4zJE_tnfukA6usQFbXYUy_hvx7rvf5SHMfnA9p49MvauKx\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-1xf7ABgmdwlSrof0nl803w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 415\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buzzheavier.com/cdn-cgi/rum?","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.3.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:17.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buzzheavier.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 09:38:01 GMT","end":"Thu, 05 Feb 2026 10:37:59 GMT"},"fingerprint":{"sha1":"2E:5F:2C:CF:0C:5C:6E:47:0C:00:0B:01:96:2B:C2:28:93:AE:3C:0E","sha256":"00:B5:E7:0E:A7:01:2A:79:21:1F:35:18:42:82:C6:B8:90:5C:30:91:90:CE:27:A6:2A:84:41:2B:FB:21:B6:95"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: buzzheavier.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1182\r\nOrigin: https://buzzheavier.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buzzheavier.com/g572kmijds7r\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1182,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":763,\"startTime\":1764177616109,\"versions\":{\"fl\":\"2025.9.1\",\"js\":\"2024.6.1\",\"timings\":2},\"pageloadId\":\"1ee9803b-2786-460c-b88e-227ee65f4fa5\",\"location\":\"https://buzzheavier.com/g572kmijds7r\",\"nt\":\"navigate\",\"serverTimings\":[{\"name\":\"cfCacheStatus\",\"dur\":0,\"desc\":\"DYNAMIC\"},{\"name\":\"cfOrigin\",\"dur\":86,\"desc\":\"\"},{\"name\":\"cfEdge\",\"dur\":38,\"desc\":\"\"}],\"timingsV2\":{\"unloadEventStart\":0,\"unloadEventEnd\":0,\"domInteractive\":703,\"domContentLoadedEventStart\":759,\"domContentLoadedEventEnd\":778,\"domComplete\":1403,\"loadEventStart\":1403,\"loadEventEnd\":1403,\"type\":\"navigate\",\"redirectCount\":0,\"initiatorType\":\"navigation\",\"nextHopProtocol\":\"h2\",\"workerStart\":0,\"redirectStart\":0,\"redirectEnd\":0,\"fetchStart\":32,\"domainLookupStart\":33,\"domainLookupEnd\":48,\"connectStart\":48,\"connectEnd\":71,\"secureConnectionStart\":53,\"requestStart\":71,\"responseStart\":197,\"responseEnd\":214,\"transferSize\":29765,\"encodedBodySize\":29463,\"decodedBodySize\":69749,\"name\":\"https://buzzheavier.com/g572kmijds7r\",\"entryType\":\"navigation\",\"startTime\":0,\"duration\":1403},\"siteToken\":\"c1361d0ed928439489c7829da1f19fac\",\"st\":2}"}},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Wed, 26 Nov 2025 17:20:17 GMT\r\naccess-control-allow-origin: https://buzzheavier.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-ray: 9a4b0e3d9dc6b4ff-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buzzheavier.com/g572kmijds7r","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.3.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-26T17:20:16.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buzzheavier.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 09:38:01 GMT","end":"Thu, 05 Feb 2026 10:37:59 GMT"},"fingerprint":{"sha1":"2E:5F:2C:CF:0C:5C:6E:47:0C:00:0B:01:96:2B:C2:28:93:AE:3C:0E","sha256":"00:B5:E7:0E:A7:01:2A:79:21:1F:35:18:42:82:C6:B8:90:5C:30:91:90:CE:27:A6:2A:84:41:2B:FB:21:B6:95"}}},"request":{"raw":"GET /g572kmijds7r HTTP/1.1\r\nHost: buzzheavier.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 26 Nov 2025 17:20:16 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfOrigin;dur=86,cfEdge;dur=38\r\nserver: cloudflare\r\ncf-ray: 9a4b0e351ddfb4ff-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Alpine.js","description":"","website":"https://github.com/alpinejs/alpine","common_platform_enumeration":"","icon":"Alpine.js.png","categories":["JavaScript frameworks"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}],"data":{"size":69749,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (64577)","md5":"4e5e44ec7a6cf779320e104cdb1f4fc1","sha1":"8fda0a3c5da8e1092cc475ac8d8d5857e312f9ff","sha256":"1020db91a5abce872c0e608cbe2d072301851527911b7d32ffb2b63802aaf469","sha512":"0e553ef6925a61a60d81ae44495577c48e46a5031ef4c51240e9d9c8236d9aea417dfa5828e1d8f5b29d4bad318dbd6a31e2c22ba99a84a10cec7d81b222c4c7","ssdeep":"1536:fdfAwr2CjuMOAyUdG1uFuyLHIt6+d5Ar/LdZQBLTjcrD5IrWVE2:fdIMjIAyUdGeuyLHIt66edZQBLTjcX5r","tlshash":"0a63c67ab2e21c91ce90ab64247ff542bcaa7410d05dfae47c49fa401fb51dd84e3a39","first_seen":"2025-11-26T17:20:43.068234Z","last_seen":"2025-11-26T17:20:43.068234Z","times_seen":1,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":37,"dns":15,"connect":1,"send":0,"wait":126,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buzzheavier.com/xz.js?v=b254bf02b9f0eec2b402ac5b7b619700b9b2309d-dirty","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.3.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buzzheavier.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 09:38:01 GMT","end":"Thu, 05 Feb 2026 10:37:59 GMT"},"fingerprint":{"sha1":"2E:5F:2C:CF:0C:5C:6E:47:0C:00:0B:01:96:2B:C2:28:93:AE:3C:0E","sha256":"00:B5:E7:0E:A7:01:2A:79:21:1F:35:18:42:82:C6:B8:90:5C:30:91:90:CE:27:A6:2A:84:41:2B:FB:21:B6:95"}}},"request":{"raw":"GET /xz.js?v=b254bf02b9f0eec2b402ac5b7b619700b9b2309d-dirty HTTP/1.1\r\nHost: buzzheavier.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buzzheavier.com/g572kmijds7r\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 26 Nov 2025 17:20:16 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=86400000\r\nlast-modified: Thu, 30 Oct 2025 05:26:28 GMT\r\ncf-cache-status: HIT\r\nage: 469153\r\nexpires: Tue, 22 Aug 2028 17:20:16 GMT\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9a4b0e36ff8fb4ff-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":386908,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (56364)","md5":"c4f51977bcc98d269adbcd602851e001","sha1":"c069cb6ca4b3f12bc68f6001fbf49194a0532f24","sha256":"3cbaa688116786be2134162090582674361f5e7e12f7e459cede8a4236e23ad5","sha512":"7bac1b420fc729e69e0dd01a7146bb211876ba6dad3fe8f27d15b36a4448595fed68c56bc47ff4c0c53786d7cfd80ae1951fc7909842b29af6e0dd27ba66bdc4","ssdeep":"6144:2+jNcWsW7sWG8tezhSGmeaQ2F8K9eNleeaJLT0mOj03d5dw+UXjOPKHuUuLXpCy:2gLsWG8IzhSGmeaQ2F8GueeaJLT0mo0f","tlshash":"f58429d67342717286da16e6583b060af3357584340780acf6ac9dcb3c7a98661bbf3d","first_seen":"2024-12-20T17:52:23.581019Z","last_seen":"2026-03-22T18:36:49.428539Z","times_seen":258,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buzzheavier.com/whysostylish.css?v=b254bf02b9f0eec2b402ac5b7b619700b9b2309d-dirty","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.3.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buzzheavier.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 09:38:01 GMT","end":"Thu, 05 Feb 2026 10:37:59 GMT"},"fingerprint":{"sha1":"2E:5F:2C:CF:0C:5C:6E:47:0C:00:0B:01:96:2B:C2:28:93:AE:3C:0E","sha256":"00:B5:E7:0E:A7:01:2A:79:21:1F:35:18:42:82:C6:B8:90:5C:30:91:90:CE:27:A6:2A:84:41:2B:FB:21:B6:95"}}},"request":{"raw":"GET /whysostylish.css?v=b254bf02b9f0eec2b402ac5b7b619700b9b2309d-dirty HTTP/1.1\r\nHost: buzzheavier.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buzzheavier.com/g572kmijds7r\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 26 Nov 2025 17:20:16 GMT\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=86400000\r\nlast-modified: Fri, 10 Oct 2025 03:03:42 GMT\r\ncf-cache-status: HIT\r\nage: 2805969\r\nexpires: Tue, 22 Aug 2028 17:20:16 GMT\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9a4b0e36ff92b4ff-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9391,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (9391), with no line terminators","md5":"92ad323302056df5f0b6830812c6623a","sha1":"b16bd236e8f8266ea2dfb869f7ee9105e46d7cfc","sha256":"c34f7e520b04f73da1c435f6f787cade39bd32fc24578985c67630dd8bdb7dc9","sha512":"b80d706b8e1cdabab2fe7dc8f124bf5e49e0a68cbf65c760001fd16bd2ddd1074475d634b2c04e9c6f7d7b07063eaa428ea8fdb206ffbfa083d0bedfc922f8cb","ssdeep":"96:Cn08vmxaH2/uclXOsMOZtmD4nbZ9nz5jnfXgn/3knvwPKsw/Dt/pi47lboBNOp0j:C0jImusfnt6r8tXeZNn60mM6mOJOTq4","tlshash":"6b12739ae918212f6c2bc66552e5badd611af440cd3762eafe536220cdc77f70d22508","first_seen":"2025-08-07T17:48:56.37795Z","last_seen":"2026-03-22T18:36:49.42905Z","times_seen":242,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buzzheavier.com/icons.css?v=b254bf02b9f0eec2b402ac5b7b619700b9b2309d-dirty","fqdn":"buzzheavier.com","domain":"buzzheavier.com","tld":"com"},"ip":{"addr":"104.18.3.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buzzheavier.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 09:38:01 GMT","end":"Thu, 05 Feb 2026 10:37:59 GMT"},"fingerprint":{"sha1":"2E:5F:2C:CF:0C:5C:6E:47:0C:00:0B:01:96:2B:C2:28:93:AE:3C:0E","sha256":"00:B5:E7:0E:A7:01:2A:79:21:1F:35:18:42:82:C6:B8:90:5C:30:91:90:CE:27:A6:2A:84:41:2B:FB:21:B6:95"}}},"request":{"raw":"GET /icons.css?v=b254bf02b9f0eec2b402ac5b7b619700b9b2309d-dirty HTTP/1.1\r\nHost: buzzheavier.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buzzheavier.com/g572kmijds7r\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 26 Nov 2025 17:20:16 GMT\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=86400000\r\nlast-modified: Sat, 04 Oct 2025 01:36:50 GMT\r\ncf-cache-status: HIT\r\nage: 2885386\r\nexpires: Tue, 22 Aug 2028 17:20:16 GMT\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9a4b0e36ff94b4ff-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33217,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"860ecd2c7d02437d7b1a9a94a1185be6","sha1":"e17a1e89cd542d0f9fdde68ac80fef8fa9d7ef9e","sha256":"4d803e32b326d4c8ba4dee47ce7b68b8737ea9b1f1dbdaebdc991ccfc74fc066","sha512":"2ead9ae76cec7eac8b6a3adb92fdf09cca670f2d9e2719a49bf1d826692fbd440407d3090dcb894719d0ead0416ad70fe98056a4d150c824942244cc46458b3f","ssdeep":"768:ibr1Dt5RH7vdXhl3t1tFLph9Vp/xdG178Qh8HvllpFr:U1Dt5RH7vdXhl3t1tFLph9Vp/xdG1wQ0","tlshash":"6ee26b23c195deef261f807a5c3ea74e3a991481de5ade6a31fe37e889f148c44314b4","first_seen":"2025-04-26T07:58:30.68477Z","last_seen":"2026-04-04T01:19:06.215474Z","times_seen":255,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dcbbwymp1bhlf.cloudfront.net/?wbbcd=1191914","fqdn":"dcbbwymp1bhlf.cloudfront.net","domain":"dcbbwymp1bhlf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.208","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /?wbbcd=1191914 HTTP/1.1\r\nHost: dcbbwymp1bhlf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buzzheavier.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 64425\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform\r\ncontent-encoding: gzip\r\npragma: no-cache\r\ndate: Wed, 26 Nov 2025 17:20:16 GMT\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 094188bf05865a3d323dcbfb7173f1f6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: _HDV-g6MbRJ9LvJnn9RydDx58psSJVVBsdJf8pmGZvsy6UrmvxqK_Q==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":190570,"size_decoded":0,"mime_type":"text/plain","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)","md5":"a7d677a9915d7f294cbeab5f92353891","sha1":"26ea2f35ae596266debb3b8707661403054322d7","sha256":"aa79312b6feffbb1f68fc0e5b918ddafbe62ff1d9659e1032532ac63b4030da4","sha512":"17e48da1ad4e99256ec65872c8093defc3e4d17bf6de627652498d8addefa9dd226c9472f0eb6ac9bca53ab761f288e901acef1b8ac1a3524e68def7ee5b711f","ssdeep":"3072:XBUNP5+Ya/06R42Da7oV6+53UOng7L9vN9c:XuNR+t/06G2D023","tlshash":"cc145dc9be92346d836374b540bf528a723f4a68b8184cd4e496d4d17db8d0a437bfac","first_seen":"2025-11-26T17:20:43.070709Z","last_seen":"2025-11-26T17:20:43.070709Z","times_seen":1,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":41,"dns":36,"connect":1,"send":0,"wait":171,"receive":2,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"dcbbwymp1bhlf.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 22 Oct 2025 06:18:58 GMT","end":"Tue, 20 Jan 2026 07:18:54 GMT"},"fingerprint":{"sha1":"C7:F8:82:22:3E:BC:9D:F4:7B:0A:EF:A0:EE:C2:C2:D1:34:7E:55:1D","sha256":"EA:85:37:F0:6A:CB:4D:61:4B:3D:2C:58:4B:FF:E5:CE:3C:33:94:71:D8:11:77:5A:C1:99:2F:94:1F:D2:FD:F1"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://buzzheavier.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buzzheavier.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 26 Nov 2025 17:20:16 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9a4b0e372bd60731-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-04T07:35:17.588324Z","times_seen":330130,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":15,"dns":1,"connect":4,"send":0,"wait":11,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/13c98df4ef2d/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"GET /turnstile/v0/b/13c98df4ef2d/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://buzzheavier.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _cfuvid=ZUw_osYpKAW9zUf0KSWie8iS16DVWnSrrdK7WJpyncM-1764177616513-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 26 Nov 2025 17:20:16 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\nlast-modified: Thu, 20 Nov 2025 16:30:22 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9a4b0e378ad2569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49601,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (49600)","md5":"9c24b8c0b90ddbe66379c2eb5458e2d7","sha1":"55e1ecb91d06532e110b7d5262d941caa3c8f9d1","sha256":"0594e1933828cacea3ac52f9538ab0bf66b987841f45241189a9533af688eee4","sha512":"dca55d18707d8645e9983f3f6d2b933171e15c50eb35a251ab04163dcd0e08c226c7ffc7d1cff7a68c429277e5ee270a10f0087a0c1a5d8d9ea63d61a1351806","ssdeep":"768:1hCnhd620Mg5LUU6OMX0skef2w97+Fsg0D5GHmXuHKQPciAsG91C+8APDGDewY8t:1O62dg5LUU6Ov+2k7rIHPCADt","tlshash":"60231a583296387227d980e5617b63437325753af94ccc50e823d936267cdcad237bba","first_seen":"2025-11-21T10:20:04.556191Z","last_seen":"2025-12-04T15:38:58.928982Z","times_seen":18890,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cesosfultrbriol.com/SXBWU0xmTzUgcQYlZx8pHSUdNX85PhckIH0WZjQIDTgiZxg+QHAnJS1NZ2J1eElnZ2o5GTJufW8DIjI4PANrYmogHjA8cW8Ga2JiekR4YHpnR3AmcXhWIiMtLk1ndTw9BDpufX5GYmJ7fkZnZXtxRw","fqdn":"cesosfultrbriol.com","domain":"cesosfultrbriol.com","tld":"com"},"ip":{"addr":"172.67.206.151","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cesosfultrbriol.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 07 Oct 2025 08:26:47 GMT","end":"Mon, 05 Jan 2026 09:25:24 GMT"},"fingerprint":{"sha1":"9B:01:A5:12:04:64:63:D9:8C:A6:C2:D6:9D:21:50:E0:3E:C9:7E:87","sha256":"2E:78:51:9A:BC:EF:9B:2F:8E:82:3E:C7:8E:BE:FF:CA:90:04:62:30:34:65:45:7E:28:FA:E1:77:66:2A:3A:8B"}}},"request":{"raw":"GET /SXBWU0xmTzUgcQYlZx8pHSUdNX85PhckIH0WZjQIDTgiZxg+QHAnJS1NZ2J1eElnZ2o5GTJufW8DIjI4PANrYmogHjA8cW8Ga2JiekR4YHpnR3AmcXhWIiMtLk1ndTw9BDpufX5GYmJ7fkZnZXtxRw HTTP/1.1\r\nHost: cesosfultrbriol.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buzzheavier.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Wed, 26 Nov 2025 17:20:16 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Obh6VwqBlIYiHEGzOCyMVozEQ%2BeZ7QDouTGjWS82nPDnBQ2i2N%2FoYbVKe8xhIxWV%2FWDz1Lju%2F%2FFivgWtA5qo5lqF3CPVZ5Dvd4JI%2Fb54PODJxQk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9a4b0e395b90dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":54,"dns":32,"connect":1,"send":0,"wait":119,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=mail","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=mail HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buzzheavier.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:oIpn6oD_UQq62xFNTGVETCDRCGadgA:44WW3a-rGsL43--g; Expires=Fri, 26-Nov-2027 17:20:17 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Wed, 26 Nov 2025 17:20:17 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026dsh=S1295549417:1764177617155610\u0026ifkv=ARESoU01sT7TkBFZITPkwliZex5--Ac4wsShIVb3ak7Sog1jwbWT3Z3_Wo_uBt2YeZ22r9Ay8IXm\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-2v7tafhSdsgG1pj6pgBphA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: unsafe-none\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":345,"timings":{"blocked":151,"dns":0,"connect":30,"send":0,"wait":43,"receive":0,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buzzheavier.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:Q9EWs7I-VC3kEUe90prgg2epHPsCTg:iuEj88snmc0-Iyyj; Expires=Fri, 26-Nov-2027 17:20:17 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Wed, 26 Nov 2025 17:20:17 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S993466427:1764177617153439\u0026ifkv=ARESoU0JwArmfYAZBxZ3oWyNlZDVxMrof3tfYWTJfvhPQI0U56wnOGZGHlIuIrZ3DfuSfMG0ad8D\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-kGjWUEZh-YVC-biIMOhwwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist\r\ncross-origin-opener-policy: unsafe-none\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-resource-policy: cross-origin\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":145,"dns":0,"connect":30,"send":0,"wait":41,"receive":0,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d3jzhqnvnvdy34.cloudfront.net/?qhzjd=1191914","fqdn":"d3jzhqnvnvdy34.cloudfront.net","domain":"d3jzhqnvnvdy34.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.55","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:16.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /?qhzjd=1191914 HTTP/1.1\r\nHost: d3jzhqnvnvdy34.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://buzzheavier.com/\r\nOrigin: https://buzzheavier.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 64425\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://buzzheavier.com\r\ncache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform\r\ncontent-encoding: gzip\r\npragma: no-cache\r\ndate: Wed, 26 Nov 2025 17:20:16 GMT\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 1b7f8001b2b06f9624559a35b6822156.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: vH51BRAIL0f3867h-Sk4Z-gRe6fkM4W65Ql4TYn9IHVbF3rr7eYNlg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":190570,"size_decoded":0,"mime_type":"text/plain","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)","md5":"d5b259b91ac73c84bcf456975d527c48","sha1":"10d7a87417f2b40226d0b6ac4f8393b984e4b5cc","sha256":"4fda33ee567a11f73c4426252d7284a15853fc567ecc360fca16a746b6bfebba","sha512":"6306666e9a28f144442fd70964afde4ae0ee4c9f79d77f0de373a17f7e9da65d3a92bdc7b7795be8cb84fc773c58ace7ca0d9abd2b09bd17895bc393c1734679","ssdeep":"3072:XBUNP5+Ya/06R42Da7oV6+53UOng7L9vN99:XuNR+t/06G2D026","tlshash":"e6145dc9be92346d836374b540bf528a723f4a68b8184cd4e496d4d17db8d0a437bfac","first_seen":"2025-11-26T17:20:43.072618Z","last_seen":"2025-11-26T17:20:43.072618Z","times_seen":1,"resource_available":false,"data":null}},"time_used":492,"timings":{"blocked":7,"dns":23,"connect":1,"send":0,"wait":171,"receive":281,"ssl":6},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"d3jzhqnvnvdy34.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026dsh=S993466427%3A1764177617153439\u0026hl=en\u0026ifkv=ARESoU2MunMywfYO41CzICMYbU4J4RzL48s3d8ypJ7q-jEfN53iPcTZ5w-0XEmYqg_gNAVbskA0R\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buzzheavier.com/g572kmijds7r","date":"2025-11-26T17:20:17.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026dsh=S993466427%3A1764177617153439\u0026hl=en\u0026ifkv=ARESoU2MunMywfYO41CzICMYbU4J4RzL48s3d8ypJ7q-jEfN53iPcTZ5w-0XEmYqg_gNAVbskA0R\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://buzzheavier.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Wed, 26 Nov 2025 17:20:17 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: script-src 'nonce-B9GZScBejsbb83Eah50TvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport\r\ncontent-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.gstatic.com/recaptcha/ https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.KEYUHSehrM0.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}