{"report_id":"58625863-5dc5-462a-8669-909e46f10591","version":6,"status":"done","tags":[],"date":"2023-11-05T20:52:22Z","url":{"schema":"http","addr":"llama.website/Sq","fqdn":"llama.website","domain":"llama.website","tld":"website"},"ip":{"addr":"91.92.249.75","port":0,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"llama.website/Sq","fqdn":"llama.website","domain":"llama.website","tld":"website"},"title":"UPLOAD.EE - Dailymotion.com.txt - Download - Nuke.biz - Shorten your URLs, nuke your competition."},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T15:37:37Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10 22:14:26","last_seen":"2023-11-05 15:43:22","alert_count":0,"request_count":1,"received_data":11247,"sent_data":421,"comment":"","tags":null,"fingerprints":null},{"fqdn":"alwingulla.com","ip":{"addr":"172.67.152.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2023-05-22","domain_rank":0,"first_seen":"2023-05-22 18:17:44","last_seen":"2023-11-05 15:08:32","alert_count":0,"request_count":1,"received_data":26401,"sent_data":402,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":75,"first_seen":"2013-05-22 04:07:37","last_seen":"2023-11-05 14:39:56","alert_count":0,"request_count":2,"received_data":302064,"sent_data":863,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aistekso.net","ip":{"addr":"139.45.197.244","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2023-10-16","domain_rank":0,"first_seen":"2023-10-16 16:37:28","last_seen":"2023-11-05 14:42:07","alert_count":3,"request_count":3,"received_data":78059,"sent_data":2479,"comment":"","tags":null,"fingerprints":null},{"fqdn":"offerimage.com","ip":{"addr":"104.22.33.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-06-10","domain_rank":304078,"first_seen":"2019-06-10 13:11:53","last_seen":"2023-11-05 12:01:58","alert_count":0,"request_count":4,"received_data":53220,"sent_data":1829,"comment":"","tags":null,"fingerprints":null},{"fqdn":"llama.website","ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"domain_registered":"2023-10-04","domain_rank":0,"first_seen":"2021-02-04 06:25:37","last_seen":"2023-10-06 21:11:23","alert_count":0,"request_count":2,"received_data":8575,"sent_data":964,"comment":"","tags":null,"fingerprints":null},{"fqdn":"amunfezanttor.com","ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2023-03-31","domain_rank":0,"first_seen":"2023-03-31 14:42:42","last_seen":"2023-11-05 05:11:29","alert_count":3,"request_count":3,"received_data":1474,"sent_data":1495,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-09-09 02:40:21","last_seen":"2023-11-05 14:57:39","alert_count":0,"request_count":2,"received_data":33270,"sent_data":1040,"comment":"","tags":null,"fingerprints":null},{"fqdn":"serving.bepolite.eu","ip":{"addr":"212.47.222.21","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2017-01-29 19:42:29","last_seen":"2023-11-05 13:53:32","alert_count":0,"request_count":1,"received_data":1017,"sent_data":661,"comment":"","tags":null,"fingerprints":null},{"fqdn":"du0pud0sdlmzf.cloudfront.net","ip":{"addr":"108.157.232.39","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2023-08-24 12:49:59","last_seen":"2023-11-05 14:52:05","alert_count":0,"request_count":4,"received_data":120662,"sent_data":2387,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dweatherbe.org","ip":{"addr":"108.157.214.79","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2023-09-30","domain_rank":0,"first_seen":"2023-10-22 23:07:52","last_seen":"2023-11-05 14:36:00","alert_count":0,"request_count":5,"received_data":6920,"sent_data":3738,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ibrapush.com","ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2019-04-19","domain_rank":0,"first_seen":"2020-04-18 16:40:35","last_seen":"2023-11-05 08:00:47","alert_count":0,"request_count":7,"received_data":154731,"sent_data":3308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cameesse.net","ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2023-10-18","domain_rank":0,"first_seen":"2023-10-18 14:31:33","last_seen":"2023-11-05 13:20:21","alert_count":6,"request_count":6,"received_data":239506,"sent_data":5555,"comment":"","tags":null,"fingerprints":null},{"fqdn":"accounts.google.com","ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":81,"first_seen":"2016-03-20 13:44:49","last_seen":"2023-11-05 15:03:22","alert_count":0,"request_count":6,"received_data":12218,"sent_data":3704,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fleraprt.com","ip":{"addr":"139.45.195.254","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2022-01-14","domain_rank":0,"first_seen":"2022-01-14 23:55:14","last_seen":"2023-11-05 14:42:14","alert_count":0,"request_count":1,"received_data":483,"sent_data":527,"comment":"","tags":null,"fingerprints":null},{"fqdn":"veepteero.com","ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2023-05-08","domain_rank":0,"first_seen":"2023-05-09 02:18:41","last_seen":"2023-11-05 08:00:13","alert_count":0,"request_count":2,"received_data":7169,"sent_data":1412,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.nbfcs.org","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2022-11-16","domain_rank":0,"first_seen":"2022-11-17 15:12:53","last_seen":"2023-11-03 13:07:10","alert_count":0,"request_count":1,"received_data":0,"sent_data":470,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.upload.ee","ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"domain_registered":"2010-07-04","domain_rank":981196,"first_seen":"2012-05-24 10:39:37","last_seen":"2023-11-05 11:37:50","alert_count":0,"request_count":5,"received_data":29990,"sent_data":2450,"comment":"","tags":null,"fingerprints":null},{"fqdn":"nuke.biz","ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"domain_registered":"2023-10-04","domain_rank":0,"first_seen":"2020-03-05 23:21:54","last_seen":"2023-10-06 07:30:25","alert_count":0,"request_count":21,"received_data":1226563,"sent_data":10094,"comment":"","tags":null,"fingerprints":null},{"fqdn":"gishejuy.com","ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2023-10-25","domain_rank":0,"first_seen":"2023-10-25 15:14:32","last_seen":"2023-11-05 08:00:22","alert_count":6,"request_count":6,"received_data":98545,"sent_data":5356,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pogothere.xyz","ip":{"addr":"172.67.220.203","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2022-08-22","domain_rank":0,"first_seen":"2022-09-04 21:11:25","last_seen":"2023-11-05 14:34:47","alert_count":0,"request_count":4,"received_data":208160,"sent_data":1688,"comment":"","tags":null,"fingerprints":null},{"fqdn":"nandweandthe.org","ip":{"addr":"172.67.176.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2023-09-30","domain_rank":0,"first_seen":"2023-10-30 08:47:30","last_seen":"2023-11-05 14:34:47","alert_count":0,"request_count":4,"received_data":2353,"sent_data":2111,"comment":"","tags":null,"fingerprints":null},{"fqdn":"my.rtmark.net","ip":{"addr":"139.45.195.8","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2014-10-29","domain_rank":9054,"first_seen":"2015-02-04 10:54:57","last_seen":"2023-11-05 11:13:37","alert_count":0,"request_count":2,"received_data":1484,"sent_data":1033,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tzegilo.com","ip":{"addr":"104.21.11.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-01-14","domain_rank":0,"first_seen":"2022-01-14 16:27:15","last_seen":"2023-11-05 14:42:09","alert_count":0,"request_count":1,"received_data":47819,"sent_data":396,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-11-05T20:52:02Z","timestamp":1699217522,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":44791,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-11-05T20:52:02.100717+0000\",\"flow_id\":1384555729815917,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.146\",\"src_port\":44791,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":61495,\"rrname\":\"nuke.biz\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":79,\"bytes_toclient\":0,\"start\":\"2023-11-05T20:52:02.100717+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-05T20:52:02Z","timestamp":1699217522,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":40931,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-11-05T20:52:02.100939+0000\",\"flow_id\":608717132433995,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.146\",\"src_port\":40931,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":759,\"rrname\":\"nuke.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":79,\"bytes_toclient\":0,\"start\":\"2023-11-05T20:52:02.100939+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-05T20:52:02Z","timestamp":1699217522,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":58973,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-11-05T20:52:02.967121+0000\",\"flow_id\":521778404442577,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.146\",\"src_port\":58973,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":58609,\"rrname\":\"nuke.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":79,\"bytes_toclient\":0,\"start\":\"2023-11-05T20:52:02.967121+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-05T20:52:03Z","timestamp":1699217523,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39134,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-11-05T20:52:03.161723+0000\",\"flow_id\":2443843958715,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.146\",\"src_port\":39134,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":40798,\"rrname\":\"nuke.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":79,\"bytes_toclient\":0,\"start\":\"2023-11-05T20:52:03.161723+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-05T20:52:03Z","timestamp":1699217523,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49472,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-11-05T20:52:03.386932+0000\",\"flow_id\":751973619197812,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.146\",\"src_port\":49472,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":40649,\"rrname\":\"nuke.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":79,\"bytes_toclient\":0,\"start\":\"2023-11-05T20:52:03.386932+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-05T20:52:03Z","timestamp":1699217523,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50633,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-11-05T20:52:03.859233+0000\",\"flow_id\":1963102857010273,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.146\",\"src_port\":50633,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":32919,\"rrname\":\"nuke.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":79,\"bytes_toclient\":0,\"start\":\"2023-11-05T20:52:03.859233+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-05T20:52:04Z","timestamp":1699217524,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33653,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-11-05T20:52:04.181730+0000\",\"flow_id\":314887682442722,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.146\",\"src_port\":33653,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":15761,\"rrname\":\"nuke.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":79,\"bytes_toclient\":0,\"start\":\"2023-11-05T20:52:04.181730+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-05T20:52:08Z","timestamp":1699217528,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":58404,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-11-05T20:52:08.981986+0000\",\"flow_id\":2127149133265890,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.146\",\"src_port\":58404,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":29042,\"rrname\":\"nuke.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":79,\"bytes_toclient\":0,\"start\":\"2023-11-05T20:52:08.981986+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-05T20:52:09Z","timestamp":1699217529,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48877,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-11-05T20:52:09.074767+0000\",\"flow_id\":898081964499983,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.146\",\"src_port\":48877,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":34328,\"rrname\":\"nuke.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":79,\"bytes_toclient\":0,\"start\":\"2023-11-05T20:52:09.074767+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-05T20:52:09Z","timestamp":1699217529,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56448,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-11-05T20:52:09.103969+0000\",\"flow_id\":1917374340634145,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.146\",\"src_port\":56448,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":55639,\"rrname\":\"nuke.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":79,\"bytes_toclient\":0,\"start\":\"2023-11-05T20:52:09.103969+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-05T20:52:09Z","timestamp":1699217529,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56383,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-11-05T20:52:09.138936+0000\",\"flow_id\":808819659185848,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.146\",\"src_port\":56383,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":32420,\"rrname\":\"nuke.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":79,\"bytes_toclient\":0,\"start\":\"2023-11-05T20:52:09.138936+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-05T20:52:09Z","timestamp":1699217529,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48877,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-11-05T20:52:09.170990+0000\",\"flow_id\":898081964499983,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.146\",\"src_port\":48877,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":55512,\"rrname\":\"nuke.biz\",\"rrtype\":\"AAAA\",\"tx_id\":2}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":158,\"bytes_toclient\":79,\"start\":\"2023-11-05T20:52:09.074767+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"aistekso.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"cameesse.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"gishejuy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"cameesse.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"cameesse.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"cameesse.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"cameesse.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"cameesse.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"amunfezanttor.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"amunfezanttor.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"amunfezanttor.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"aistekso.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"aistekso.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"gishejuy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"gishejuy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"gishejuy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"gishejuy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"gishejuy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.upload.ee/files/15487444/Dailymotion.com.txt.html","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"48e07e6b9e60fc36f21db6b71bf0b4b1","sha1":"fb4085cc0058779b28e5c366a2b92cf242399c2f","sha256":"3cbdc71216bd0aa119c93b4c5213941e9972e26ef16b3386c7c9cb32bcc60d64","sha512":"10187db826a6c668fff87f61e2468ecaf94b9a87475115b9718c9458f75281581aa84a3001fad9d5a1c48ba75a443d03da26fdf243fdc1e964770fb12b140178","ssdeep":"","tlshash":"ae60000030f00000c3c3003000c00030000003000cc00303000300c03000c00ccf0300","size":14,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2026-04-22T19:39:47.356233Z","times_seen":3582,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15487444/Dailymotion.com.txt.html","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"63fa78e3d4ae4b7fc4cf5126264cb75e","sha1":"65657518c61173b8205d4fb68aabfae6ae7270a0","sha256":"a31d904d1ab6191632f68d0b375b622e4699c6e840f99ce53699df5d9f77ef6a","sha512":"84a1432bf021cfe79ca89727eabd12fc350317b89e20986f12393d7b25df94e424ec561aafb41922db622d4cd2eb4af54d6ae0ddab57d0d3bbdb8c8a9d698034","ssdeep":"","tlshash":"4d90222820800200c20080303003220f80e8200b28800088000002800232030022388e","size":57,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2026-04-19T05:56:09.148505Z","times_seen":3533,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/?dupud=997369","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"108.157.232.39","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e77c40a35ea25a395aeb08270011d49a","sha1":"835f18b3bdc5a6e9c8f7d639ceabf06d419a1de6","sha256":"8ff3aa18b5f251fa41c9c670471d7e2514423f5690ee88bbfb3936d4aed18301","sha512":"6c2bcd2b63800bdf6f7d204c692c96892072db8c9791172025180f416439886023011504444db33ea783fe0933e72cc230df5daf93d9f3a628fb17917ddf5a08","ssdeep":"6144:WShLAyB2hrfV7+103N+w7ShLAyB2hrfVZM:Wi0yYh7VSg0Ui0yYh7V2","tlshash":"e5743b89be523869836374b540ff124e723f4669b8084dd4b49ad4d16db8d0a43bffac","size":362652,"data":"","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/js/app.min.js","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"82374b423499415c2c3173513ec1615c","sha1":"3b219efdc592a49a680e2c71cb22989c686b5417","sha256":"12116847297eb16ae5aa1d26b27a0b4704afcc352272ab89cd6d28a27b2604be","sha512":"48112faa6213433eb691513296bd7cd2bd85db22f0bc8547651ae3aebcf003c0817218f5e86cd90affedcbc74d765e25621c372b304914322f509a2ebf3b7ab7","ssdeep":"96:gFWEazLSMkDH2iXI6hUREfJlmQQH72Khs5QESQkfM27Ks2X2WlnycYyfej:OWEaXkDx46hWEBl7S7jE8kjXPfW","tlshash":"03c1b30cb14cb12b23bb72329c2faa0c957779848615e0587151d4aceae89d91db3f2f","size":5886,"data":"","first_seen":"2023-09-11T11:11:16Z","last_seen":"2026-04-29T20:31:54.288002Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49\u0026l=dataLayer\u0026cx=c","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3418f24d020365490d1edce09545dd9","sha1":"d8f719f10c7a22b9d1ccdb45b6c360e17e7e1cb3","sha256":"8ccf82db0be4818315a4b2709219dc98667a007f85de97592431457a7ad6c061","sha512":"58d4d9294efd6b11ece6d336967d4101cfaa07dc0276317174a75dd36a94172537ed83a6e5c789f5c652588e62b9de652681396821f45fe53a0229f40656771c","ssdeep":"3072:WHl+V36EllMSX/tyyUyjSeKvxXAKqM8GyP8QUCWaXb3WV/9H72I9LZVokA6q2WxC:uQZBVyyUyWQFP8FCWaXb30FPYkfqK","tlshash":"503407d973c3706682a7b479503f014be5bb2ca6b44ccc94e189c9d02e78a9a517bf7c","size":249537,"data":"","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/YbXkyNDcOFlxSCBkQVgkOVE4GBA9LE0FbWR1ESlx1XS9Udm0sGGFaQ1lfRk5TUEkUWFYDHg8SUgMaDwURDB1QCQNLDFMJWgIDW1hbDFwAcgJDSRcGB0UBAwUSXjsXBgcBEFxBT0hLAkwPWyYEABJeOxcGBx8PFwd2XEkLGgdEXAAEUAgaWVsSXz8ABAZdSQ-MEBkhLAlJeHxxUW09IS3QFBlxXAhJCUEg","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"108.157.232.39","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b15f21d99ea56239a052fe5660c6e4aa","sha1":"5517989e52d4374f35bc2a2c0021fd2bc34b62c4","sha256":"0f3be2ecc53c6df46a14b352489bd5a7c509cf68506a40b767d1d5d68a97c3b4","sha512":"a3b68fa487644a84cb0740a3c5320d8e63cee42acf6aeb7864369d78b960016243d72056dd744ca1d8d964b87cdf23a08c786a0c1385c01acd4e83a7cc1ab762","ssdeep":"","tlshash":"95c0223e321816812df60c0af300708543cbe2df078016047b436ea38988d2d9c5931a","size":194,"data":"","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aistekso.net/401/6551786","fqdn":"aistekso.net","domain":"aistekso.net","tld":"net"},"ip":{"addr":"139.45.197.244","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"a27aff2a3dff6d6aebafa01996ee073e","sha1":"ac005ab36ccaf3022d75e46bbdad9c7d43e7d42f","sha256":"57403c7b771d313b14a87f162e2a51edc7b0970cdb7f12eeb799f86a4cca4594","sha512":"b0acc530b12e9bfca90966a829443a6bd26fded524f32ea6550e84a5cbeeded0c972a659638b9587f1d6941caf43df2142edb107a6a2bf3c6b4420c15a666041","ssdeep":"1536:kcpvumYSqZ0eL/DE70XaqV+gmRrFjvwF3+:B2XaqVlm1CF3+","tlshash":"939395a1f1a271fa4622f86348af225b837a66a4f86f8570617da150373015ff12fddc","size":88931,"data":"","first_seen":"2024-08-20T20:45:50.162176Z","last_seen":"2024-08-20T20:45:50.162176Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/teHhkQ0cbFwoleAwRAH5+QU9XdX5eEhcsKQhFLwkLKhAecS5LSSYrYQwCAH53XhQFLSBFXgEtJEVJQiIjGkVQZTMIFw9+IBQPEzYyCAABJ2ENGVkuKAIRCC8mXUoidmlIXVZzbwBJVWZ0Ol1WcysRFhE7YkpIHHtxJ05QZnQ6XVZzNQ5dVwJ2SEFKc25dSl-QkIhsTC2Z1PkpUcndISVRyYkpIAio1HR4LO2JKPlVydlZIQjZ6SQ","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"108.157.232.39","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"22c9f35569689355fde8085da82dc4d1","sha1":"4b04bc31599935223b957d278a6478725b786ec1","sha256":"2c1ea9e8cb1996b0f90987ab050e409ff697ac5767c7625fe782db811e6f200d","sha512":"33c6639e78324016e1b8aebecc3511ff3d9cf58fe8551c229b849222c5d9b68a11b225d11a055daca55d5f7a9bcc57b571682a8823a23aa741db6b4399d1c02d","ssdeep":"","tlshash":"8611863ea65c4855b673f80a13f5f8ac864870cd12f0576a26130753eb0ce1f8ae531c","size":856,"data":"","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/TbkhJQ1YNJyclaRohLX5vV399cmJIIjosOB51BXIFGBkAex4ELn4GJB15bzcsCnV5ZToPJi5+cAsmKn5nSCktIWtabj0zOQV1Li8hGT08My4LLG82N1MlJjk/AiQoZmQofWdzc1x4YTtnX216AXNceCUqOBswbHFmFnB/HGBabXoBc1x4OzVzXQl4c29AeG-BmZF4vLCA9AW17BWReeXlzZ155bHFmCCE7JjABMGxxEF95eG1mSD10cg","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"108.157.232.39","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4421ddf180005c6d2e70b541e6e3db5a","sha1":"3f37ab43c03d4086c75c86d199dbb44e2847dc61","sha256":"d7391befca7cc843aaaf41f098cdcd7ecb4e1f4f8121e9381fe6a535165e20c7","sha512":"0dd7fdf3809579d0a151248698bd50e8734f1cfea104c71337cd556d923ce35b03c75b974617ee5eec32fc661b7f22d4ecbf0625e51b1a39b0ccb7ae21697b3d","ssdeep":"","tlshash":"4e01703d9aa89884b8b37d0607f0f4adc688304e22f007a263030793df08eaf42e431d","size":791,"data":"","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/bundle.pack.js","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"b7a0b4d8ad643025de822486283a2bbf","sha1":"28b0afdd6b9ccf94645ac0ed5c55aa35c7dc892c","sha256":"fc981871b8271bea9270a3af4f77bb50d37101e555dd6801fe7ecf9e26a9b12b","sha512":"66ab32d20f4ded5de92b4c9e0aed74e7136223d85702b93c5a6bd0daed999661c669a43d95c2e444328ce6adc8643e6b945eb1817eaeefc98d575cf4365dbb19","ssdeep":"6144:Bi8eGRuufsr5zQ47GK2iWIHf+e/wh8gOO:BiURum05k4COO","tlshash":"22640959768db136425b21f6102f150ab23b29bfa40d9118f16cc8f96d7dd8aa237f3c","size":331817,"data":"","first_seen":"2023-03-07T01:41:19Z","last_seen":"2026-05-06T20:40:01.383836Z","times_seen":363,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"llama.website/Sq","fqdn":"llama.website","domain":"llama.website","tld":"website"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/custom.min.js","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"6d0fd498fae4b3e791c3960f13d990a4","sha1":"17fc76b7d7baf945b510380329a265673bfe7bd1","sha256":"e2f9b84536c735a5d94780169580ecfb7e4114f4ae3d011d1fd2f16c408febfe","sha512":"ff9c965b35bb27ea2508a9b66ee687e1fda75fb3d9ae4a69503643a46bb6e9d69dd63e04823d70c5ab9b6a909b5eb584d99cd1aa2fafa6adac204b58e1f8a734","ssdeep":"192:SBYBxP4en6N6C6lH9/JwSzLA5kSApcpX7ctkjQYLIfQ9vz/e6A:R3P4en6N6C6lH9/JwSO1AGaqkQ9v7e6A","tlshash":"8e42622cb169e4bb13ff352b116e694520263c6dd5062219f0a995b52efcc843177b3f","size":13184,"data":"","first_seen":"2023-10-19T01:13:37Z","last_seen":"2026-04-18T22:58:50.553124Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/js/adsbygoogle.js","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e9e391ad98fbe1b2de0b7b4fa9ca904","sha1":"21d7771223e8286a06ad878af425094a40de32b5","sha256":"1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69","sha512":"defa1ba5ce4193014a4657fe394734634087d66c9db8024778ea2c3a59be02e38e0077725c7d000ff7046bea23070594f8942446c6068b4032d329d0716532b0","ssdeep":"","tlshash":"f63197075511c5fa022195d6ea7a3e2e61337628523440a8f238f23b23770cbf3d1abd","size":1648,"data":"","first_seen":"2023-05-06T01:21:43Z","last_seen":"2026-05-08T02:53:21.221592Z","times_seen":71605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gishejuy.com/400/6551784","fqdn":"gishejuy.com","domain":"gishejuy.com","tld":"com"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"e090d59aeb53215074982292f514c3ca","sha1":"e81355ab40be8b86c40546bf386645b53c21b0aa","sha256":"e07745f1a30fffc972c3792214cd4f7b501903f5d05ce11e78d570469c711b20","sha512":"d48245f60013aa310fb7bc32d1e4158b4a417dca53219c82e92811954ec66d13dfbb518f071d01a074490a2996f5713b153753ee70bbc1757151dbf535496269","ssdeep":"1536:CDlqP7JqOO3hJ5zkq88tunUEQwpO+L1YJAL+n:JlwO1qA+n","tlshash":"ab8374a5f16674ea4222f87309af125b977a6664f82f8570a03db291373011ff16f8dc","size":82015,"data":"","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c\u0026type=direct\u0026page_id=6096484\u0026screen_width=20\u0026screen_height=634\u0026os=Linux%20x86_64\u0026refurl=https%3A%2F%2Fllama.website%2F\u0026pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15487444%2FDailymotion.com.txt.html\u0026rnd=1699217522901","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.21","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"introduction_type":"scriptElement","is_inline":false,"md5":"861f4fb6baa2937a6b7a15af7fd0c015","sha1":"44a08d201ecb4c26bfc16eab5bf3caf850e1e461","sha256":"a1b82ba1a7bf5f15ad46e9ff9c363dcb0c0ac83a1b638270b665f325799aa031","sha512":"19cb1e40e9fb221b812902b62d01edd35ca394fb37e4e5650bda5323df08810a3e9cd72d64d8005ec2f270c70bdfd04a755f824c455699ab5eba5e12d0118f7e","ssdeep":"","tlshash":"14f09660ae064014fa1c306164b5e16c7414743b8c43c912c44dec7e2df2fa54deb10c","size":590,"data":"","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a912e7afe74b51fdd03b28bf67e7d409","sha1":"85004dfe087af5a730261c85262661d89b3d2516","sha256":"706b3882753d8f81cfcf35aa2623303b1b380c8106686a4ad12a1fae23cf4650","sha512":"e26c5894f4b2933eeaefbfd7a71524bc4e8ca5a1dc76ff47497d6302ffe07afe99ff830e5f1482cc32dd1209d378fabe2cc9fb722d6701cf4dae8bcc7ddec98c","ssdeep":"384:9yar9y5TNTzraVGpDKJ2pT2M8WtH5uJ7Se0A+X3+sUYhLfGMb7EsRU7YSTRUk0k:9yR0CuY7uJ7Se0A+X3+sUALxb7EsR4","tlshash":"3fc222a872c7f0f1475265604c2f380f63776e19194ee544ebb9cc81aeb469f8432f6a","size":26164,"data":"","first_seen":"2023-03-07T01:18:51Z","last_seen":"2025-01-30T15:49:46.882259Z","times_seen":1752,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15487444/Dailymotion.com.txt.html","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba71a86056b5c9ef37b625aade54337e","sha1":"4769c2a07aa71c342dcb06dfa2950cff7ecae40f","sha256":"65d96ab8cd224643e09a693cdc8fa0b76eb9c6cfe0a4be8b797136ca83a305c0","sha512":"e115753c5b2d6cbecba098a1efc800f3b04e17610b6e509e81aa0bb637e4f7d74b1c9c79d89e7e4bf7204d7607a8ba490b44adf1719b6a20bb96e3819e55fdc4","ssdeep":"","tlshash":"d9c02b89210e0c7190f733808f3fbd01f4122364a4d05c33484e23058e20f27d358910","size":155,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2026-03-28T13:29:03.445604Z","times_seen":3495,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/libs/feather-icons/dist/feather.min.js","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"199d840e1af3952233f1756b75a9b1dd","sha1":"546be62a3e3d88dc2cf232be12879209b465aef1","sha256":"5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9","sha512":"ef1df38a56b8b76a8dc9caed677d473b436726bf24836548ebb60ba114b28bd84685137ae851d85abec0c5af58d49f6d1981d504fa888d2135a201eb253cf9d6","ssdeep":"768:xBs5L1Xq52eUoxdaQfnalvNsojRu9J0zNcHqLExvi/9TkJ0HqvzpO5tGwNcpJzRK:xBESfnFtycpJc","tlshash":"e7734e367d4db69ed10743d61a1f6026636f22fff88c4214e06c46b0c9276d7ee67a28","size":75779,"data":"","first_seen":"2023-03-07T01:06:48Z","last_seen":"2026-05-08T00:13:40.528298Z","times_seen":1217,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cameesse.net/1?z=6551785","fqdn":"cameesse.net","domain":"cameesse.net","tld":"net"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"d6ba4680931eb92edeeb7a34913ceb46","sha1":"c2c1b62dd0346c080651912a29527480cf3773af","sha256":"d751a0dd2a4dc3388cf8b8f0e8800b69baf39ca2a7b48f2c5bbabae493c1ebaa","sha512":"6d60ad15e807f7f1a806dbddb9c89138f1534b6b69d919d5e7750ba1f3e50b03387be26be3c43e80b84cd7e9ad22d767e3fdb3219c5dbf149e82ca71d91d4f67","ssdeep":"768:/tjRV51n59DQeT9ST/27BYyn7n/MF1DzryKlzWDIW/:/1Ma9STon7cy93","tlshash":"d2135469b482b0167ad6202d887f810ab37a7ddc145f74d4e01df8837ef605bd126eba","size":42869,"data":"","first_seen":"2024-08-20T20:45:50.166892Z","last_seen":"2024-08-20T20:45:50.166892Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dweatherbe.org/N3hUbzBWGjcCD1ZFNklFRRRpSgJxXWYpVEJIJBpUBwswA11NHnoMXFgNMAlCWBYgQV5SDHFddmMaPwd6ZkkNIXpOGzgOYlgQGDcFQS5nVglUFR4meV0XJyByAkkWN3lxPxYEcVIAYCp8WUwTJXIGTTYVU0Q7OjkFbSw7P3peTXFdclQ5JwJ7WU06PHNcDB04RFYaPl9KeCkCXnxeQDwoZAdAGRYEezQTVwJ5SRkDel0TcV12dhEFAGpaKTsJZ1MCN15IAyEAG15vSmVZcW82NwpzYgkbLUNAGhwpXXEWFkoCcTATLVFVIDstUwYAYCBKYQIMPlwDG2ZWcVI/eS1dbT5gGXx0OW0uZwZPFjhiUh0MA0ptSWFaUn8+OSxzck8eBXF1NRMXSHI+bVpVcEk5PHQGSDcIFl0LOwFACjRlPEZmMWwnWlFPER1DBg","fqdn":"dweatherbe.org","domain":"dweatherbe.org","tld":"org"},"ip":{"addr":"108.157.214.79","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d8f0ca947ffe271373498b11bacda08b","sha1":"a924f8dda87f40d986bba09137718261e18eaa40","sha256":"e175823efab189c253ddea75a20162ea8844a95fbb9148a479c134a66f2bad5d","sha512":"0d564d33539117d510dca5b0155b7cfa1d4362a62ad03e8497fbc8c9d9efe91a483780c9b5be9f676e77aa5839bd979fc0ee472ef8f6e424d4043827fb03346b","ssdeep":"","tlshash":"3551bd8d34f3a082c2b2b025417bb896fa285a94934cca14873d97bcbd715ed6317f4c","size":2982,"data":"","first_seen":"2024-08-20T20:45:50.167861Z","last_seen":"2024-08-20T20:45:50.167861Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:gr5xyIhZ6pQ/d/bTQcFeqZVxNnR36Hc9lDJlQC8dA9Sa5fLtUB5roNiEP:gr58IhZ6pg/bTXVx9t689fN8INtEONig","tlshash":"7ea1cd9b39e650310332bfe91bfaa559b22937605220c161be0c915b7399233d3e1bec","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-08T02:57:55.835632Z","times_seen":851507,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alwingulla.com/88/tag.min.js","fqdn":"alwingulla.com","domain":"alwingulla.com","tld":"com"},"ip":{"addr":"172.67.152.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ef86893826198fd03b2dc4e422834c9","sha1":"0dc1d39a850eb98f424881d9533e02a1774ab561","sha256":"7f513e47cbf6f8bb8697296b79513a2a1b44e1e8b080c8c6b2d832328942b9c4","sha512":"8ccaab693c6d65d2b981444ef68d953a2fffba1c6fe97151aa99f1ab9757d9d993489e0fca2a7e192932827f746a9f711152f06f751f27851ef8599bb1f37724","ssdeep":"1536:mKdYTTrm68TQ36vjAwHdrDBo7LycVAXhLrwghdKctPlXBBgg5wlIETpS:ddYrm6h36veo/dBXqIt","tlshash":"a463e68db6a5703592a721b9603fa219b33769252c498420b52fd8c03f3de4e9377f6d","size":72270,"data":"","first_seen":"2023-11-04T12:45:03Z","last_seen":"2023-11-06T23:54:35Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ibrapush.com/pfe/current/tag.min.js?z=6551787","fqdn":"ibrapush.com","domain":"ibrapush.com","tld":"com"},"ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"258578af3c107ccb907f73c3a2f4c25f","sha1":"7a192edea829968fb7f57f2a2fc4cb5b612598be","sha256":"1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75","sha512":"ee2dc2552469614b43681a54cf733fa490668f95a607241562bd1de07997ca5fa80e36286dcfecf255d71ba6777e7fffe0cf071f712b16dc7c08fa4f6fccba5c","ssdeep":"384:kyZo1BF22ITo2HQfPeyteI56QGQXluwi8I2xDnk:kycI2Io2wbHjXlfiok","tlshash":"b55282bef198ac6123e12cc7183f50ad58299d58f976b5f8d038a5b17c23016b3dbe84","size":13300,"data":"","first_seen":"2023-11-02T10:05:11Z","last_seen":"2024-08-20T21:23:47.8715Z","times_seen":2697,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tzegilo.com/stattag.js","fqdn":"tzegilo.com","domain":"tzegilo.com","tld":"com"},"ip":{"addr":"104.21.11.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"89e89aea544ea2785d49cc4cd9cf26f6","sha1":"7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b","sha256":"86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9","sha512":"4b8dd773d9f31126c5ede9c02f2ba5bffd5086cb28bd60838479afb76929b73fc9242306dc83b8ff9ab89a272274041f8a2c58df55c4399f420d70bdd0348e43","ssdeep":"384:WD0oj9jB5FCCLbGPLG8wXcO0SXcxu7YB2glWqKbexTRl6mo+rv:Voq8UtwX30SXcvB/lHzRgMv","tlshash":"cd82c8da3219bd6a5ef02073437f3b6dba6694a4f47f85b2805678a4393154bf203ec1","size":19019,"data":"","first_seen":"2023-09-07T20:07:13Z","last_seen":"2024-08-21T07:20:54.605423Z","times_seen":2395,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"llama.website/sandbox%20eval%20code","fqdn":"llama.website","domain":"llama.website","tld":"website"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"69c02be3f74421ae2f1156f2b810e043a2c62b015ae7c402f00e003f2440fea4eee1e8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-08T02:57:55.85573Z","times_seen":853166,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cameesse.net/27/16252007f3b3918d0da1ccd482c4cb4d","fqdn":"cameesse.net","domain":"cameesse.net","tld":"net"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"58f985fd680e3117a6d6dcf62f50be34","sha1":"ae1f26a219ddedc232964d8b91619ed1f04c4618","sha256":"db0b413c92eef041a6dda8e7279a8cbee06755eab7b751c88bdbc22781e7e78a","sha512":"e5332b13284d2eecd7b31330d9deebfd411d73d8021f3c43d32e20cca728859e8be3e4a574ba50f73bbfa3bd3fbd579f1da3cffae100be3e911fa4d227ed22ff","ssdeep":"3072:WLDNJ2KTk7FPBCQbq4WDsDZfHVl6XMX0vC0118rRxvFLIL7oX:Mw2/p7xvpngnfX","tlshash":"7494c77df882b069bad9213f043f811aa33679ce144e31d4e025fc876df544bd2a697a","size":412574,"data":"","first_seen":"2023-10-31T15:21:53Z","last_seen":"2023-11-07T14:19:48Z","times_seen":324,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/js/js__file_upload.js","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"66684709338f7239056ff3302e16bc4a","sha1":"7dbd501434bdc062cdc8f6744e272a7d39ca5136","sha256":"5163e50a8fe4549a8ca064e266de9c8e6aebd1d848185e0931959824a4d32c0f","sha512":"736a47122121ab209a76fb53a07aad3fc5b3a10dd8e1c760b65ecb66a7c16c802d105d9db843d36216ad65f7aa50652cd5b626daa0b2bf7a1a1573dd8b83ea03","ssdeep":"768:nE5keq96s7jR29qxFJuuGBs98dSx1yUL9acoR13knV96Qx8VDJR:n+qP7jR29eFJuuGBs98dSx1yUL9at6VM","tlshash":"77c2e793778684a48dda157e249e03ca7634c4176d0aa850fc6ccca8ae74f89907bf7d","size":25884,"data":"","first_seen":"2023-10-24T16:45:51Z","last_seen":"2026-05-07T00:55:58.216263Z","times_seen":3526,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15487444/Dailymotion.com.txt.html","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"bada815b0add3317d69cbff824573d6b","sha1":"60ebc2061d3dbf196d418b6802aa0d971b7bc189","sha256":"f2fe3c2dc65244420df6fc8efd959211c4ef3d9f76e2a3c530b4a3163138d92b","sha512":"ebebfda077663be98ce77e2cd5423a0714b98afd3e733b59e81eb93b8fad64d788707761de91ed96d6cbe281cd96b11641a77532c41ae95a08944e1987070463","ssdeep":"","tlshash":"a43140f4ab7d64a498be210d633cf38fa46d60373c431c43ad5e55e41a71e2f0523a96","size":1636,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2024-08-21T09:18:42.71122Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-6703115-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4cf1c1bd4e781b470a75b6bc37acb5fc","sha1":"9b1aa50cc413f8f3addffe5574b523360b0bd0c1","sha256":"d3f43475e50edadd9ef28fbb819c43cfc8f604707a24eb185ef28f1814e7863a","sha512":"4eee446e93a0d2f2b0ba9e49daab23a62383bb700e4de4614df9757da2bf5e069492510e2aaabdaa56e76b70a39e6ae045a9d0660756a8c8c515085c27d328d4","ssdeep":"1536:DH20pHrwhQP2yzvztufBNw0QTPbiBJ3wiRTBkeoeAx9FIN9ZNq9yxqmHZiJuMcAU:DH2AHrwhAz0fBNw0bTBKrLIN9Z0TU","tlshash":"32d309d8b3d6b12683a374b8513f010bf17aad92f84cdc94e186c9c52e78699017bf6c","size":134590,"data":"","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"llama.website/Sq","fqdn":"llama.website","domain":"llama.website","tld":"website"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dweatherbe.org/R2hmbGYmCgUBWSZVBEoTNQRbSVQBTVQqAjJYFhkCdxsCAAs9DkgPCigdAgoUKAYSQggiHENeIDMNLgQNFlgFDiAwBwoJJzA6JyRTYlokPTN+MAI0UyItDg8VDDkOKiowAyonDgYNBT9TCzs1NRQeOREvJw9dVTQOFi4qPyQBMAEpEg0tMCY3LiEMKw0ROTw4Kw4uEVVDdSovLjcXLRw1HwQpJy4sdS0oKzAsHS0tLxUrJVQLHz0JBQIqBC80MB0SBBskDT4xNlYIBFc7BT4bNCoOAl8/BxYOIC4YHg1YUz08KTlQNDAdEig9UyM+ESZUFC0gJwV1XQI/Cmo5DSUONDwlXjx2OA0cMyQGAiU1ETofNQ03IScFCXYgNFgqCFosJzYrPh8ICh0hNwY8cTs3Sgw0BwgcWwwiKj4OPVoPX1cFAA","fqdn":"dweatherbe.org","domain":"dweatherbe.org","tld":"org"},"ip":{"addr":"108.157.214.79","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6da451c07ebd3d0052bcb2a6be2b3249","sha1":"ee041b970addfeb9166671a32c5c46b7777a7eeb","sha256":"c38674c6326cf328b79cfe9fd8b6e809f06a7fec1729812a47593413a08e60a5","sha512":"2dfce7223b006d83e3c9114325b348249e8bebebaadd81f3d40737f49676f635ea69c686f53395f2ee60ae140fc4014bcb6d97d92c2c482189bbc3570a656822","ssdeep":"","tlshash":"b5519c8d34f3a082c2b67025553bb99afa389a90834cca14863d96bcbd715ed6357f4c","size":2975,"data":"","first_seen":"2024-08-20T20:45:50.170449Z","last_seen":"2024-08-20T20:45:50.170449Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dweatherbe.org/Rzg1QzQmWlYuCyYFV2VBNVQIZgYBHQcFUDIIRTZQd0tRL1k9XhsgWChNUSVGKFZBbVoiTBBxch5abShNCXxWDHIrQGYAdixpYyRfCG5wd3MFeQwPcXd+VxRmdn1mL0x2YGZ6YSNVBTBzAH5UEgUrXmcoARNtcChhEH5sB3wgAGYWUwpZcTRhFXx3cmUEaXsPcAF1fxRTDnxiclwlfHM0dSRffwdnFVtyAQQSenQ0YRRgXzBsBV9WAXEBQHcXBC90dChDF29MGnEGen8mez9bcgFMf2hzNFB1YHAoeABfUQZsBnlwFnUgWWIVRxRgT3t1BXlvJ2cWFXgGdixQeQJYDV19O0wSbwV6fRQLZAV2K0BtAlwNe2AGU2FSRixaNwVNK3Z3blMBbgZZZi1Acw","fqdn":"dweatherbe.org","domain":"dweatherbe.org","tld":"org"},"ip":{"addr":"108.157.214.79","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ad730c4900655f4f8e44059afc203db","sha1":"a1617a02e7ce730d80de7b4a29c2e2dcda2dd749","sha256":"9c9f28c1d3f51f513a793bec413e0169e48f19275d41a88c2ceff577fae96605","sha512":"52417cf9c5173239d64f86bc3130acaa492c176c6623d550fa048aac03b22d4126714590c2e6fd8643370c61dfe758881ec9dc63df26e694739ada8e44993772","ssdeep":"","tlshash":"c351ed8d34f3a0c282b66065553bb99afa384a90834cca18873d86bcbd715ed6357f4c","size":2958,"data":"","first_seen":"2024-08-20T20:45:50.171438Z","last_seen":"2024-08-20T20:45:50.171438Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"llama.website/sandbox%20eval%20code","fqdn":"llama.website","domain":"llama.website","tld":"website"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"23c336606ee3a6d444b305153fa0e2e2","sha1":"473a2111970ae2a94b373e656d20c4bd4184d703","sha256":"305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60","sha512":"ab0470885483545a0306733fa3a067239e299e0b47d35f9769a763f65ba5e9d928ee364a66f9e577499ab0c452f34dc7a3a48a774ce3d09e56fd88d1989e84ba","ssdeep":"","tlshash":"bbc02b137750017d2f1016b0b9009003a1c923005eb78001f006001f2040eae88dc180","size":128,"data":"","first_seen":"2023-05-06T01:21:43Z","last_seen":"2026-05-08T02:53:21.094739Z","times_seen":73575,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/server.min.js?v=1.2","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"c50c6644a1224a8e37de5332c627e01e","sha1":"9d394377c2e2552574cccc8c64cdf1c349879f98","sha256":"0963849b9fc2cbc55745df1a15d55f06cd46c2fec034129aee8bd588cd09fd47","sha512":"8c34dc73603106df63d189721ceb48061119a2948c022949f93d2a4570b2bf0fa68e305bb95621bacff978c9bbc80e0f6b1e8f88192d960f2a2c87d86e226ae7","ssdeep":"96:gOmTqpXxzk2zoo/Ann5yLVJAos14XQJ3568hOly2G7UqtAyBVJrLYq/VJ6HJX35u:9m+pXxYYooYMPAX2oyv+trLYWaJvOEy","tlshash":"1ce1a50d70c5d69a0237b4a7307b6976b47a3c48dd571000a18e94fdcee6dc466e7b0e","size":6624,"data":"","first_seen":"2023-09-29T22:21:09Z","last_seen":"2026-04-29T20:31:54.280904Z","times_seen":160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d46d2997ab218d1dba1ab614422ed53f","sha1":"3f1f6b9847c8ad209835db366c62fcb209b83a67","sha256":"09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42","sha512":"8042f4465f1d14c765b2e7be775ab6970bc0a5515552f5784b55beda45d192ccdc0d67be5389112be1b3728f78010c00be43010f6e8c940da9b8039c42820855","ssdeep":"1536:AtGiLDt83ZoniA34gXzFoY/T44V8zOr63UJ7lrVJszwISnKb2ZaIa51WgMP4Sd:c83A9pU4l2EISn/+78","tlshash":"7683b66af1a5fc6419e11dd7243e11814f2ea9d0fa0af870a05be5b2351210ab7f7fe4","size":87852,"data":"","first_seen":"2023-11-02T10:05:11Z","last_seen":"2024-08-20T21:23:47.869255Z","times_seen":2914,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"5d73df1f80de7c3ef1daf06124cf7a99","sha1":"1a00f9393376d4a711d267f0dd9a3a8e7e73be1b","sha256":"65cc6403587ce731ae7f8af830d4cd7fd430d68deaf35dc9f0f5c246b895e670","sha512":"0685fb4a63e795a209f4322d6d861bad7ab66e6363a4241a6d73896539cb2b842b1acf39220937c88a6da785095ad7709271a59e3845a0df80e03649e0e634b7","ssdeep":"768:6uDeGwc8hc71yR0CuY7uJ7Se0A+X3+sUALxb7EsRH:xDeGYci0k","tlshash":"5333e924b5c3b0674626752a982b380f3735de05b48bda40f7e6c890dea919f5423fbd","size":51161,"data":"","first_seen":"2024-08-20T20:45:50.173746Z","last_seen":"2024-08-20T20:45:50.173746Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"www.upload.ee/files/15487444/Dailymotion.com.txt.html","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.173Z","timestamp":1699217522173,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /files/15487444/Dailymotion.com.txt.html HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 05 Nov 2023 20:52:02 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 8948\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nExpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nLast-Modified: Sun, 05 Nov 2023 22:52:02 +0200\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nP3P: CP=\"CAO PSA OUR\"\r\nSet-Cookie: lng=eng; expires=Sun, 03-Dec-2023 20:52:02 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8948,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (4526)","md5":"00c49289a60011d0793803bb6ed57d2a","sha1":"5753dd7b5a07f8c351b35831ac18cb1909d3803a","sha256":"bcfe5f8bfa336a27f2f493de2bbc84ac4cc7a7817554a099f17952ceb4ae7cdc","sha512":"667d28f623e0cad713187e2915292449d91b5783ff5f489407736f032b6a33e46bb266b2eec3a859e9a30a9e73b0bfeba1f47f0331da09b07e9a87052d316d0d","ssdeep":"384:joJylIn7xpYwuu504YYeHYrDRzhU3E8+UUKIz40qoui/13eBizEm+f:joJCIn7XY20tuDRzh4E8+UUKIz40qouv","tlshash":"2a923ab1158ee82d8665a0d4e234fe9c98d774afc7800884e47b24b7a6c5f74bc221fd","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":1,"connect":30,"send":0,"wait":40,"receive":1,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alwingulla.com/88/tag.min.js","fqdn":"alwingulla.com","domain":"alwingulla.com","tld":"com"},"ip":{"addr":"172.67.152.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.157Z","timestamp":1699217522157,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alwingulla.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Sep 2023 17:51:53 GMT","end":"Sat, 16 Dec 2023 17:51:52 GMT"},"fingerprint":{"sha1":"08:D7:B3:96:27:87:C6:D6:5E:CE:B5:D5:5D:1B:5A:46:91:42:18:3E","sha256":"86:7E:A1:72:32:29:B7:58:55:D0:4D:FE:C9:93:1C:16:1E:DE:B1:59:81:5E:7E:97:4A:9F:43:12:3A:00:79:4C"}}},"request":{"raw":"GET /88/tag.min.js HTTP/1.1\r\nHost: alwingulla.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nx-trace-id: a367959372a230f95d2a4ed87d6c2ad6\r\ncache-control: max-age=86400\r\nlast-modified: Fri, 03 Nov 2023 15:26:23 GMT\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\naccess-control-max-age: 86400\r\npragma: no-cache\r\nexpires: Mon, 06 Nov 2023 03:47:14 GMT\r\ntiming-allow-origin: *\r\ncf-cache-status: HIT\r\nage: 61488\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=l3bPwo8KEcNiIkDYQVO3TCg7y39KAbu41AP716w4R7dl4DrsJpJNaomdPp4bzzsey3QtK6WtjnmWvEnIOaMSclAifOwB%2BSNz7qWuqGGXuizcF1c3jdB5DUCXk9NTONmu3Q%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8217fa699b4f0b06-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25175,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65494)","md5":"2ef86893826198fd03b2dc4e422834c9","sha1":"0dc1d39a850eb98f424881d9533e02a1774ab561","sha256":"7f513e47cbf6f8bb8697296b79513a2a1b44e1e8b080c8c6b2d832328942b9c4","sha512":"8ccaab693c6d65d2b981444ef68d953a2fffba1c6fe97151aa99f1ab9757d9d993489e0fca2a7e192932827f746a9f711152f06f751f27851ef8599bb1f37724","ssdeep":"1536:mKdYTTrm68TQ36vjAwHdrDBo7LycVAXhLrwghdKctPlXBBgg5wlIETpS:ddYrm6h36veo/dBXqIt","tlshash":"a463e68db6a5703592a721b9603fa219b33769252c498420b52fd8c03f3de4e9377f6d","first_seen":"2023-11-04T12:45:03Z","last_seen":"2023-11-06T23:54:35Z","times_seen":21,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":3,"dns":5,"connect":1,"send":0,"wait":15,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/js/js__file_upload.js","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:02.485Z","timestamp":1699217522485,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /js/js__file_upload.js HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15487444/Dailymotion.com.txt.html\r\nCookie: lng=eng\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 05 Nov 2023 20:52:02 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 17 Oct 2023 12:32:21 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: W/\"652e7ed5-651c\"\r\nExpires: Sun, 12 Nov 2023 20:52:02 GMT\r\nCache-Control: max-age=604800\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7670,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (1853)","md5":"66684709338f7239056ff3302e16bc4a","sha1":"7dbd501434bdc062cdc8f6744e272a7d39ca5136","sha256":"5163e50a8fe4549a8ca064e266de9c8e6aebd1d848185e0931959824a4d32c0f","sha512":"736a47122121ab209a76fb53a07aad3fc5b3a10dd8e1c760b65ecb66a7c16c802d105d9db843d36216ad65f7aa50652cd5b626daa0b2bf7a1a1573dd8b83ea03","ssdeep":"768:nE5keq96s7jR29qxFJuuGBs98dSx1yUL9acoR13knV96Qx8VDJR:n+qP7jR29eFJuuGBs98dSx1yUL9at6VM","tlshash":"77c2e793778684a48dda157e249e03ca7634c4176d0aa850fc6ccca8ae74f89907bf7d","first_seen":"2023-10-24T16:45:51Z","last_seen":"2026-05-07T00:55:58.216263Z","times_seen":3526,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":31,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/images/arrow.gif","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:02.544Z","timestamp":1699217522544,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /images/arrow.gif HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15487444/Dailymotion.com.txt.html\r\nCookie: lng=eng\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 05 Nov 2023 20:52:02 GMT\r\nContent-Type: image/gif\r\nContent-Length: 59\r\nLast-Modified: Sun, 14 Apr 2013 07:15:01 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"516a5775-3b\"\r\nExpires: Sun, 12 Nov 2023 20:52:02 GMT\r\nCache-Control: max-age=604800\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":59,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 6 x 9\\012- data","md5":"6675f814b94f13f91f1383707b250e36","sha1":"31452650e8fce2095613a2010799bdb7548bdd51","sha256":"061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411","sha512":"d232d7337ef45394ddeb09894a7aec31363ef026299bd047d49dc46975757da192136b03531ab7be451a4d28ce8e3250a9538f94c6ae38347537de00192e9c62","ssdeep":"","tlshash":"3fa0020295b4c144c80411761c58815056027226858e175736bc7722ec498a17152121","first_seen":"2023-04-30T19:35:34Z","last_seen":"2026-05-07T00:55:58.193881Z","times_seen":3576,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/images/dl_.png","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:02.489Z","timestamp":1699217522489,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /images/dl_.png HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15487444/Dailymotion.com.txt.html\r\nCookie: lng=eng\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 05 Nov 2023 20:52:02 GMT\r\nContent-Type: image/png\r\nContent-Length: 1900\r\nLast-Modified: Thu, 01 Dec 2016 09:37:27 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"583fef57-76c\"\r\nExpires: Sun, 12 Nov 2023 20:52:02 GMT\r\nCache-Control: max-age=604800\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1900,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 154 x 32, 8-bit colormap, non-interlaced\\012- data","md5":"f3e8f284a4e98cdb91b6abfc142d94a4","sha1":"fa9e618c2f56bea752ddd7e45a372c5539dadda9","sha256":"2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882","sha512":"e3d0865ac754c5956d7636635dd87df016e893a20c3292b0918b26305e4ebe3515a7498cff2e1902155de884b9fcfca8ec7a01d8a5ab5053b6ad62c914781144","ssdeep":"","tlshash":"6241398ffcfc75dc437e002a1a943806266692c471a4a7382b5108be2d4270f4224e66","first_seen":"2023-04-30T19:35:34Z","last_seen":"2026-05-07T00:55:58.19944Z","times_seen":3576,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-6703115-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:02.563Z","timestamp":1699217522563,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:02:30 GMT","end":"Mon, 08 Jan 2024 08:02:29 GMT"},"fingerprint":{"sha1":"3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA","sha256":"B2:36:22:7D:39:74:21:4E:E2:98:4A:15:1D:E5:2D:20:AC:EF:50:AB:7E:1D:E2:0F:75:35:83:BB:BE:A1:9E:ED"}}},"request":{"raw":"GET /gtag/js?id=UA-6703115-1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\nexpires: Sun, 05 Nov 2023 20:52:02 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 51343\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":51343,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (2213)","md5":"4cf1c1bd4e781b470a75b6bc37acb5fc","sha1":"9b1aa50cc413f8f3addffe5574b523360b0bd0c1","sha256":"d3f43475e50edadd9ef28fbb819c43cfc8f604707a24eb185ef28f1814e7863a","sha512":"4eee446e93a0d2f2b0ba9e49daab23a62383bb700e4de4614df9757da2bf5e069492510e2aaabdaa56e76b70a39e6ae045a9d0660756a8c8c515085c27d328d4","ssdeep":"1536:DH20pHrwhQP2yzvztufBNw0QTPbiBJ3wiRTBkeoeAx9FIN9ZNq9yxqmHZiJuMcAU:DH2AHrwhAz0fBNw0bTBKrLIN9Z0TU","tlshash":"32d309d8b3d6b12683a374b8513f010bf17aad92f84cdc94e186c9c52e78699017bf6c","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":23,"dns":11,"connect":9,"send":0,"wait":22,"receive":11,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/?dupud=997369","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"108.157.232.39","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:02.568Z","timestamp":1699217522568,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 10 Oct 2023 00:00:00 GMT","end":"Thu, 19 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52","sha256":"E9:59:5B:FB:7B:3B:3F:96:AE:46:70:B0:A0:33:9A:0E:15:23:16:45:47:E4:D7:05:52:4B:6B:08:84:7B:BA:1D"}}},"request":{"raw":"GET /?dupud=997369 HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 117711\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform\r\ncontent-encoding: gzip\r\npragma: no-cache\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 0f31cf94bd251bd501ac532dacb719fe.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: OqM4J3_tA9FNn8Gf7uNi6iR4mavSSj6u8VqkVc-2th2RMuYuS0n_NA==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":117711,"size_decoded":0,"mime_type":"text/plain","magic":"Unicode text, UTF-8 text, with very long lines (15948)","md5":"e77c40a35ea25a395aeb08270011d49a","sha1":"835f18b3bdc5a6e9c8f7d639ceabf06d419a1de6","sha256":"8ff3aa18b5f251fa41c9c670471d7e2514423f5690ee88bbfb3936d4aed18301","sha512":"6c2bcd2b63800bdf6f7d204c692c96892072db8c9791172025180f416439886023011504444db33ea783fe0933e72cc230df5daf93d9f3a628fb17917ddf5a08","ssdeep":"6144:WShLAyB2hrfV7+103N+w7ShLAyB2hrfVZM:Wi0yYh7VSg0Ui0yYh7V2","tlshash":"e5743b89be523869836374b540ff124e723f4669b8084dd4b49ad4d16db8d0a43bffac","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":true,"data":null}},"time_used":297,"timings":{"blocked":18,"dns":29,"connect":9,"send":0,"wait":183,"receive":18,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/fonts/nunito-sans-v12-latin-600.woff2","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.970Z","timestamp":1699217522970,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/fonts/nunito-sans-v12-latin-600.woff2 HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nuke.biz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-length: 17156\r\nlast-modified: Sun, 06 Nov 2022 23:25:02 GMT\r\netag: \"4304-5ecd59dbaaf80\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17156,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\\012- data","md5":"7e344afc10a492d516789f072fa6edfd","sha1":"f38bd0b4e9d0577528f533b8ecd80801a0c6340f","sha256":"c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3","sha512":"1af061accae6c1858f441f3a3032dc261210b741a4d89877bc2e3201be5ac23b507e1a903bd55d5eef7e59565f5a854bd14b93b93f6790d9cd99a06ad8f070b0","ssdeep":"384:/1ZGyYe6QJE/zIbmcN4EnZP1bYYYKZw4nSKp:S8fEsn4Ot8kG+Si","tlshash":"3172cf00ab3c0792df96e373837e8e9c23e59446c7cd0ed729d317a62e9c6622146a91","first_seen":"2023-04-08T02:59:18Z","last_seen":"2026-05-07T03:45:31.669833Z","times_seen":368,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":64,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/fonts/nunito-sans-v12-latin-regular.woff2","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:08.985Z","timestamp":1699217528985,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/fonts/nunito-sans-v12-latin-regular.woff2 HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nuke.biz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-length: 16980\r\nlast-modified: Sun, 06 Nov 2022 23:25:02 GMT\r\netag: \"4254-5ecd59dbaaf80\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16980,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\\012- data","md5":"8a97f720d330e75ccdbda9ae0e9f5e90","sha1":"8e4fee916581ab48d385187705667cebc7500afe","sha256":"97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787","sha512":"16442733c55c0fc0a07398605ca8bc20b45b0d3ea843ed5f0ecee6e0e80c1c37c0701ed2c59062daf0ce846e41f9199c865a31f9ae3859b0a5bddf22658329e0","ssdeep":"384:dhk7aTsMP0GXve7+heQytEkStFjmLgcPJs4QHB:wejPvX27weQyGVCLgcPJyh","tlshash":"cb72d046b0d2be59e346a4ff11721efe0839a5f9470e2094ddbec02604ab744271e723","first_seen":"2023-04-06T23:46:08Z","last_seen":"2026-05-08T00:56:51.496614Z","times_seen":1149,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js?userId=a54b3fba89bc4d09a1fe9ccba830cea1","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"139.45.195.8","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.938Z","timestamp":1699217522938,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rtmark.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Oct 2023 15:22:00 GMT","end":"Fri, 05 Jan 2024 15:21:59 GMT"},"fingerprint":{"sha1":"E8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42","sha256":"9B:0A:A1:20:ED:D2:5A:E5:AA:B9:4B:71:5D:B6:0E:BD:BA:E1:E7:51:62:8C:94:5B:6F:AD:21:A7:4C:E8:2D:F5"}}},"request":{"raw":"GET /gid.js?userId=a54b3fba89bc4d09a1fe9ccba830cea1 HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 65\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=a54b3fba89bc4d09a1fe9ccba830cea1; expires=Mon, 04 Nov 2024 20:52:03 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON data\\012- , ASCII text","md5":"a198a174ce69df65ff830e4c6dbaeaa9","sha1":"ccac2b37ba80251c565d377caf7f6f404a5d1fae","sha256":"e59255ef767611acfcc7fdcd5736cd5e40fb2168db38cd7555059bcc14a2d2e6","sha512":"271a2eded0c121b6beef86cfec58c2dad6100a13b38df589f5e1221c50c8872a80d991f3a187b2d6d15336ad086b858cfd8087fcac7a11bf90ba29541e691586","ssdeep":"","tlshash":"a2a0028c85d4da9d0404592e1ea697522048ce5a650c627b55d9921a15cb28cdd87a0c","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":97,"dns":2,"connect":32,"send":0,"wait":36,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/server.min.js?v=1.2","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.171Z","timestamp":1699217522171,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/server.min.js?v=1.2 HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 29 Aug 2023 19:48:06 GMT\r\netag: W/\"19e0-6041516f14980\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1712,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (6624), with no line terminators","md5":"c50c6644a1224a8e37de5332c627e01e","sha1":"9d394377c2e2552574cccc8c64cdf1c349879f98","sha256":"0963849b9fc2cbc55745df1a15d55f06cd46c2fec034129aee8bd588cd09fd47","sha512":"8c34dc73603106df63d189721ceb48061119a2948c022949f93d2a4570b2bf0fa68e305bb95621bacff978c9bbc80e0f6b1e8f88192d960f2a2c87d86e226ae7","ssdeep":"96:gOmTqpXxzk2zoo/Ann5yLVJAos14XQJ3568hOly2G7UqtAyBVJrLYq/VJ6HJX35u:9m+pXxYYooYMPAX2oyv+trLYWaJvOEy","tlshash":"1ce1a50d70c5d69a0237b4a7307b6976b47a3c48dd571000a18e94fdcee6dc466e7b0e","first_seen":"2023-09-29T22:21:09Z","last_seen":"2026-04-29T20:31:54.280904Z","times_seen":160,"resource_available":true,"data":null}},"time_used":467,"timings":{"blocked":127,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/libs/fontawesome/all.min.css","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.147Z","timestamp":1699217522147,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/libs/fontawesome/all.min.css HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 16 Aug 2023 12:51:14 GMT\r\netag: W/\"18efb-60309c02c9480\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21697,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (52276)","md5":"9a99091cf45671ab2ee178fc3896a494","sha1":"043f09bf20c5478aaca2abb5b3f4b034a20cca6a","sha256":"58fdbb37ecb0c8a4d514714e322edef085c1f9d71e703b3925b054437f446166","sha512":"f4ae9466b74826e80214b3c3c7c080fb0f837705f5d5810c401f5c751eb63f93b07eeae66dc51f0fa87940c0967785789e0e842cf1cf6096fa40599609e5c469","ssdeep":"1536:0wMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuMprrlCd:M709gMGFiyPGuMprlCd","tlshash":"93a3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-08-25T13:34:51Z","last_seen":"2026-05-08T00:56:51.497542Z","times_seen":503,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":148,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/fonts/nunito-sans-v12-latin-600.woff","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:03.276Z","timestamp":1699217523276,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/fonts/nunito-sans-v12-latin-600.woff HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nuke.biz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: application/font-woff\r\ncontent-length: 21048\r\nlast-modified: Sun, 06 Nov 2022 23:25:02 GMT\r\netag: \"5238-5ecd59dbaaf80\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21048,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 21048, version 1.1\\012- data","md5":"79ca5494c53495af3d607a356a181fa9","sha1":"8b1976713c7c694e6ebd4338685c49959cb738d5","sha256":"af36b391244e3c8c4ab03691c412c59c86c1a02812b16b76db7a907f25b6b59a","sha512":"bda1990b1bc9213af7823077a52c5212cc48fcdecebdcca6e5654fe96cf6cf52ee5207310baa8611e88f41b7372a706be6463676deed644fc3619514d14cd71f","ssdeep":"384:n899FdtLqKsyR5WWpSwktGjrY78jDOb+MgMmSoz46J0fmwHFQ8nqQeztsift:nKTrqjKWW3kAa8ja+Jz4K0OwH2txzBt","tlshash":"b192d1eb5f11b6baceb764faa1dbd2ca2448910f44c4b034cb1251c17bde7b2c587465","first_seen":"2023-07-19T01:40:51Z","last_seen":"2026-04-30T20:40:30.930702Z","times_seen":23,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dweatherbe.org/Rzg1QzQmWlYuCyYFV2VBNVQIZgYBHQcFUDIIRTZQd0tRL1k9XhsgWChNUSVGKFZBbVoiTBBxch5abShNCXxWDHIrQGYAdixpYyRfCG5wd3MFeQwPcXd+VxRmdn1mL0x2YGZ6YSNVBTBzAH5UEgUrXmcoARNtcChhEH5sB3wgAGYWUwpZcTRhFXx3cmUEaXsPcAF1fxRTDnxiclwlfHM0dSRffwdnFVtyAQQSenQ0YRRgXzBsBV9WAXEBQHcXBC90dChDF29MGnEGen8mez9bcgFMf2hzNFB1YHAoeABfUQZsBnlwFnUgWWIVRxRgT3t1BXlvJ2cWFXgGdixQeQJYDV19O0wSbwV6fRQLZAV2K0BtAlwNe2AGU2FSRixaNwVNK3Z3blMBbgZZZi1Acw","fqdn":"dweatherbe.org","domain":"dweatherbe.org","tld":"org"},"ip":{"addr":"108.157.214.79","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.112Z","timestamp":1699217523112,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dweatherbe.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Sun, 22 Oct 2023 00:00:00 GMT","end":"Tue, 19 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"B9:18:AC:1F:87:E4:2C:E9:36:35:FF:E7:F8:8F:F7:77:F0:AB:4C:4A","sha256":"50:E5:D8:5C:74:BC:BB:FD:C9:EC:F8:CB:E7:31:E6:48:4D:16:4E:C9:56:2D:FA:E7:02:D5:38:25:45:DD:BE:9A"}}},"request":{"raw":"GET /Rzg1QzQmWlYuCyYFV2VBNVQIZgYBHQcFUDIIRTZQd0tRL1k9XhsgWChNUSVGKFZBbVoiTBBxch5abShNCXxWDHIrQGYAdixpYyRfCG5wd3MFeQwPcXd+VxRmdn1mL0x2YGZ6YSNVBTBzAH5UEgUrXmcoARNtcChhEH5sB3wgAGYWUwpZcTRhFXx3cmUEaXsPcAF1fxRTDnxiclwlfHM0dSRffwdnFVtyAQQSenQ0YRRgXzBsBV9WAXEBQHcXBC90dChDF29MGnEGen8mez9bcgFMf2hzNFB1YHAoeABfUQZsBnlwFnUgWWIVRxRgT3t1BXlvJ2cWFXgGdixQeQJYDV19O0wSbwV6fRQLZAV2K0BtAlwNe2AGU2FSRixaNwVNK3Z3blMBbgZZZi1Acw HTTP/1.1\r\nHost: dweatherbe.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1159\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 0078c2805bf98a4574ea5eee972aa9f6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: IJCA3GYadvmYTzydkBHYrtf_mQKKW9KCcZZdxsUGwwzXDdI9Q551gw==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1159,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (3003), with no line terminators","md5":"dca55db44a6c986c423c6dbb3ab1f2f7","sha1":"61cdc68f7585d153bbedbda8a59fe7f1a3768058","sha256":"86ad73d818f9279b95808d9701b65be60cf6c1c03d2459e0123ede2788ce966a","sha512":"d01c32f0e2b61dea90618508d1472744cd73ff1eca565d25061f2a913d7ccff57d932286a8e74ef3b664eb3666f74833796333dfd0a1151f0c83785d422722d5","ssdeep":"","tlshash":"da51108d34f3a0c282f26065443bb59afa284aa1834cca14863d96bcbc715ed6367f4c","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":7,"dns":1,"connect":13,"send":0,"wait":132,"receive":1,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dweatherbe.org/R2hmbGYmCgUBWSZVBEoTNQRbSVQBTVQqAjJYFhkCdxsCAAs9DkgPCigdAgoUKAYSQggiHENeIDMNLgQNFlgFDiAwBwoJJzA6JyRTYlokPTN+MAI0UyItDg8VDDkOKiowAyonDgYNBT9TCzs1NRQeOREvJw9dVTQOFi4qPyQBMAEpEg0tMCY3LiEMKw0ROTw4Kw4uEVVDdSovLjcXLRw1HwQpJy4sdS0oKzAsHS0tLxUrJVQLHz0JBQIqBC80MB0SBBskDT4xNlYIBFc7BT4bNCoOAl8/BxYOIC4YHg1YUz08KTlQNDAdEig9UyM+ESZUFC0gJwV1XQI/Cmo5DSUONDwlXjx2OA0cMyQGAiU1ETofNQ03IScFCXYgNFgqCFosJzYrPh8ICh0hNwY8cTs3Sgw0BwgcWwwiKj4OPVoPX1cFAA","fqdn":"dweatherbe.org","domain":"dweatherbe.org","tld":"org"},"ip":{"addr":"108.157.214.79","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.047Z","timestamp":1699217523047,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dweatherbe.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Sun, 22 Oct 2023 00:00:00 GMT","end":"Tue, 19 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"B9:18:AC:1F:87:E4:2C:E9:36:35:FF:E7:F8:8F:F7:77:F0:AB:4C:4A","sha256":"50:E5:D8:5C:74:BC:BB:FD:C9:EC:F8:CB:E7:31:E6:48:4D:16:4E:C9:56:2D:FA:E7:02:D5:38:25:45:DD:BE:9A"}}},"request":{"raw":"GET /R2hmbGYmCgUBWSZVBEoTNQRbSVQBTVQqAjJYFhkCdxsCAAs9DkgPCigdAgoUKAYSQggiHENeIDMNLgQNFlgFDiAwBwoJJzA6JyRTYlokPTN+MAI0UyItDg8VDDkOKiowAyonDgYNBT9TCzs1NRQeOREvJw9dVTQOFi4qPyQBMAEpEg0tMCY3LiEMKw0ROTw4Kw4uEVVDdSovLjcXLRw1HwQpJy4sdS0oKzAsHS0tLxUrJVQLHz0JBQIqBC80MB0SBBskDT4xNlYIBFc7BT4bNCoOAl8/BxYOIC4YHg1YUz08KTlQNDAdEig9UyM+ESZUFC0gJwV1XQI/Cmo5DSUONDwlXjx2OA0cMyQGAiU1ETofNQ03IScFCXYgNFgqCFosJzYrPh8ICh0hNwY8cTs3Sgw0BwgcWwwiKj4OPVoPX1cFAA HTTP/1.1\r\nHost: dweatherbe.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1173\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 0078c2805bf98a4574ea5eee972aa9f6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: RcPd7-eYvm8GDeSPCxrtZnq77z81RQrm-Qrn0gxSPRa6uBJ_X8WPmA==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1173,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (3020), with no line terminators","md5":"628b53cf4e7e7ea86d87f76ac91d5dc2","sha1":"ed480d41ec530e0a8308c74ed268e444644d2b59","sha256":"7b431e4c3d37daf8e0fb66d2c0295d0d0181a19c082defcdfa04d1cb917addc6","sha512":"e5c729a38c2806c772df0bf3e2d5ed8b4f7c18e989a933c728a5775ea96462ab74711fa90fee1f5184ecc3ea3a04c6238a1ad25643fd7bbced7c816e56122d99","ssdeep":"","tlshash":"0a51fd8d34f3a082c2f67055513bb99afa289a90834ccb14867c96bcbc705ed6327f4c","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":64,"dns":9,"connect":9,"send":0,"wait":145,"receive":1,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dweatherbe.org/N3hUbzBWGjcCD1ZFNklFRRRpSgJxXWYpVEJIJBpUBwswA11NHnoMXFgNMAlCWBYgQV5SDHFddmMaPwd6ZkkNIXpOGzgOYlgQGDcFQS5nVglUFR4meV0XJyByAkkWN3lxPxYEcVIAYCp8WUwTJXIGTTYVU0Q7OjkFbSw7P3peTXFdclQ5JwJ7WU06PHNcDB04RFYaPl9KeCkCXnxeQDwoZAdAGRYEezQTVwJ5SRkDel0TcV12dhEFAGpaKTsJZ1MCN15IAyEAG15vSmVZcW82NwpzYgkbLUNAGhwpXXEWFkoCcTATLVFVIDstUwYAYCBKYQIMPlwDG2ZWcVI/eS1dbT5gGXx0OW0uZwZPFjhiUh0MA0ptSWFaUn8+OSxzck8eBXF1NRMXSHI+bVpVcEk5PHQGSDcIFl0LOwFACjRlPEZmMWwnWlFPER1DBg","fqdn":"dweatherbe.org","domain":"dweatherbe.org","tld":"org"},"ip":{"addr":"108.157.214.79","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.379Z","timestamp":1699217523379,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dweatherbe.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Sun, 22 Oct 2023 00:00:00 GMT","end":"Tue, 19 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"B9:18:AC:1F:87:E4:2C:E9:36:35:FF:E7:F8:8F:F7:77:F0:AB:4C:4A","sha256":"50:E5:D8:5C:74:BC:BB:FD:C9:EC:F8:CB:E7:31:E6:48:4D:16:4E:C9:56:2D:FA:E7:02:D5:38:25:45:DD:BE:9A"}}},"request":{"raw":"GET /N3hUbzBWGjcCD1ZFNklFRRRpSgJxXWYpVEJIJBpUBwswA11NHnoMXFgNMAlCWBYgQV5SDHFddmMaPwd6ZkkNIXpOGzgOYlgQGDcFQS5nVglUFR4meV0XJyByAkkWN3lxPxYEcVIAYCp8WUwTJXIGTTYVU0Q7OjkFbSw7P3peTXFdclQ5JwJ7WU06PHNcDB04RFYaPl9KeCkCXnxeQDwoZAdAGRYEezQTVwJ5SRkDel0TcV12dhEFAGpaKTsJZ1MCN15IAyEAG15vSmVZcW82NwpzYgkbLUNAGhwpXXEWFkoCcTATLVFVIDstUwYAYCBKYQIMPlwDG2ZWcVI/eS1dbT5gGXx0OW0uZwZPFjhiUh0MA0ptSWFaUn8+OSxzck8eBXF1NRMXSHI+bVpVcEk5PHQGSDcIFl0LOwFACjRlPEZmMWwnWlFPER1DBg HTTP/1.1\r\nHost: dweatherbe.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1180\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 0078c2805bf98a4574ea5eee972aa9f6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: bijh8Cso0UQMQUpTDLkTUUzUsYDUKS-QjrqMLNVG3l5bokjziDAlkQ==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1180,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (3027), with no line terminators","md5":"cf7d7cfd27394320cb6470b5fc1f73b2","sha1":"f67ff22fa1f40a69037e931308ffd702df4969b3","sha256":"ce88de864812f345ebf5b5034f53b3abf799cba4cb359a6c124ae182364d12b2","sha512":"2e58a189ac1d2262ccd7b0e764353327029e68ed83638cb64182494a92579a778d907751e49e879145fa699a72840b7835e478f2421eb97fd6ad15a8a3da42ef","ssdeep":"","tlshash":"83510e8d34f3b082c2b2a065407bb49afa285aa1934cca14867d96bcbc711ed6317f4c","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ibrapush.com/pfe/current/tag.min.js?z=6551787","fqdn":"ibrapush.com","domain":"ibrapush.com","tld":"com"},"ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.940Z","timestamp":1699217522940,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ibrapush.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 25 Aug 2023 05:43:35 GMT","end":"Thu, 23 Nov 2023 05:43:34 GMT"},"fingerprint":{"sha1":"3B:3D:4B:42:6B:6E:62:C4:F4:D3:DC:97:17:EF:48:8C:68:5C:58:85","sha256":"AA:D3:D2:41:41:D1:0D:72:78:07:A2:BC:C4:A2:AB:BC:A3:19:1C:89:62:3C:00:77:F3:2E:C4:37:A6:AD:7D:90"}}},"request":{"raw":"GET /pfe/current/tag.min.js?z=6551787 HTTP/1.1\r\nHost: ibrapush.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 02 Nov 2023 08:40:08 GMT\r\netag: W/\"65436068-33f4\"\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache\r\npragma: no-cache\r\nlink: \u003chttps://my.rtmark.net\u003e; rel=dns-prefetch;, \u003chttps://my.rtmark.net\u003e; rel=preconnect\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5780,"size_decoded":0,"mime_type":"application/javascript","magic":"C source, ASCII text, with very long lines (13300), with no line terminators","md5":"258578af3c107ccb907f73c3a2f4c25f","sha1":"7a192edea829968fb7f57f2a2fc4cb5b612598be","sha256":"1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75","sha512":"ee2dc2552469614b43681a54cf733fa490668f95a607241562bd1de07997ca5fa80e36286dcfecf255d71ba6777e7fffe0cf071f712b16dc7c08fa4f6fccba5c","ssdeep":"384:kyZo1BF22ITo2HQfPeyteI56QGQXluwi8I2xDnk:kycI2Io2wbHjXlfiok","tlshash":"b55282bef198ac6123e12cc7183f50ad58299d58f976b5f8d038a5b17c23016b3dbe84","first_seen":"2023-11-02T10:05:11Z","last_seen":"2024-08-20T21:23:47.8715Z","times_seen":2697,"resource_available":true,"data":null}},"time_used":290,"timings":{"blocked":117,"dns":13,"connect":43,"send":0,"wait":35,"receive":0,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aistekso.net/401/6551786","fqdn":"aistekso.net","domain":"aistekso.net","tld":"net"},"ip":{"addr":"139.45.197.244","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.946Z","timestamp":1699217522946,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aistekso.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Oct 2023 12:40:15 GMT","end":"Sun, 14 Jan 2024 12:40:14 GMT"},"fingerprint":{"sha1":"ED:B9:45:BE:46:3F:F4:75:11:1C:6C:E9:06:15:9F:A7:09:51:83:8B","sha256":"CF:AF:CC:6E:57:59:9C:B0:F4:4B:EC:89:39:BB:6C:80:03:88:2C:71:EE:E5:2D:6E:88:A0:C0:E3:22:B9:1C:E8"}}},"request":{"raw":"GET /401/6551786 HTTP/1.1\r\nHost: aistekso.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: b09d3a42e01b057fcb39703011ae302a\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64\r\nset-cookie: OAID=1315dd1746574ddd995541f81597539d; expires=Mon, 04 Nov 2024 20:52:03 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55189,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, max speed, from Unix\\012- data","md5":"96bbdfd7ef73a768c1e785eb7f9df25d","sha1":"159c688f7493cafe3e3bcee64f391d590d3fe2bd","sha256":"6022b1a4d35f6209b60e7c525921b2c5dc58cb1e6951ffc06be7ffc5be812815","sha512":"db751062624503e2c22739f3294ea3d43f1510bb231689850e353616adc70f39f398e861c28fd99597ef082db341df2ea0d068d9af9c73d215f4c38e63e8189d","ssdeep":"1536:23dqcaNk4UpJv8Nq78T/Tl0FgjahKxqmTNjnpZst:2NYNkxzvl8T/50F2aADTNzpZK","tlshash":"384302074f8988998869bbb381c3706174a1d403f9dc6668f9c362469e19b74afc7d8f","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":420,"timings":{"blocked":167,"dns":51,"connect":40,"send":0,"wait":74,"receive":0,"ssl":82},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"aistekso.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cameesse.net/1?z=6551785","fqdn":"cameesse.net","domain":"cameesse.net","tld":"net"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.961Z","timestamp":1699217522961,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cameesse.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Oct 2023 10:27:53 GMT","end":"Tue, 16 Jan 2024 10:27:52 GMT"},"fingerprint":{"sha1":"95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6","sha256":"89:6A:B1:3B:BF:FB:C6:DD:BB:F0:24:7B:2A:7D:95:5E:E8:D5:A4:13:4E:81:18:AE:04:52:F2:5A:8C:9A:FC:B1"}}},"request":{"raw":"GET /1?z=6551785 HTTP/1.1\r\nHost: cameesse.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: \r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace\r\nx-trace-id: 529bcd63fec456c084c8fe4fdc26d950\r\naccess-control-expose-headers: X-Sc\r\nx-sc: nvgF1F-iPwS_EghHtokQlMN4QzZXSvuF_T8fICdJHVmRr2CxV_EBexGcAsMww9fRZCKJi_DQ1sip5H2spcPUwItO9wo=\r\nset-cookie: scm=1; expires=Mon, 04 Nov 2024 20:52:03 GMT; secure; SameSite=None\nOAID=059285de059a4d1cbb4d677dfe7adcc8; expires=Mon, 04 Nov 2024 20:52:03 GMT; secure; SameSite=None\noaidts=1699217523; expires=Mon, 04 Nov 2024 20:52:03 GMT; secure; SameSite=None\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Mon, 26 Jul 1997 05:00:00 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":101775,"size_decoded":0,"mime_type":"text/javascript","magic":"gzip compressed data, max speed, from Unix\\012- data","md5":"fbb1d064d17dc36bd89d680c5ee64f19","sha1":"4f9d677d5924a7ab597d2f5e83ae0e83ffb242c9","sha256":"9cd7bf5dfc1ce725258257a86249aa5d0954dff1a15f640af0102a23c4021368","sha512":"5c8963cec247dccee4eb68c83be993b1e5544ef0ce15624db1db714fb7b999c51837db35a6f23fe348d4231de51e5c3a4a0b380ca3bc2fe6b46704eaa089524c","ssdeep":"1536:NC8Fd7Wb07hbvXLFhI7+DnrlTtu31pMlUQo8nRK5sWfvMTRl0LgvzJ3kTV5k7zso:NrhbvbfOuZ5u3jMl5o8n1wLgvl64k60s","tlshash":"30a3022c6fedcf026a7daf65e51fc0cc7055800a0ede36796e4b8a1c7466a371d86a31","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":91,"dns":4,"connect":42,"send":0,"wait":77,"receive":0,"ssl":77},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"cameesse.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ibrapush.com/zone?pub=0\u0026zone_id=6551787\u0026is_mobile=false\u0026domain=llama.website\u0026var=\u0026ymid=\u0026var_3=\u0026tg=0\u0026sw=3.1.471","fqdn":"ibrapush.com","domain":"ibrapush.com","tld":"com"},"ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:03.690Z","timestamp":1699217523690,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ibrapush.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 25 Aug 2023 05:43:35 GMT","end":"Thu, 23 Nov 2023 05:43:34 GMT"},"fingerprint":{"sha1":"3B:3D:4B:42:6B:6E:62:C4:F4:D3:DC:97:17:EF:48:8C:68:5C:58:85","sha256":"AA:D3:D2:41:41:D1:0D:72:78:07:A2:BC:C4:A2:AB:BC:A3:19:1C:89:62:3C:00:77:F3:2E:C4:37:A6:AD:7D:90"}}},"request":{"raw":"GET /zone?pub=0\u0026zone_id=6551787\u0026is_mobile=false\u0026domain=llama.website\u0026var=\u0026ymid=\u0026var_3=\u0026tg=0\u0026sw=3.1.471 HTTP/1.1\r\nHost: ibrapush.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llama.website/\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 880\r\nx-trace-id: c0e4a35e2c63c3f7c43ce0a832663099\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":880,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON data\\012- , ASCII text, with very long lines (879)","md5":"91f9366ae07f386f5427528476d9b270","sha1":"42ee9db935044cdf7c595d591d26c8b9fb042da0","sha256":"54ac2c8f26e17e081cf44e8db048ff6e1d20626d3a8e74aaef067e77f6aea11a","sha512":"a04d84904f17b05fcb5e4372caebf60c0f2efe6d8bb02b748cb7cf2efbf8f751cf504fa81ac755fa7355c0295ba18fce1f64e059bbbad286df764d9bff7b20a0","ssdeep":"","tlshash":"531123291594797eca098295f0a67e1343fd603e778c298de5ed2f2418e76ec703022f","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tzegilo.com/stattag.js","fqdn":"tzegilo.com","domain":"tzegilo.com","tld":"com"},"ip":{"addr":"104.21.11.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:03.728Z","timestamp":1699217523728,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tzegilo.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 05 Oct 2023 17:59:18 GMT","end":"Wed, 03 Jan 2024 17:59:17 GMT"},"fingerprint":{"sha1":"52:B8:ED:73:BB:55:6F:9C:F8:97:7C:04:34:2B:AD:DB:55:0A:C9:6A","sha256":"07:36:39:15:A9:71:CF:06:DB:2E:AB:E4:D1:C8:B0:2F:6B:FD:B7:1C:D0:FE:59:DF:DC:D3:03:05:40:04:19:8E"}}},"request":{"raw":"GET /stattag.js HTTP/1.1\r\nHost: tzegilo.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 07 Sep 2023 08:19:52 GMT\r\netag: W/\"64f987a8-4a4b\"\r\nlink: \u003chttps://flerap.com/\u003e; rel=preconnect; crossorigin, \u003chttps://fleraprt.com/\u003e; rel=preconnect; crossorigin\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 7194\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=flvemIB51QYNDJ1rMG678gWFPNEAhImxb%2BJFAVfJBKu49Dm7GyIR%2BE94dFLpYGgIckH1ScCFYh%2FWtYfmG8rqAtbBWFRfAE721sxVR4sv%2FtSp%2FkbzEierRm3jbhAJ3w%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8217fa733c99b505-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":47011,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (18369)","md5":"89e89aea544ea2785d49cc4cd9cf26f6","sha1":"7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b","sha256":"86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9","sha512":"4b8dd773d9f31126c5ede9c02f2ba5bffd5086cb28bd60838479afb76929b73fc9242306dc83b8ff9ab89a272274041f8a2c58df55c4399f420d70bdd0348e43","ssdeep":"384:WD0oj9jB5FCCLbGPLG8wXcO0SXcxu7YB2glWqKbexTRl6mo+rv:Voq8UtwX30SXcvB/lHzRgMv","tlshash":"cd82c8da3219bd6a5ef02073437f3b6dba6694a4f47f85b2805678a4393154bf203ec1","first_seen":"2023-09-07T20:07:13Z","last_seen":"2024-08-21T07:20:54.605423Z","times_seen":2395,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":8,"connect":3,"send":0,"wait":10,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/teHhkQ0cbFwoleAwRAH5+QU9XdX5eEhcsKQhFLwkLKhAecS5LSSYrYQwCAH53XhQFLSBFXgEtJEVJQiIjGkVQZTMIFw9+IBQPEzYyCAABJ2ENGVkuKAIRCC8mXUoidmlIXVZzbwBJVWZ0Ol1WcysRFhE7YkpIHHtxJ05QZnQ6XVZzNQ5dVwJ2SEFKc25dSl-QkIhsTC2Z1PkpUcndISVRyYkpIAio1HR4LO2JKPlVydlZIQjZ6SQ","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"108.157.232.39","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dweatherbe.org/R2hmbGYmCgUBWSZVBEoTNQRbSVQBTVQqAjJYFhkCdxsCAAs9DkgPCigdAgoUKAYSQggiHENeIDMNLgQNFlgFDiAwBwoJJzA6JyRTYlokPTN+MAI0UyItDg8VDDkOKiowAyonDgYNBT9TCzs1NRQeOREvJw9dVTQOFi4qPyQBMAEpEg0tMCY3LiEMKw0ROTw4Kw4uEVVDdSovLjcXLRw1HwQpJy4sdS0oKzAsHS0tLxUrJVQLHz0JBQIqBC80MB0SBBskDT4xNlYIBFc7BT4bNCoOAl8/BxYOIC4YHg1YUz08KTlQNDAdEig9UyM+ESZUFC0gJwV1XQI/Cmo5DSUONDwlXjx2OA0cMyQGAiU1ETofNQ03IScFCXYgNFgqCFosJzYrPh8ICh0hNwY8cTs3Sgw0BwgcWwwiKj4OPVoPX1cFAA","date":"2023-11-05T20:52:03.900Z","timestamp":1699217523900,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 10 Oct 2023 00:00:00 GMT","end":"Thu, 19 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52","sha256":"E9:59:5B:FB:7B:3B:3F:96:AE:46:70:B0:A0:33:9A:0E:15:23:16:45:47:E4:D7:05:52:4B:6B:08:84:7B:BA:1D"}}},"request":{"raw":"GET /teHhkQ0cbFwoleAwRAH5+QU9XdX5eEhcsKQhFLwkLKhAecS5LSSYrYQwCAH53XhQFLSBFXgEtJEVJQiIjGkVQZTMIFw9+IBQPEzYyCAABJ2ENGVkuKAIRCC8mXUoidmlIXVZzbwBJVWZ0Ol1WcysRFhE7YkpIHHtxJ05QZnQ6XVZzNQ5dVwJ2SEFKc25dSl-QkIhsTC2Z1PkpUcndISVRyYkpIAio1HR4LO2JKPlVydlZIQjZ6SQ HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dweatherbe.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 599\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 0f31cf94bd251bd501ac532dacb719fe.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: uvl-4wYa4eNANFIImdSUNrkTllGDidEdk8fHc4kjLw6WB0tDwbEbqQ==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":599,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (856), with no line terminators","md5":"22c9f35569689355fde8085da82dc4d1","sha1":"4b04bc31599935223b957d278a6478725b786ec1","sha256":"2c1ea9e8cb1996b0f90987ab050e409ff697ac5767c7625fe782db811e6f200d","sha512":"33c6639e78324016e1b8aebecc3511ff3d9cf58fe8551c229b849222c5d9b68a11b225d11a055daca55d5f7a9bcc57b571682a8823a23aa741db6b4399d1c02d","ssdeep":"","tlshash":"8611863ea65c4855b673f80a13f5f8ac864870cd12f0576a26130753eb0ce1f8ae531c","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/TbkhJQ1YNJyclaRohLX5vV399cmJIIjosOB51BXIFGBkAex4ELn4GJB15bzcsCnV5ZToPJi5+cAsmKn5nSCktIWtabj0zOQV1Li8hGT08My4LLG82N1MlJjk/AiQoZmQofWdzc1x4YTtnX216AXNceCUqOBswbHFmFnB/HGBabXoBc1x4OzVzXQl4c29AeG-BmZF4vLCA9AW17BWReeXlzZ155bHFmCCE7JjABMGxxEF95eG1mSD10cg","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"108.157.232.39","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dweatherbe.org/N3hUbzBWGjcCD1ZFNklFRRRpSgJxXWYpVEJIJBpUBwswA11NHnoMXFgNMAlCWBYgQV5SDHFddmMaPwd6ZkkNIXpOGzgOYlgQGDcFQS5nVglUFR4meV0XJyByAkkWN3lxPxYEcVIAYCp8WUwTJXIGTTYVU0Q7OjkFbSw7P3peTXFdclQ5JwJ7WU06PHNcDB04RFYaPl9KeCkCXnxeQDwoZAdAGRYEezQTVwJ5SRkDel0TcV12dhEFAGpaKTsJZ1MCN15IAyEAG15vSmVZcW82NwpzYgkbLUNAGhwpXXEWFkoCcTATLVFVIDstUwYAYCBKYQIMPlwDG2ZWcVI/eS1dbT5gGXx0OW0uZwZPFjhiUh0MA0ptSWFaUn8+OSxzck8eBXF1NRMXSHI+bVpVcEk5PHQGSDcIFl0LOwFACjRlPEZmMWwnWlFPER1DBg","date":"2023-11-05T20:52:03.904Z","timestamp":1699217523904,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 10 Oct 2023 00:00:00 GMT","end":"Thu, 19 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52","sha256":"E9:59:5B:FB:7B:3B:3F:96:AE:46:70:B0:A0:33:9A:0E:15:23:16:45:47:E4:D7:05:52:4B:6B:08:84:7B:BA:1D"}}},"request":{"raw":"GET /TbkhJQ1YNJyclaRohLX5vV399cmJIIjosOB51BXIFGBkAex4ELn4GJB15bzcsCnV5ZToPJi5+cAsmKn5nSCktIWtabj0zOQV1Li8hGT08My4LLG82N1MlJjk/AiQoZmQofWdzc1x4YTtnX216AXNceCUqOBswbHFmFnB/HGBabXoBc1x4OzVzXQl4c29AeG-BmZF4vLCA9AW17BWReeXlzZ155bHFmCCE7JjABMGxxEF95eG1mSD10cg HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dweatherbe.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 567\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 0f31cf94bd251bd501ac532dacb719fe.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: kDSDFzNiwC4tliOM5JMojZScDoOvsXdujPphEL9vKeXA7BEWEUEuZA==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":567,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (791), with no line terminators","md5":"4421ddf180005c6d2e70b541e6e3db5a","sha1":"3f37ab43c03d4086c75c86d199dbb44e2847dc61","sha256":"d7391befca7cc843aaaf41f098cdcd7ecb4e1f4f8121e9381fe6a535165e20c7","sha512":"0dd7fdf3809579d0a151248698bd50e8734f1cfea104c71337cd556d923ce35b03c75b974617ee5eec32fc661b7f22d4ecbf0625e51b1a39b0ccb7ae21697b3d","ssdeep":"","tlshash":"4e01703d9aa89884b8b37d0607f0f4adc688304e22f007a263030793df08eaf42e431d","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dweatherbe.org/utx?cb=2cTV54LmYFcD\u0026top=www.upload.ee\u0026tid=997369","fqdn":"dweatherbe.org","domain":"dweatherbe.org","tld":"org"},"ip":{"addr":"108.157.214.79","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.953Z","timestamp":1699217523953,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dweatherbe.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Sun, 22 Oct 2023 00:00:00 GMT","end":"Tue, 19 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"B9:18:AC:1F:87:E4:2C:E9:36:35:FF:E7:F8:8F:F7:77:F0:AB:4C:4A","sha256":"50:E5:D8:5C:74:BC:BB:FD:C9:EC:F8:CB:E7:31:E6:48:4D:16:4E:C9:56:2D:FA:E7:02:D5:38:25:45:DD:BE:9A"}}},"request":{"raw":"GET /utx?cb=2cTV54LmYFcD\u0026top=www.upload.ee\u0026tid=997369 HTTP/1.1\r\nHost: dweatherbe.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\nserver: openresty/1.17.8.2\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.upload.ee\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\nset-cookie: ut=x; Expires=Sun, 05 Nov 2023 20:53:04 GMT; Max-Age=60\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 0078c2805bf98a4574ea5eee972aa9f6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: MjWkzOSOmB45RU1BdHqHdk0YMX6lh5baxPQeFaRq-1PskEPTsv1qng==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/YbXkyNDcOFlxSCBkQVgkOVE4GBA9LE0FbWR1ESlx1XS9Udm0sGGFaQ1lfRk5TUEkUWFYDHg8SUgMaDwURDB1QCQNLDFMJWgIDW1hbDFwAcgJDSRcGB0UBAwUSXjsXBgcBEFxBT0hLAkwPWyYEABJeOxcGBx8PFwd2XEkLGgdEXAAEUAgaWVsSXz8ABAZdSQ-MEBkhLAlJeHxxUW09IS3QFBlxXAhJCUEg","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"108.157.232.39","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dweatherbe.org/Rzg1QzQmWlYuCyYFV2VBNVQIZgYBHQcFUDIIRTZQd0tRL1k9XhsgWChNUSVGKFZBbVoiTBBxch5abShNCXxWDHIrQGYAdixpYyRfCG5wd3MFeQwPcXd+VxRmdn1mL0x2YGZ6YSNVBTBzAH5UEgUrXmcoARNtcChhEH5sB3wgAGYWUwpZcTRhFXx3cmUEaXsPcAF1fxRTDnxiclwlfHM0dSRffwdnFVtyAQQSenQ0YRRgXzBsBV9WAXEBQHcXBC90dChDF29MGnEGen8mez9bcgFMf2hzNFB1YHAoeABfUQZsBnlwFnUgWWIVRxRgT3t1BXlvJ2cWFXgGdixQeQJYDV19O0wSbwV6fRQLZAV2K0BtAlwNe2AGU2FSRixaNwVNK3Z3blMBbgZZZi1Acw","date":"2023-11-05T20:52:03.910Z","timestamp":1699217523910,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 10 Oct 2023 00:00:00 GMT","end":"Thu, 19 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52","sha256":"E9:59:5B:FB:7B:3B:3F:96:AE:46:70:B0:A0:33:9A:0E:15:23:16:45:47:E4:D7:05:52:4B:6B:08:84:7B:BA:1D"}}},"request":{"raw":"GET /YbXkyNDcOFlxSCBkQVgkOVE4GBA9LE0FbWR1ESlx1XS9Udm0sGGFaQ1lfRk5TUEkUWFYDHg8SUgMaDwURDB1QCQNLDFMJWgIDW1hbDFwAcgJDSRcGB0UBAwUSXjsXBgcBEFxBT0hLAkwPWyYEABJeOxcGBx8PFwd2XEkLGgdEXAAEUAgaWVsSXz8ABAZdSQ-MEBkhLAlJeHxxUW09IS3QFBlxXAhJCUEg HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dweatherbe.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 188\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 0f31cf94bd251bd501ac532dacb719fe.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: my9BpgDeNLxd9GX-ZBA792xAug8_Zglbq7XcgiCQRRwSXSDufJ_7PA==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":188,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"b15f21d99ea56239a052fe5660c6e4aa","sha1":"5517989e52d4374f35bc2a2c0021fd2bc34b62c4","sha256":"0f3be2ecc53c6df46a14b352489bd5a7c509cf68506a40b767d1d5d68a97c3b4","sha512":"a3b68fa487644a84cb0740a3c5320d8e63cee42acf6aeb7864369d78b960016243d72056dd744ca1d8d964b87cdf23a08c786a0c1385c01acd4e83a7cc1ab762","ssdeep":"","tlshash":"95c0223e321816812df60c0af300708543cbe2df078016047b436ea38988d2d9c5931a","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gishejuy.com/500/6551784?excludes=\u0026oaid=a54b3fba89bc4d09a1fe9ccba830cea1\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0","fqdn":"gishejuy.com","domain":"gishejuy.com","tld":"com"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:03.916Z","timestamp":1699217523916,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gishejuy.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Oct 2023 09:21:45 GMT","end":"Tue, 23 Jan 2024 09:21:44 GMT"},"fingerprint":{"sha1":"99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31","sha256":"FE:D3:58:83:02:F8:0B:53:C4:A1:8B:93:C2:9C:DB:47:1C:83:4F:DE:C2:A8:A7:91:E4:08:98:7D:69:3C:03:E1"}}},"request":{"raw":"OPTIONS /500/6551784?excludes=\u0026oaid=a54b3fba89bc4d09a1fe9ccba830cea1\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0 HTTP/1.1\r\nHost: gishejuy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://llama.website/\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-length: 0\r\nallow: GET, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 600\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":282,"timings":{"blocked":124,"dns":1,"connect":35,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"gishejuy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/fonts/nunito-sans-v12-latin-600.ttf","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:09.171Z","timestamp":1699217529171,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/fonts/nunito-sans-v12-latin-600.ttf HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nuke.biz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: application/font-sfnt\r\ncontent-length: 40096\r\nlast-modified: Sun, 06 Nov 2022 23:25:02 GMT\r\netag: \"9ca0-5ecd59dbaaf80\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7945,"size_decoded":0,"mime_type":"application/font-sfnt","magic":"TrueType Font data, 17 tables, 1st \"GDEF\"\\012- data","md5":"3a1513cefff77a44c1cf28039a71bae0","sha1":"1b23d21dce63982d9b76a04039f887604f329eb2","sha256":"14d2dc093b1921414cb9abd2c4c5358f70403a5f53cf14348f305a589733e7f9","sha512":"1ce7ed1b0d088d18ebba4c438bc70fa848ca8a1e32e346e1ff734860870b1288649f8acdee27f0e849d7919cbbf23608d4ebe177832aadd0abb58fcfdc9f495a","ssdeep":"192:BRjkxT2juMNQ0l8d+R8M6WQXHwPceluz2y4jHy:B5cfiR8M6WQ5yvu","tlshash":"04f1f527bb07c64be8092df8e9a467de077cac943d478b07fa860f6bdc421804dd4649","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":72,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.934Z","timestamp":1699217523934,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:48 GMT","end":"Mon, 08 Jan 2024 08:10:47 GMT"},"fingerprint":{"sha1":"16:5A:F1:76:25:96:2A:7F:80:A7:89:81:CE:D5:F4:5F:3D:29:9C:93","sha256":"64:6F:80:C0:FA:2B:EF:10:75:97:55:49:68:C2:2B:C7:64:DD:CA:1B:54:1C:FE:1A:31:B8:A7:DB:C1:8F:8D:7A"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:oCRmY8EXPYpIa8XD1dcwPZR5LLr1aQ:FSEIZ2O_awGZax48; Expires=Tue, 04-Nov-2025 20:52:04 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AVQVeyyQhUJPEpzuiuQaWIAZ7L_ByekdyQ1slq2XdPXdwvSoo_vwFZP7hc9V9t0YhRh23gPBxrVb\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: script-src 'nonce-AHy5qT8ZOppPt9k3IlJW-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-opener-policy: unsafe-none\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-resource-policy: cross-origin\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":409,"timings":{"blocked":190,"dns":0,"connect":11,"send":0,"wait":27,"receive":0,"ssl":174},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=mail","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.932Z","timestamp":1699217523932,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:48 GMT","end":"Mon, 08 Jan 2024 08:10:47 GMT"},"fingerprint":{"sha1":"16:5A:F1:76:25:96:2A:7F:80:A7:89:81:CE:D5:F4:5F:3D:29:9C:93","sha256":"64:6F:80:C0:FA:2B:EF:10:75:97:55:49:68:C2:2B:C7:64:DD:CA:1B:54:1C:FE:1A:31:B8:A7:DB:C1:8F:8D:7A"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=mail HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:XMyA4Qc1VLm8fng5DXszqlCkxBl3JQ:Vohf55Zy42SoE3ZD; Expires=Tue, 04-Nov-2025 20:52:04 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026ifkv=AVQVeyzpgnQ-4EHryUgl0y5-HIY2bZQH3KTJ2KORwpKqBunzZsctodtsadTXDr7XxhSptGKOaQ_m\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy: unsafe-none\r\ncross-origin-resource-policy: cross-origin\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncontent-security-policy: script-src 'nonce-wz7tjN29uQkZGqe8kSzcDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":419,"timings":{"blocked":195,"dns":0,"connect":11,"send":0,"wait":27,"receive":0,"ssl":181},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/favicon.ico","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.199Z","timestamp":1699217524199,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 15086\r\nlast-modified: Thu, 17 Mar 2022 16:07:44 GMT\r\netag: \"3aee-5da6c3af4d400\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\\012- data","md5":"bbb398f1a44d5bddb9bf3ef50133cba4","sha1":"13832932e0a46129cf7263130aaa9d8be2609689","sha256":"6668e0b78f5c65698c0a3a3e48d447f4d703609a774cacabda1ef7ad143a529b","sha512":"0c04b473e75f642c1a4a595a70c2853e675d7fcb2bdabeed219d89f5c0a1441b9e84e8310f52eba8be726cd3c1961f0d31d91c50ee7ac41d0f8ea163e879dd47","ssdeep":"48:jQBP1NeAmMN+HV0uSkt/PZ4TXEkQglm0pW/UyfVwGiNTL5ZAlajGHNuMUF6:jMBmMN+1rt/PZ4bEkrl4fVwG+5ZTGe6","tlshash":"9562a38077a2df1ad4a09b32cc93d6f8611acc04df1a831b76ea7f2f387474405296a4","first_seen":"2023-04-06T16:15:53Z","last_seen":"2026-05-08T00:56:51.51092Z","times_seen":1011,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AVQVeyyQhUJPEpzuiuQaWIAZ7L_ByekdyQ1slq2XdPXdwvSoo_vwFZP7hc9V9t0YhRh23gPBxrVb","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:04.220Z","timestamp":1699217524220,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:48 GMT","end":"Mon, 08 Jan 2024 08:10:47 GMT"},"fingerprint":{"sha1":"16:5A:F1:76:25:96:2A:7F:80:A7:89:81:CE:D5:F4:5F:3D:29:9C:93","sha256":"64:6F:80:C0:FA:2B:EF:10:75:97:55:49:68:C2:2B:C7:64:DD:CA:1B:54:1C:FE:1A:31:B8:A7:DB:C1:8F:8D:7A"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AVQVeyyQhUJPEpzuiuQaWIAZ7L_ByekdyQ1slq2XdPXdwvSoo_vwFZP7hc9V9t0YhRh23gPBxrVb HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:XTlw3poGlNmRr_stj3-twgT5T5dw5g:LxQcq-xEjvoF1n-S;Path=/;Expires=Tue, 04-Nov-2025 20:52:04 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeywoKCrwaNQuxamFEs4CbLOTMt0VwEtth3sjHRDoyh-BOH-lVpEv-KmauwlWoQZc7WqPahXW\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S1191323698%3A1699217524260513\u0026theme=glif\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-4G2zvVAdtpdE3A6dofjMxQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 403\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":403,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (397)","md5":"8da17d51942e4c0812418c1c7514ffc8","sha1":"9516c76e59640dd7981fea64087982e8b9a9ff93","sha256":"767a3c7599e81334e0a2d8b65c7ac807fe39269552ae382d96c8eb0066f18ef0","sha512":"266cdcc7b29266daf71f21abf9c13204efc1c2ae00c0346df4ff0994b36c7253a3dd0fe8f22a79ef5c61fc8d1b7843ffa8b5548b70b3c1600b754d7d86220cb4","ssdeep":"","tlshash":"16f0c09a488904de859378ea9024a48c46b4787879d2a9b8f4f2d70451e992760063b3","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cameesse.net/9?z=6551785\u0026ng=1\u0026ix=0\u0026pt=0\u0026np=0\u0026gp=5\u0026bp=4\u0026nw=1\u0026nb=1\u0026sw=1280\u0026sh=1024\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026wy=0\u0026wx=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026sah=1024\u0026drf=\u0026hil=1\u0026ist=0\u0026oaid=a54b3fba89bc4d09a1fe9ccba830cea1","fqdn":"cameesse.net","domain":"cameesse.net","tld":"net"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.292Z","timestamp":1699217524292,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cameesse.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Oct 2023 10:27:53 GMT","end":"Tue, 16 Jan 2024 10:27:52 GMT"},"fingerprint":{"sha1":"95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6","sha256":"89:6A:B1:3B:BF:FB:C6:DD:BB:F0:24:7B:2A:7D:95:5E:E8:D5:A4:13:4E:81:18:AE:04:52:F2:5A:8C:9A:FC:B1"}}},"request":{"raw":"OPTIONS /9?z=6551785\u0026ng=1\u0026ix=0\u0026pt=0\u0026np=0\u0026gp=5\u0026bp=4\u0026nw=1\u0026nb=1\u0026sw=1280\u0026sh=1024\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026wy=0\u0026wx=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026sah=1024\u0026drf=\u0026hil=1\u0026ist=0\u0026oaid=a54b3fba89bc4d09a1fe9ccba830cea1 HTTP/1.1\r\nHost: cameesse.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://llama.website/\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"cameesse.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026ifkv=AVQVeyzpgnQ-4EHryUgl0y5-HIY2bZQH3KTJ2KORwpKqBunzZsctodtsadTXDr7XxhSptGKOaQ_m","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:04.228Z","timestamp":1699217524228,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:48 GMT","end":"Mon, 08 Jan 2024 08:10:47 GMT"},"fingerprint":{"sha1":"16:5A:F1:76:25:96:2A:7F:80:A7:89:81:CE:D5:F4:5F:3D:29:9C:93","sha256":"64:6F:80:C0:FA:2B:EF:10:75:97:55:49:68:C2:2B:C7:64:DD:CA:1B:54:1C:FE:1A:31:B8:A7:DB:C1:8F:8D:7A"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026ifkv=AVQVeyzpgnQ-4EHryUgl0y5-HIY2bZQH3KTJ2KORwpKqBunzZsctodtsadTXDr7XxhSptGKOaQ_m HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:VLiI3OthKpFXhTKAKQ9LriwHoNkL9w:Wfgmw4Nfs5n0eFEO;Path=/;Expires=Tue, 04-Nov-2025 20:52:04 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyy_s3QSZW0Sc1-O5tcpXk7-2LjhT3dlkmhalShGLbF4K2vHEvuqAJe92ThQMssdtsx51cxh0Q\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-419396288%3A1699217524283312\u0026theme=glif\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce--1ydgKXiO35s58wLWE3rlA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 403\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":403,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (395)","md5":"ee96a065c2dff4bc2c5d8035dd1f5423","sha1":"b9fbc007cfb0fc9433e7c4fc8b2960d165c6f60e","sha256":"da9afbaa7f7635e2b399968b4438ac55c4c0937c465b4a93f1a5047a9637bb75","sha512":"fb283f962c40f449f3482f4bd32dfc3c59ef910db176e81d2fd434da97c74ef0dd17bb3078e9414926623c5aa068c8fc54329e9dcdd9b97ef4ca35d03d2d0176","ssdeep":"","tlshash":"78f0c0aa584500e5885318f5a424619c047824687dc6e9a8a1e66f1840d683b21177f3","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cameesse.net/9?z=6551785\u0026ng=1\u0026ix=0\u0026pt=0\u0026np=0\u0026gp=5\u0026bp=4\u0026nw=1\u0026nb=1\u0026sw=1280\u0026sh=1024\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026wy=0\u0026wx=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026sah=1024\u0026drf=\u0026hil=1\u0026ist=0\u0026oaid=a54b3fba89bc4d09a1fe9ccba830cea1","fqdn":"cameesse.net","domain":"cameesse.net","tld":"net"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.292Z","timestamp":1699217524292,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cameesse.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Oct 2023 10:27:53 GMT","end":"Tue, 16 Jan 2024 10:27:52 GMT"},"fingerprint":{"sha1":"95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6","sha256":"89:6A:B1:3B:BF:FB:C6:DD:BB:F0:24:7B:2A:7D:95:5E:E8:D5:A4:13:4E:81:18:AE:04:52:F2:5A:8C:9A:FC:B1"}}},"request":{"raw":"POST /9?z=6551785\u0026ng=1\u0026ix=0\u0026pt=0\u0026np=0\u0026gp=5\u0026bp=4\u0026nw=1\u0026nb=1\u0026sw=1280\u0026sh=1024\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026wy=0\u0026wx=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026sah=1024\u0026drf=\u0026hil=1\u0026ist=0\u0026oaid=a54b3fba89bc4d09a1fe9ccba830cea1 HTTP/1.1\r\nHost: cameesse.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 357\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nCookie: scm=1; OAID=059285de059a4d1cbb4d677dfe7adcc8; oaidts=1699217523\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: application/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace\r\nx-trace-id: 83d5c333a666f054caf9664924cc3f69\r\naccess-control-expose-headers: X-Sc\r\nset-cookie: OAID=a54b3fba89bc4d09a1fe9ccba830cea1; expires=Mon, 04 Nov 2024 20:52:04 GMT; secure; SameSite=None\noaidts=1699217523; expires=Mon, 04 Nov 2024 20:52:04 GMT; secure; SameSite=None\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Mon, 26 Jul 1997 05:00:00 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2684,"size_decoded":0,"mime_type":"application/json","magic":"JSON data\\012- , ASCII text, with very long lines (6747), with no line terminators","md5":"7ebf45e3471e0aefb1eaae46c0188d97","sha1":"a185ef6444ba682fdf4cd1df352967d1b604dc57","sha256":"14f41b75ea4eee9638f17c4c21335cb09ef8119177fddd620a8916db608ec7ad","sha512":"af6daaef86986abdfdf2fcb889e44e1d7f1e09c4d235d2d7cd70beec569208ed271d0ae8c35463e25ee9666d73180550b264064b0f0335b467c00b08b1cb98b9","ssdeep":"96:tWfXSFbWeeFq/FUaFE3dQFsfbeVlqvhsMRaybs4wIVkrTGKd0H:IfCtrecnzefWy68FJVklS","tlshash":"c4d153169984507ae2534b68ddff1f3de4d875018a27087d7eff4902c3ae6b88c99386","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"cameesse.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cameesse.net/27/16252007f3b3918d0da1ccd482c4cb4d","fqdn":"cameesse.net","domain":"cameesse.net","tld":"net"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:03.865Z","timestamp":1699217523865,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cameesse.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Oct 2023 10:27:53 GMT","end":"Tue, 16 Jan 2024 10:27:52 GMT"},"fingerprint":{"sha1":"95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6","sha256":"89:6A:B1:3B:BF:FB:C6:DD:BB:F0:24:7B:2A:7D:95:5E:E8:D5:A4:13:4E:81:18:AE:04:52:F2:5A:8C:9A:FC:B1"}}},"request":{"raw":"GET /27/16252007f3b3918d0da1ccd482c4cb4d HTTP/1.1\r\nHost: cameesse.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nCookie: scm=1; OAID=059285de059a4d1cbb4d677dfe7adcc8; oaidts=1699217523\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: \r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace\r\nx-trace-id: e85348aff1d6c23acbdc43d9bda7fb81\r\ncache-control: max-age:290304000, public\r\nlast-modified: Tue, 31 Oct 2023 09:15:51 GMT\r\nexpires: Tue, 30 Nov 2083 09:15:51 GMT\r\naccess-control-expose-headers: X-Sc\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":130400,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65523)","md5":"58f985fd680e3117a6d6dcf62f50be34","sha1":"ae1f26a219ddedc232964d8b91619ed1f04c4618","sha256":"db0b413c92eef041a6dda8e7279a8cbee06755eab7b751c88bdbc22781e7e78a","sha512":"e5332b13284d2eecd7b31330d9deebfd411d73d8021f3c43d32e20cca728859e8be3e4a574ba50f73bbfa3bd3fbd579f1da3cffae100be3e911fa4d227ed22ff","ssdeep":"3072:WLDNJ2KTk7FPBCQbq4WDsDZfHVl6XMX0vC0118rRxvFLIL7oX:Mw2/p7xvpngnfX","tlshash":"7494c77df882b069bad9213f043f811aa33679ce144e31d4e025fc876df544bd2a697a","first_seen":"2023-10-31T15:21:53Z","last_seen":"2023-11-07T14:19:48Z","times_seen":324,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"cameesse.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ibrapush.com/custom","fqdn":"ibrapush.com","domain":"ibrapush.com","tld":"com"},"ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.727Z","timestamp":1699217524727,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ibrapush.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 25 Aug 2023 05:43:35 GMT","end":"Thu, 23 Nov 2023 05:43:34 GMT"},"fingerprint":{"sha1":"3B:3D:4B:42:6B:6E:62:C4:F4:D3:DC:97:17:EF:48:8C:68:5C:58:85","sha256":"AA:D3:D2:41:41:D1:0D:72:78:07:A2:BC:C4:A2:AB:BC:A3:19:1C:89:62:3C:00:77:F3:2E:C4:37:A6:AD:7D:90"}}},"request":{"raw":"POST /custom HTTP/1.1\r\nHost: ibrapush.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llama.website/\r\nContent-Type: application/json\r\nContent-Length: 365\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 39\r\nx-trace-id: 21168209a4e55aebb2fe19de559da40a\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON data\\012- , ASCII text","md5":"058b158c2be925f556454ef762d93538","sha1":"cc6fc563b4b6baee880fdbc7fcfaa134978e33c9","sha256":"ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881","sha512":"bd8505393cd811f3177f89a73ebbbc900aec310894f142cda663762473ed3b4ba4c5650efdc2a80a547520218598b6e915d13e4bb58def4bd446e15b741429da","ssdeep":"","tlshash":"e090041001141c34474305013414f5501dfc45534ddd3041fc0c1d3441d14414107103","first_seen":"2023-04-05T03:13:54Z","last_seen":"2024-09-20T20:16:30.21056Z","times_seen":24889,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cameesse.net/121?rnd=1849376867\u0026z=6551785\u0026b=15763363\u0026c=6332999\u0026var=\u0026varid=0\u0026d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D745134909372243968\u0026cln={CELL_NUMBER}\u0026btp=7\u0026rb=JQM8piGTu13udKOtk_IdtcdX4MCeT1oh9qkndT2rnQ3sltjOobyzQ9XERE0VWt4N-K27Jc2qG0HCNjmB9bPuTEd8WlS0i8RLEp_TVBzDpNdiGKWNjPfB7AZ5cEUJKCmRfhW43CXeLqkAUmjfGEcPd12eDyQHbMPl0R736twTCsKpyS68fTLNsnSoKRBnbKajUjFTtcr9DCDKad2IVwaPMfn68j5u9mRNBKEI2cH6kJLvPqF0yqzWWyRlFPBWB0HYPpm-39NnkFnBJybdnNZ5bz1LY5Ba19FKsFSD0stud51jwQdZqdzlGfTZoMieC7JxZKsSs6emj_wEJsMz-WRsazJK0u5ZD8LbeaNL1AxZv0OcJAKwCPS6CO_K99_26tOwA6RNddpRXgVY8aT0GZXS6fyqSZQ24t9DLueF68h7ntwq1MbmPCuUCIPkyBZcwPmEukhi7LchZt7NBfiKkTQyXvS6VBXclh3eY7r7zJoEsRUw85eBjD-FSgrffTVJAus6S3b4JygR5wbs7Nr7JQizOBfuRXFU6YPjJtUOTQloKrCOiKYPCLUPh4bWOTAJQCFRSI6EHsDl7uNaMHNt_T5HhEYILc4l4I3K1Mvl2aPCpfTYF4z-kvUKXkCERoIrm2sGOgNZhgi8DM9aO6OngIormLWuhr2T2horJeISKXukm0fo2e2AZBozyNoQa26U0kZxb4wK-h3r6B7j-HxzgN7Jtfkx1qOyEGUvDCkxTg==\u0026bag=iqvJl2mwRI7anDg5mLuUODHW6MJTqx_U\u0026ruid=c97e69a3-17f2-4f50-89ea-5ee6a288c405\u0026subid=745134909372243968","fqdn":"cameesse.net","domain":"cameesse.net","tld":"net"},"ip":{"addr":"139.45.197.242","port":0,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.723Z","timestamp":1699217524723,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cameesse.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Oct 2023 10:27:53 GMT","end":"Tue, 16 Jan 2024 10:27:52 GMT"},"fingerprint":{"sha1":"95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6","sha256":"89:6A:B1:3B:BF:FB:C6:DD:BB:F0:24:7B:2A:7D:95:5E:E8:D5:A4:13:4E:81:18:AE:04:52:F2:5A:8C:9A:FC:B1"}}},"request":{"raw":"GET /121?rnd=1849376867\u0026z=6551785\u0026b=15763363\u0026c=6332999\u0026var=\u0026varid=0\u0026d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D745134909372243968\u0026cln={CELL_NUMBER}\u0026btp=7\u0026rb=JQM8piGTu13udKOtk_IdtcdX4MCeT1oh9qkndT2rnQ3sltjOobyzQ9XERE0VWt4N-K27Jc2qG0HCNjmB9bPuTEd8WlS0i8RLEp_TVBzDpNdiGKWNjPfB7AZ5cEUJKCmRfhW43CXeLqkAUmjfGEcPd12eDyQHbMPl0R736twTCsKpyS68fTLNsnSoKRBnbKajUjFTtcr9DCDKad2IVwaPMfn68j5u9mRNBKEI2cH6kJLvPqF0yqzWWyRlFPBWB0HYPpm-39NnkFnBJybdnNZ5bz1LY5Ba19FKsFSD0stud51jwQdZqdzlGfTZoMieC7JxZKsSs6emj_wEJsMz-WRsazJK0u5ZD8LbeaNL1AxZv0OcJAKwCPS6CO_K99_26tOwA6RNddpRXgVY8aT0GZXS6fyqSZQ24t9DLueF68h7ntwq1MbmPCuUCIPkyBZcwPmEukhi7LchZt7NBfiKkTQyXvS6VBXclh3eY7r7zJoEsRUw85eBjD-FSgrffTVJAus6S3b4JygR5wbs7Nr7JQizOBfuRXFU6YPjJtUOTQloKrCOiKYPCLUPh4bWOTAJQCFRSI6EHsDl7uNaMHNt_T5HhEYILc4l4I3K1Mvl2aPCpfTYF4z-kvUKXkCERoIrm2sGOgNZhgi8DM9aO6OngIormLWuhr2T2horJeISKXukm0fo2e2AZBozyNoQa26U0kZxb4wK-h3r6B7j-HxzgN7Jtfkx1qOyEGUvDCkxTg==\u0026bag=iqvJl2mwRI7anDg5mLuUODHW6MJTqx_U\u0026ruid=c97e69a3-17f2-4f50-89ea-5ee6a288c405\u0026subid=745134909372243968 HTTP/1.1\r\nHost: cameesse.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: scm=1; OAID=a54b3fba89bc4d09a1fe9ccba830cea1; oaidts=1699217523\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-length: 0\r\nlocation: https://www.nbfcs.org/#signUp=745134909372243968\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: \r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace\r\nx-trace-id: c02da3b494df93d81ac427113a67c76c\r\naccess-control-expose-headers: X-Sc\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":78,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"cameesse.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cameesse.net/11?rnd=654697357\u0026z=6551785\u0026b=15763363\u0026var=\u0026varid=0\u0026rqtdbc=1\u0026rcvdbc=1\u0026btp=7\u0026rb=JQM8piGTu13udKOtk_IdtcdX4MCeT1oh9qkndT2rnQ3sltjOobyzQ9XERE0VWt4N-K27Jc2qG0HCNjmB9bPuTEd8WlS0i8RLEp_TVBzDpNdiGKWNjPfB7AZ5cEUJKCmRfhW43CXeLqkAUmjfGEcPd12eDyQHbMPl0R736twTCsKpyS68fTLNsnSoKRBnbKajUjFTtcr9DCDKad2IVwaPMfn68j5u9mRNBKEI2cH6kJLvPqF0yqzWWyRlFPBWB0HYPpm-39NnkFnBJybdnNZ5bz1LY5Ba19FKsFSD0stud51jwQdZqdzlGfTZoMieC7JxZKsSs6emj_wEJsMz-WRsazJK0u5ZD8LbeaNL1AxZv0OcJAKwCPS6CO_K99_26tOwA6RNddpRXgVY8aT0GZXS6fyqSZQ24t9DLueF68h7ntwq1MbmPCuUCIPkyBZcwPmEukhi7LchZt7NBfiKkTQyXvS6VBXclh3eY7r7zJoEsRUw85eBjD-FSgrffTVJAus6S3b4JygR5wbs7Nr7JQizOBfuRXFU6YPjJtUOTQloKrCOiKYPCLUPh4bWOTAJQCFRSI6EHsDl7uNaMHNt_T5HhEYILc4l4I3K1Mvl2aPCpfTYF4z-kvUKXkCERoIrm2sGOgNZhgi8DM9aO6OngIormLWuhr2T2horJeISKXukm0fo2e2AZBozyNoQa26U0kZxb4wK-h3r6B7j-HxzgN7Jtfkx1qOyEGUvDCkxTg==\u0026ruid=c97e69a3-17f2-4f50-89ea-5ee6a288c405\u0026subid=745134909372243968\u0026ng=1\u0026ix=0\u0026pt=0\u0026np=0\u0026gp=5\u0026bp=4\u0026nw=1\u0026nb=1\u0026sw=1280\u0026sh=1024\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026wy=0\u0026wx=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026sah=1024\u0026drf=\u0026hil=1\u0026ist=0\u0026ot=428","fqdn":"cameesse.net","domain":"cameesse.net","tld":"net"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.722Z","timestamp":1699217524722,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cameesse.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Oct 2023 10:27:53 GMT","end":"Tue, 16 Jan 2024 10:27:52 GMT"},"fingerprint":{"sha1":"95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6","sha256":"89:6A:B1:3B:BF:FB:C6:DD:BB:F0:24:7B:2A:7D:95:5E:E8:D5:A4:13:4E:81:18:AE:04:52:F2:5A:8C:9A:FC:B1"}}},"request":{"raw":"GET /11?rnd=654697357\u0026z=6551785\u0026b=15763363\u0026var=\u0026varid=0\u0026rqtdbc=1\u0026rcvdbc=1\u0026btp=7\u0026rb=JQM8piGTu13udKOtk_IdtcdX4MCeT1oh9qkndT2rnQ3sltjOobyzQ9XERE0VWt4N-K27Jc2qG0HCNjmB9bPuTEd8WlS0i8RLEp_TVBzDpNdiGKWNjPfB7AZ5cEUJKCmRfhW43CXeLqkAUmjfGEcPd12eDyQHbMPl0R736twTCsKpyS68fTLNsnSoKRBnbKajUjFTtcr9DCDKad2IVwaPMfn68j5u9mRNBKEI2cH6kJLvPqF0yqzWWyRlFPBWB0HYPpm-39NnkFnBJybdnNZ5bz1LY5Ba19FKsFSD0stud51jwQdZqdzlGfTZoMieC7JxZKsSs6emj_wEJsMz-WRsazJK0u5ZD8LbeaNL1AxZv0OcJAKwCPS6CO_K99_26tOwA6RNddpRXgVY8aT0GZXS6fyqSZQ24t9DLueF68h7ntwq1MbmPCuUCIPkyBZcwPmEukhi7LchZt7NBfiKkTQyXvS6VBXclh3eY7r7zJoEsRUw85eBjD-FSgrffTVJAus6S3b4JygR5wbs7Nr7JQizOBfuRXFU6YPjJtUOTQloKrCOiKYPCLUPh4bWOTAJQCFRSI6EHsDl7uNaMHNt_T5HhEYILc4l4I3K1Mvl2aPCpfTYF4z-kvUKXkCERoIrm2sGOgNZhgi8DM9aO6OngIormLWuhr2T2horJeISKXukm0fo2e2AZBozyNoQa26U0kZxb4wK-h3r6B7j-HxzgN7Jtfkx1qOyEGUvDCkxTg==\u0026ruid=c97e69a3-17f2-4f50-89ea-5ee6a288c405\u0026subid=745134909372243968\u0026ng=1\u0026ix=0\u0026pt=0\u0026np=0\u0026gp=5\u0026bp=4\u0026nw=1\u0026nb=1\u0026sw=1280\u0026sh=1024\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026wy=0\u0026wx=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026sah=1024\u0026drf=\u0026hil=1\u0026ist=0\u0026ot=428 HTTP/1.1\r\nHost: cameesse.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nCookie: scm=1; OAID=a54b3fba89bc4d09a1fe9ccba830cea1; oaidts=1699217523\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 0\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace\r\nx-trace-id: a2e3bb12034e5612ad5dda122dc6672c\r\naccess-control-expose-headers: X-Sc\r\nset-cookie: OAID=a54b3fba89bc4d09a1fe9ccba830cea1; expires=Mon, 04 Nov 2024 20:52:04 GMT; secure; SameSite=None\noaidts=1699217523; expires=Mon, 04 Nov 2024 20:52:04 GMT; secure; SameSite=None\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":106,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"cameesse.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ibrapush.com/custom","fqdn":"ibrapush.com","domain":"ibrapush.com","tld":"com"},"ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.727Z","timestamp":1699217524727,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ibrapush.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 25 Aug 2023 05:43:35 GMT","end":"Thu, 23 Nov 2023 05:43:34 GMT"},"fingerprint":{"sha1":"3B:3D:4B:42:6B:6E:62:C4:F4:D3:DC:97:17:EF:48:8C:68:5C:58:85","sha256":"AA:D3:D2:41:41:D1:0D:72:78:07:A2:BC:C4:A2:AB:BC:A3:19:1C:89:62:3C:00:77:F3:2E:C4:37:A6:AD:7D:90"}}},"request":{"raw":"POST /custom HTTP/1.1\r\nHost: ibrapush.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llama.website/\r\nContent-Type: application/json\r\nContent-Length: 724\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 39\r\nx-trace-id: d71400c248522c56de177536ec5f7e0d\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON data\\012- , ASCII text","md5":"058b158c2be925f556454ef762d93538","sha1":"cc6fc563b4b6baee880fdbc7fcfaa134978e33c9","sha256":"ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881","sha512":"bd8505393cd811f3177f89a73ebbbc900aec310894f142cda663762473ed3b4ba4c5650efdc2a80a547520218598b6e915d13e4bb58def4bd446e15b741429da","ssdeep":"","tlshash":"e090041001141c34474305013414f5501dfc45534ddd3041fc0c1d3441d14414107103","first_seen":"2023-04-05T03:13:54Z","last_seen":"2024-09-20T20:16:30.21056Z","times_seen":24889,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg","fqdn":"offerimage.com","domain":"offerimage.com","tld":"com"},"ip":{"addr":"104.22.33.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.702Z","timestamp":1699217524702,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Mon, 06 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"DB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0","sha256":"34:C5:1C:5B:A8:54:FD:04:12:B5:7D:F2:1C:E0:EA:99:16:9A:0A:83:AD:56:FC:59:BC:A3:27:5E:81:D7:0B:23"}}},"request":{"raw":"GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1\r\nHost: offerimage.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13093\r\ncache-control: max-age=86400\r\ncf-bgj: h2pri\r\netag: \"6388849b-3325\"\r\nexpires: Mon, 06 Nov 2023 06:43:41 GMT\r\nlast-modified: Thu, 01 Dec 2022 10:40:27 GMT\r\ntiming-allow-origin: *\r\ncf-cache-status: HIT\r\nage: 50903\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8217fa7a6c0a0a18-ARN\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13093,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\\012- data","md5":"1355aa125a385056845e0ee1d5384e9a","sha1":"cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea","sha256":"248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733","sha512":"57cdee332612d55274f11b1878c875640fe3fd6c09b30edf60e5ef69f4505b47b09ec1e1f2cb29288ae81bb1cb3a3b5cf6308ef474a3cb6274c1f014c75c4096","ssdeep":"192:32R/+dr9OFpoOxUOAwRtvlQCUR5y7ejlktbzNIzkoNWoRwYijjd1KL:q2dBaxUOAw7vxiw7ekdDo9ijGL","tlshash":"9e42b0aec2235509e0805efd4d1c4965e682ba12f5bfd90558e2e7cb2d22dc1cb64f0e","first_seen":"2023-04-11T00:28:14Z","last_seen":"2023-11-08T08:03:43Z","times_seen":406,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":145,"dns":7,"connect":15,"send":0,"wait":21,"receive":1,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyy_s3QSZW0Sc1-O5tcpXk7-2LjhT3dlkmhalShGLbF4K2vHEvuqAJe92ThQMssdtsx51cxh0Q\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-419396288%3A1699217524283312\u0026theme=glif","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:04.306Z","timestamp":1699217524306,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:02:35 GMT","end":"Mon, 08 Jan 2024 08:02:34 GMT"},"fingerprint":{"sha1":"FD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F","sha256":"BF:65:26:40:A4:1B:39:0F:68:D2:7F:DA:8A:9B:03:1D:67:EA:6F:78:A6:5A:3C:C5:57:50:DA:38:E4:6B:D6:A5"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyy_s3QSZW0Sc1-O5tcpXk7-2LjhT3dlkmhalShGLbF4K2vHEvuqAJe92ThQMssdtsx51cxh0Q\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-419396288%3A1699217524283312\u0026theme=glif HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-iAjIAE4vGic4Jta9VqCMEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":806,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators","md5":"cbdd2d9739409864d331240f8be60374","sha1":"34e56159b2aa5c485ab96d671532033d8f788fe0","sha256":"7908964349ce78c691fb2c3f3eb655af044c41dba2c322725e15a984b0529048","sha512":"40aed0fdde7ef31c1f693c116f7d835627973adda2d348a1f90585edcc6c0cde73f482e74ad423600529b9906eb1a46404ad7dca35bf815c2e31fe73dcae0a86","ssdeep":"","tlshash":"3e31a67f7dc830af782bc0e9e893615460124c84e396cfde6b18da39a0a954924319dd","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeywoKCrwaNQuxamFEs4CbLOTMt0VwEtth3sjHRDoyh-BOH-lVpEv-KmauwlWoQZc7WqPahXW\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S1191323698%3A1699217524260513\u0026theme=glif","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:04.295Z","timestamp":1699217524295,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:02:35 GMT","end":"Mon, 08 Jan 2024 08:02:34 GMT"},"fingerprint":{"sha1":"FD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F","sha256":"BF:65:26:40:A4:1B:39:0F:68:D2:7F:DA:8A:9B:03:1D:67:EA:6F:78:A6:5A:3C:C5:57:50:DA:38:E4:6B:D6:A5"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeywoKCrwaNQuxamFEs4CbLOTMt0VwEtth3sjHRDoyh-BOH-lVpEv-KmauwlWoQZc7WqPahXW\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S1191323698%3A1699217524260513\u0026theme=glif HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-fxhJmE5teWR74Vvo6Jqnmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":818,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"gzip compressed data, max compression\\012- data","md5":"a184565183250d68f7c5ac358a821399","sha1":"0f87487a2b30e8cab9d402270eecb3ce337d61df","sha256":"2c087103348302512bb5c84b2c8b89e83f273d4a5964c766ef931fb2736bf0d1","sha512":"aa53b1e3bd9042184366198afff8d8329ed2078740c6712fa1d29eead36444a8e0b1b8886c53eb9c74a7f18e2b0e572009b7a4b45a40a8b714bc953bd7961deb","ssdeep":"","tlshash":"8801ca5e1a23100936355f781c453df40cd8d2248459de2a820c4907aedcf4d56eb455","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amunfezanttor.com/event","fqdn":"amunfezanttor.com","domain":"amunfezanttor.com","tld":"com"},"ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.695Z","timestamp":1699217524695,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"amunfezanttor.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 Sep 2023 01:33:39 GMT","end":"Tue, 05 Dec 2023 01:33:38 GMT"},"fingerprint":{"sha1":"D6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52","sha256":"52:30:0B:12:69:C1:12:D4:C6:8A:96:F5:03:7F:1B:20:AF:02:C8:42:7B:89:7F:42:5B:7C:92:53:98:1E:84:3D"}}},"request":{"raw":"OPTIONS /event HTTP/1.1\r\nHost: amunfezanttor.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://llama.website/\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid\r\naccess-control-max-age: 86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":372,"timings":{"blocked":167,"dns":1,"connect":34,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"amunfezanttor.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amunfezanttor.com/event","fqdn":"amunfezanttor.com","domain":"amunfezanttor.com","tld":"com"},"ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.695Z","timestamp":1699217524695,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"amunfezanttor.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 Sep 2023 01:33:39 GMT","end":"Tue, 05 Dec 2023 01:33:38 GMT"},"fingerprint":{"sha1":"D6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52","sha256":"52:30:0B:12:69:C1:12:D4:C6:8A:96:F5:03:7F:1B:20:AF:02:C8:42:7B:89:7F:42:5B:7C:92:53:98:1E:84:3D"}}},"request":{"raw":"POST /event HTTP/1.1\r\nHost: amunfezanttor.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llama.website/\r\nContent-Type: application/json\r\nContent-Length: 500\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 94\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":94,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON data\\012- , ASCII text","md5":"266e189ecf500fd892e7859de7bfa76e","sha1":"9878d25f7aa771fa9bf10883393a8c18c8395c1f","sha256":"495cac73d543167ea1abf13f89b7c3d6b76a3aa62792d1533af0e446ce216e77","sha512":"1491247686a252fe8d954e98ba70fb358497a702756c5e14ad9a22c24185c773b309b9c74ae1eb28016d29e06f1eb47f299c6869a12322b9e86aa9dea862c608","ssdeep":"","tlshash":"48b01210824a1df40b86081a71925c200bfc11739d9db813fb1d2e1444c51a042454c1","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":372,"timings":{"blocked":167,"dns":1,"connect":34,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"amunfezanttor.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg","fqdn":"offerimage.com","domain":"offerimage.com","tld":"com"},"ip":{"addr":"104.22.33.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:05.000Z","timestamp":1699217525000,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Mon, 06 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"DB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0","sha256":"34:C5:1C:5B:A8:54:FD:04:12:B5:7D:F2:1C:E0:EA:99:16:9A:0A:83:AD:56:FC:59:BC:A3:27:5E:81:D7:0B:23"}}},"request":{"raw":"GET /www/images/7d763937692f59aea0578ffe58c10ee0.jpeg HTTP/1.1\r\nHost: offerimage.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Nov 2023 20:52:05 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13778\r\ncache-control: max-age=86400\r\ncf-bgj: h2pri\r\netag: \"63888441-35d2\"\r\nexpires: Mon, 06 Nov 2023 06:44:01 GMT\r\nlast-modified: Thu, 01 Dec 2022 10:38:57 GMT\r\ntiming-allow-origin: *\r\ncf-cache-status: HIT\r\nage: 50884\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8217fa7b5d280a18-ARN\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13778,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\\012- data","md5":"7d763937692f59aea0578ffe58c10ee0","sha1":"b3a4cc4fd1a0d8319e59057e535b0b19f1a3b35b","sha256":"2d7300c572db1683cbc8071be4bbaf31b00954193f6f82d453c99a7a58bd7620","sha512":"1608abe55bd569b17157af0dd67e9c3321e177aa5180f6d044664c01b90fe946289d84154a4b47e7c57b1d110e1d00034e34be06111039936925b4d457e183a2","ssdeep":"384:uZg3tDXsDDDIi3xqXgEFBtRRHoynRDgb1:4g3NYwiBuJocR41","tlshash":"f152d02fd3a6e38cec615af48cf10b24eb1979944cdac91a78e119d1a085d4461638df","first_seen":"2023-04-12T09:36:21Z","last_seen":"2023-11-07T07:35:01Z","times_seen":375,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"llama.website/sw.js","fqdn":"llama.website","domain":"llama.website","tld":"website"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.692Z","timestamp":1699217524692,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /sw.js HTTP/1.1\r\nHost: llama.website\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llama.website/Sq\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=oi5il24eti2u3cdbhu5nj80ssr; short_348=1; prefetchAd_6551783=true\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/8.0.30\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1069,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with CRLF, LF line terminators","md5":"9e5c0a16191700fddff6a461ba2a762e","sha1":"a6b557dd7e48071a988b9a52ced49cc7c691600f","sha256":"b3bc2b83d3d971c07b839d4ba11ba3ff249835611cdf6fef668569cc222d9e35","sha512":"90a80d3ec85e6656ad0662197f5844041991593b1b4729e34086961bd4f157317d40c467528ee8799033beabfa906f5ce69ae245109b397956d7dc8019be723d","ssdeep":"48:tAjLAJ2QctBrbmly1kLAJ28A8LAJ2WI5PUmARdY8V64FuqaxZINx8zPTKOP:wLAsF8LAsx8LAsZymzjqVN2","tlshash":"5d813d3b56818c290272c1c25620761dcaa4860be7245d02f4ed26af1ff7f93d93bb99","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ibrapush.com/event","fqdn":"ibrapush.com","domain":"ibrapush.com","tld":"com"},"ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.999Z","timestamp":1699217524999,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ibrapush.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 25 Aug 2023 05:43:35 GMT","end":"Thu, 23 Nov 2023 05:43:34 GMT"},"fingerprint":{"sha1":"3B:3D:4B:42:6B:6E:62:C4:F4:D3:DC:97:17:EF:48:8C:68:5C:58:85","sha256":"AA:D3:D2:41:41:D1:0D:72:78:07:A2:BC:C4:A2:AB:BC:A3:19:1C:89:62:3C:00:77:F3:2E:C4:37:A6:AD:7D:90"}}},"request":{"raw":"POST /event HTTP/1.1\r\nHost: ibrapush.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llama.website/\r\nContent-Type: application/json\r\nContent-Length: 1553\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 94\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":94,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON data\\012- , ASCII text","md5":"f473de835b7b3e95106259093bc40054","sha1":"1e0b67090f0210f572069f43dfc4a2743dfbb6b6","sha256":"b156ac786fa1b23d3f965f3ce0d0b0a4d694591ad25b7e999522cb5ea6bea5b7","sha512":"31a73b79aec1c568726a6a950d0455492116c686d0a66b45e1b2c24a119bfb5a6cd451a87bf06d409acee9f4ead02d3f5b35782ce33251095d9a50e0613ccdbf","ssdeep":"","tlshash":"66b01280534c1f9a56c62197b555b90485fe10f3959b30e5851c3e1480818414705663","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js?pub=0\u0026userId=0f00e029b1dd40df932bac0251f8cee8\u0026zoneId=6551787\u0026checkDuplicate=true\u0026ymid=\u0026var=","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"139.45.195.8","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:05.078Z","timestamp":1699217525078,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rtmark.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Oct 2023 15:22:00 GMT","end":"Fri, 05 Jan 2024 15:21:59 GMT"},"fingerprint":{"sha1":"E8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42","sha256":"9B:0A:A1:20:ED:D2:5A:E5:AA:B9:4B:71:5D:B6:0E:BD:BA:E1:E7:51:62:8C:94:5B:6F:AD:21:A7:4C:E8:2D:F5"}}},"request":{"raw":"GET /gid.js?pub=0\u0026userId=0f00e029b1dd40df932bac0251f8cee8\u0026zoneId=6551787\u0026checkDuplicate=true\u0026ymid=\u0026var= HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llama.website/\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ID=a54b3fba89bc4d09a1fe9ccba830cea1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 65\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=a54b3fba89bc4d09a1fe9ccba830cea1; expires=Mon, 04 Nov 2024 20:52:05 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON data\\012- , ASCII text","md5":"a198a174ce69df65ff830e4c6dbaeaa9","sha1":"ccac2b37ba80251c565d377caf7f6f404a5d1fae","sha256":"e59255ef767611acfcc7fdcd5736cd5e40fb2168db38cd7555059bcc14a2d2e6","sha512":"271a2eded0c121b6beef86cfec58c2dad6100a13b38df589f5e1221c50c8872a80d991f3a187b2d6d15336ad086b858cfd8087fcac7a11bf90ba29541e691586","ssdeep":"","tlshash":"a2a0028c85d4da9d0404592e1ea697522048ce5a650c627b55d9921a15cb28cdd87a0c","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amunfezanttor.com/event","fqdn":"amunfezanttor.com","domain":"amunfezanttor.com","tld":"com"},"ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.695Z","timestamp":1699217524695,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"amunfezanttor.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 Sep 2023 01:33:39 GMT","end":"Tue, 05 Dec 2023 01:33:38 GMT"},"fingerprint":{"sha1":"D6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52","sha256":"52:30:0B:12:69:C1:12:D4:C6:8A:96:F5:03:7F:1B:20:AF:02:C8:42:7B:89:7F:42:5B:7C:92:53:98:1E:84:3D"}}},"request":{"raw":"POST /event HTTP/1.1\r\nHost: amunfezanttor.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llama.website/\r\nContent-Type: application/json\r\nContent-Length: 500\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 94\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":94,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON data\\012- , ASCII text","md5":"9812f74864e357495fd0d1f59707a51f","sha1":"51c9a4d3decaa13c92435a58fbc0d776ce8589ea","sha256":"0a00f5e5a413d8a05b4fe540c1948d7d789562557f0f4bedcd87953194c1d8f2","sha512":"62264a5fcf1552b0ebbeedba8f0d1d591abf69c8a13682a52fd32efbee6b95ec00ac29a0eedc4cd90f50aefab6c254e9d73964032205a3d4382780f69b971841","ssdeep":"","tlshash":"1bb01210020c6e1c47470512719456000cfc08b39ead3051db0c2e18c011382434bc41","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":372,"timings":{"blocked":167,"dns":1,"connect":34,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"amunfezanttor.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aistekso.net/500/6551786?excludes=\u0026oaid=a54b3fba89bc4d09a1fe9ccba830cea1\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0","fqdn":"aistekso.net","domain":"aistekso.net","tld":"net"},"ip":{"addr":"139.45.197.244","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.986Z","timestamp":1699217524986,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aistekso.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Oct 2023 12:40:15 GMT","end":"Sun, 14 Jan 2024 12:40:14 GMT"},"fingerprint":{"sha1":"ED:B9:45:BE:46:3F:F4:75:11:1C:6C:E9:06:15:9F:A7:09:51:83:8B","sha256":"CF:AF:CC:6E:57:59:9C:B0:F4:4B:EC:89:39:BB:6C:80:03:88:2C:71:EE:E5:2D:6E:88:A0:C0:E3:22:B9:1C:E8"}}},"request":{"raw":"GET /500/6551786?excludes=\u0026oaid=a54b3fba89bc4d09a1fe9ccba830cea1\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0 HTTP/1.1\r\nHost: aistekso.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nCookie: OAID=1315dd1746574ddd995541f81597539d\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: bf6f8a13aee92d5149faa669564dd6be\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64\r\nset-cookie: OAID=a54b3fba89bc4d09a1fe9ccba830cea1; expires=Mon, 04 Nov 2024 20:52:04 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20419,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, max speed, from Unix\\012- data","md5":"56ed6624006fcbe2cb87edc9f36bb542","sha1":"d8a7d90ec5c7885af652926b9dd164ce3b09d740","sha256":"e171b99c61a3da57d1cf6c1835804ffc95e8474c93a574a1fe905fd22554c34a","sha512":"4f3a956caf47e8af35802c2f396cf96b9b4e810f49707bebade2c35c1f65695bf89b4b1a405fd459a9ed87dd796eb7af4f9ed0c525f2fc758c1274f10b805086","ssdeep":"384:3HP7uJALvvjOa7UXe6OgOnJAqkRSwO7ASMgwPaL9TTBIlSD7Sw:3z6ALHjANOgOJAqAc9wYhTSle7J","tlshash":"cd92f1d49681c029478c380bc7b83496cac0caee2d916206de339ffc7e66103a131ea3","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"aistekso.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aistekso.net/impression/cf_PAJdx3ZTHY1jCzig4fT1zdQn3Ksv4jLQjBtFZ6WPagmjy1uPMJZAtBUISgkRbUostB5ueqOVJxEGiTyW9iTCk6fNljR0d3ls6MGU6fsNVu-eDYvXasOnVEw7iA4sIfoS1ktcxeJ6-jMy3QALeAmn1sH1t-kqZDJHlF8y9tQ1RzTMKFK4HccWjqY_YJf9Nc22epRt70QFGfQfXrL6nSXKNBezgO9a1DguXoRIZfjI65TEiTT96zTBB7D7nBUqTs_i-ehTcoMV0hPu9c59LdsmWHBGmA6SJ_8pE594Y9yfg1plel9OCAPcFfwZAG4Gwqi0LMy1Q97dawJOK_swEE5W6YdmkiwEo7DME7J-zw7J4BNQ8mex8pyJd0RlVr5SzQVYlqxPshVWsCq9e5y0L3zNhhy2Qfoi8XGyd7AeR6taUofxd-7VwPHxI-VQl1xuZ61JnjPl8xmv1xhhwzld7EIzFe9Rm0PkfgirI1O79BEOogOkYVG0TXK7snjYa68JOBlhTwC_TDN29qNBvfWrQGdRCkpiy6hvmq7tnMPCIKcpAjEb5hMElfFXKh-KTQq9cv-z5gtmgdyrhQqL6AXrVfw==?_z=6551786\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=3\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0","fqdn":"aistekso.net","domain":"aistekso.net","tld":"net"},"ip":{"addr":"139.45.197.244","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:08.258Z","timestamp":1699217528258,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aistekso.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Oct 2023 12:40:15 GMT","end":"Sun, 14 Jan 2024 12:40:14 GMT"},"fingerprint":{"sha1":"ED:B9:45:BE:46:3F:F4:75:11:1C:6C:E9:06:15:9F:A7:09:51:83:8B","sha256":"CF:AF:CC:6E:57:59:9C:B0:F4:4B:EC:89:39:BB:6C:80:03:88:2C:71:EE:E5:2D:6E:88:A0:C0:E3:22:B9:1C:E8"}}},"request":{"raw":"GET /impression/cf_PAJdx3ZTHY1jCzig4fT1zdQn3Ksv4jLQjBtFZ6WPagmjy1uPMJZAtBUISgkRbUostB5ueqOVJxEGiTyW9iTCk6fNljR0d3ls6MGU6fsNVu-eDYvXasOnVEw7iA4sIfoS1ktcxeJ6-jMy3QALeAmn1sH1t-kqZDJHlF8y9tQ1RzTMKFK4HccWjqY_YJf9Nc22epRt70QFGfQfXrL6nSXKNBezgO9a1DguXoRIZfjI65TEiTT96zTBB7D7nBUqTs_i-ehTcoMV0hPu9c59LdsmWHBGmA6SJ_8pE594Y9yfg1plel9OCAPcFfwZAG4Gwqi0LMy1Q97dawJOK_swEE5W6YdmkiwEo7DME7J-zw7J4BNQ8mex8pyJd0RlVr5SzQVYlqxPshVWsCq9e5y0L3zNhhy2Qfoi8XGyd7AeR6taUofxd-7VwPHxI-VQl1xuZ61JnjPl8xmv1xhhwzld7EIzFe9Rm0PkfgirI1O79BEOogOkYVG0TXK7snjYa68JOBlhTwC_TDN29qNBvfWrQGdRCkpiy6hvmq7tnMPCIKcpAjEb5hMElfFXKh-KTQq9cv-z5gtmgdyrhQqL6AXrVfw==?_z=6551786\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=3\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0 HTTP/1.1\r\nHost: aistekso.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nCookie: OAID=a54b3fba89bc4d09a1fe9ccba830cea1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:08 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-trace-id: c61ad54fab72a767f91a65849cbdcaf0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-05-08T01:36:21.504213Z","times_seen":99204,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"aistekso.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gishejuy.com/impression/oe4dWaQWnjXneAvlmnRhrKwUHy6vGnr5-tuLJBSZ43UXg4lPdRMMpBmoAwnEhTnn2YnlDBZCo4sp9RVWEMyyKelthF5RbUc1uPjLJw-3FO5qNIXnytCLF8U8zwDHzbqYRofUpfUpLfhw2d4vCjRWDAWmGs0ixxBP8qBZ2rR73ghlTsnmvEa6JFFJYBCjGGOt8yUAYLiOPhfsi4Ac_5MhQ4eWFgebraZOJmJEYO0OLxG9U3yHJKGBA7JAHmCYFmexG3IQNiyeBBNIAMzuLte3owHnBveXHXmZi8QklGnlWKNjfpAP6gbXbYTox3o3SKsMAhSoVQ9MQN4vvJFAyqFj2IAV1kADR6ASjG3LYd4rLf4EXiVeGKQdbdKz89igUBYIL6jqF27TsPdVp_yNX5QSvt8ADiVMOP6HnUwmMOb9kC2cluta34Kd1rduTzNOqBzev4UXcZk0uHGFtAOfCPSCNi4oFqdQzrODRzNLHWjnRIEko8p0JsBbxWdso67TNP3GsiGN3obOupxzxg9zbQbMVOOp9w6gl34pmk7IUqPUa_Xh4K-XlV5AyYW1GsFue3Uvu18gsKwHoFZxER2gWFtf9g==?_z=6551784\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=4\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0","fqdn":"gishejuy.com","domain":"gishejuy.com","tld":"com"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:08.282Z","timestamp":1699217528282,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gishejuy.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Oct 2023 09:21:45 GMT","end":"Tue, 23 Jan 2024 09:21:44 GMT"},"fingerprint":{"sha1":"99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31","sha256":"FE:D3:58:83:02:F8:0B:53:C4:A1:8B:93:C2:9C:DB:47:1C:83:4F:DE:C2:A8:A7:91:E4:08:98:7D:69:3C:03:E1"}}},"request":{"raw":"GET /impression/oe4dWaQWnjXneAvlmnRhrKwUHy6vGnr5-tuLJBSZ43UXg4lPdRMMpBmoAwnEhTnn2YnlDBZCo4sp9RVWEMyyKelthF5RbUc1uPjLJw-3FO5qNIXnytCLF8U8zwDHzbqYRofUpfUpLfhw2d4vCjRWDAWmGs0ixxBP8qBZ2rR73ghlTsnmvEa6JFFJYBCjGGOt8yUAYLiOPhfsi4Ac_5MhQ4eWFgebraZOJmJEYO0OLxG9U3yHJKGBA7JAHmCYFmexG3IQNiyeBBNIAMzuLte3owHnBveXHXmZi8QklGnlWKNjfpAP6gbXbYTox3o3SKsMAhSoVQ9MQN4vvJFAyqFj2IAV1kADR6ASjG3LYd4rLf4EXiVeGKQdbdKz89igUBYIL6jqF27TsPdVp_yNX5QSvt8ADiVMOP6HnUwmMOb9kC2cluta34Kd1rduTzNOqBzev4UXcZk0uHGFtAOfCPSCNi4oFqdQzrODRzNLHWjnRIEko8p0JsBbxWdso67TNP3GsiGN3obOupxzxg9zbQbMVOOp9w6gl34pmk7IUqPUa_Xh4K-XlV5AyYW1GsFue3Uvu18gsKwHoFZxER2gWFtf9g==?_z=6551784\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=4\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0 HTTP/1.1\r\nHost: gishejuy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nCookie: OAID=a54b3fba89bc4d09a1fe9ccba830cea1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:08 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-trace-id: da16f323c35e5b2b334f91a27d16c255\r\npragma: no-cache\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\nvary: Origin\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-05-08T01:36:21.504213Z","times_seen":99204,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"gishejuy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gishejuy.com/500/6551784?excludes=16368910\u0026oaid=a54b3fba89bc4d09a1fe9ccba830cea1\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=4\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0","fqdn":"gishejuy.com","domain":"gishejuy.com","tld":"com"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:08.521Z","timestamp":1699217528521,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gishejuy.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Oct 2023 09:21:45 GMT","end":"Tue, 23 Jan 2024 09:21:44 GMT"},"fingerprint":{"sha1":"99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31","sha256":"FE:D3:58:83:02:F8:0B:53:C4:A1:8B:93:C2:9C:DB:47:1C:83:4F:DE:C2:A8:A7:91:E4:08:98:7D:69:3C:03:E1"}}},"request":{"raw":"OPTIONS /500/6551784?excludes=16368910\u0026oaid=a54b3fba89bc4d09a1fe9ccba830cea1\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=4\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0 HTTP/1.1\r\nHost: gishejuy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://llama.website/\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:08 GMT\r\ncontent-length: 0\r\nallow: GET, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 600\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"gishejuy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gishejuy.com/500/6551784?excludes=16368910\u0026oaid=a54b3fba89bc4d09a1fe9ccba830cea1\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=4\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0","fqdn":"gishejuy.com","domain":"gishejuy.com","tld":"com"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:08.521Z","timestamp":1699217528521,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gishejuy.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Oct 2023 09:21:45 GMT","end":"Tue, 23 Jan 2024 09:21:44 GMT"},"fingerprint":{"sha1":"99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31","sha256":"FE:D3:58:83:02:F8:0B:53:C4:A1:8B:93:C2:9C:DB:47:1C:83:4F:DE:C2:A8:A7:91:E4:08:98:7D:69:3C:03:E1"}}},"request":{"raw":"GET /500/6551784?excludes=16368910\u0026oaid=a54b3fba89bc4d09a1fe9ccba830cea1\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=4\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0 HTTP/1.1\r\nHost: gishejuy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nCookie: OAID=a54b3fba89bc4d09a1fe9ccba830cea1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:08 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: 72a94a9b49e8306a3755cde6829d1a37\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64\r\nset-cookie: OAID=a54b3fba89bc4d09a1fe9ccba830cea1; expires=Mon, 04 Nov 2024 20:52:08 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11852,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, max speed, from Unix\\012- data","md5":"d14f0b7ed9aec2d556bffaf6ae61db91","sha1":"4aa2668a8903fdd54b5c6c1bbaf5fef58fce41c1","sha256":"aea1a1d22262c3adb54a68a3f3a698520e5b0d1ff3da1c8d262e4242ec8621d9","sha512":"339d261e03dc445f626a16193339627e4704dee9d1751cb66c639f25520c542de39d7cc9b9ab3d1bd7d142e2bc6b51daa7d7556a099ea78ae25ee1f8bb06f69a","ssdeep":"192:+4LNLiOGvIEtsHMFai4Wy9P6ZKvp6rPwTYKZg1TxxBibj+j0KOIk:HF1A0MFh4WQ6ZcpUiFCdKbatjk","tlshash":"5f32bfb03133868cd98399761f424498ce27ec536f3ad6db9112a7cc72ac997542e2df","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"gishejuy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg","fqdn":"offerimage.com","domain":"offerimage.com","tld":"com"},"ip":{"addr":"104.22.33.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:05.000Z","timestamp":1699217525000,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Mon, 06 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"DB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0","sha256":"34:C5:1C:5B:A8:54:FD:04:12:B5:7D:F2:1C:E0:EA:99:16:9A:0A:83:AD:56:FC:59:BC:A3:27:5E:81:D7:0B:23"}}},"request":{"raw":"GET /www/images/7d763937692f59aea0578ffe58c10ee0.jpeg HTTP/1.1\r\nHost: offerimage.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Nov 2023 20:52:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13778\r\ncache-control: max-age=86400\r\ncf-bgj: h2pri\r\netag: \"63888441-35d2\"\r\nexpires: Mon, 06 Nov 2023 06:44:01 GMT\r\nlast-modified: Thu, 01 Dec 2022 10:38:57 GMT\r\ntiming-allow-origin: *\r\ncf-cache-status: HIT\r\nage: 50887\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8217fa922fb60a18-ARN\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13778,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\\012- data","md5":"7d763937692f59aea0578ffe58c10ee0","sha1":"b3a4cc4fd1a0d8319e59057e535b0b19f1a3b35b","sha256":"2d7300c572db1683cbc8071be4bbaf31b00954193f6f82d453c99a7a58bd7620","sha512":"1608abe55bd569b17157af0dd67e9c3321e177aa5180f6d044664c01b90fe946289d84154a4b47e7c57b1d110e1d00034e34be06111039936925b4d457e183a2","ssdeep":"384:uZg3tDXsDDDIi3xqXgEFBtRRHoynRDgb1:4g3NYwiBuJocR41","tlshash":"f152d02fd3a6e38cec615af48cf10b24eb1979944cdac91a78e119d1a085d4461638df","first_seen":"2023-04-12T09:36:21Z","last_seen":"2023-11-07T07:35:01Z","times_seen":375,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:08.776Z","timestamp":1699217528776,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:00 GMT","end":"Mon, 08 Jan 2024 08:09:59 GMT"},"fingerprint":{"sha1":"EB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28","sha256":"EB:45:AD:8B:1A:F1:E3:D7:2F:1C:1C:9A:0A:74:58:7C:98:F0:94:C9:73:5D:3A:09:A6:FF:EF:8C:01:EA:FD:F8"}}},"request":{"raw":"GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15860\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Nov 2023 10:05:24 GMT\r\nexpires: Sat, 02 Nov 2024 10:05:24 GMT\r\ncache-control: public, max-age=31536000\r\nage: 211604\r\nlast-modified: Wed, 11 May 2022 19:24:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15860,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\\012- data","md5":"e9f5aaf547f165386cd313b995dddd8e","sha1":"acdef5603c2387b0e5bffd744b679a24a8bc1968","sha256":"f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860","sha512":"2a71edb5490f286642a874d52a1969f54282bc43cb24e8d5a297e13b320321fb7b7af5524eac609cf5f95ee08d5e4ec5803e2a3c8d13c09f6cc38713c665d0ce","ssdeep":"384:S7qmPTF4N21t//YW2FS6+1XxrsbGmjlAbvqMmtCN:S621tHY4xwbGmjloSM7N","tlshash":"1a62d0058ba5850bf5b907fb0e1ab7ee30664b523c8c42278348073970db47a6b2b1fd","first_seen":"2023-04-05T14:47:55Z","last_seen":"2026-05-08T01:36:24.584283Z","times_seen":90889,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":36,"dns":0,"connect":7,"send":0,"wait":11,"receive":1,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:08.778Z","timestamp":1699217528778,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:00 GMT","end":"Mon, 08 Jan 2024 08:09:59 GMT"},"fingerprint":{"sha1":"EB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28","sha256":"EB:45:AD:8B:1A:F1:E3:D7:2F:1C:1C:9A:0A:74:58:7C:98:F0:94:C9:73:5D:3A:09:A6:FF:EF:8C:01:EA:FD:F8"}}},"request":{"raw":"GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15744\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Nov 2023 02:00:44 GMT\r\nexpires: Sat, 02 Nov 2024 02:00:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 240684\r\nlast-modified: Wed, 11 May 2022 19:24:48 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15744,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\\012- data","md5":"15d9f621c3bd1599f0169dcf0bd5e63e","sha1":"7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52","sha256":"f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615","sha512":"d35a47162fc160cd5f806c3bb7feb50ec96fdfc81753660ead22ef33f89be6b1bfd63d1135f6b479d35c2e9d30f2360ffc8819efca672270e230635bcb206c82","ssdeep":"384:z1TLklSElcS5V6qQTMUP07JwirW6RlLwK79/:p7EJ5E2bJwi5jLwK79/","tlshash":"8162e00158a163ade9b2327ed10b1b91c40660a27d2504e8c6e4fc95fe3d7ed5487b76","first_seen":"2023-04-05T08:15:27Z","last_seen":"2026-05-08T02:43:41.849079Z","times_seen":159895,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":36,"dns":0,"connect":9,"send":0,"wait":10,"receive":6,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/fonts/nunito-sans-v12-latin-600.woff2","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.970Z","timestamp":1699217522970,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/fonts/nunito-sans-v12-latin-600.woff2 HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nuke.biz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:09 GMT\r\ncontent-length: 17156\r\nlast-modified: Sun, 06 Nov 2022 23:25:02 GMT\r\netag: \"4304-5ecd59dbaaf80\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17156,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\\012- data","md5":"7e344afc10a492d516789f072fa6edfd","sha1":"f38bd0b4e9d0577528f533b8ecd80801a0c6340f","sha256":"c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3","sha512":"1af061accae6c1858f441f3a3032dc261210b741a4d89877bc2e3201be5ac23b507e1a903bd55d5eef7e59565f5a854bd14b93b93f6790d9cd99a06ad8f070b0","ssdeep":"384:/1ZGyYe6QJE/zIbmcN4EnZP1bYYYKZw4nSKp:S8fEsn4Ot8kG+Si","tlshash":"3172cf00ab3c0792df96e373837e8e9c23e59446c7cd0ed729d317a62e9c6622146a91","first_seen":"2023-04-08T02:59:18Z","last_seen":"2026-05-07T03:45:31.669833Z","times_seen":368,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":64,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/fonts/nunito-sans-v12-latin-regular.woff2","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:08.985Z","timestamp":1699217528985,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/fonts/nunito-sans-v12-latin-regular.woff2 HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nuke.biz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:09 GMT\r\ncontent-length: 16980\r\nlast-modified: Sun, 06 Nov 2022 23:25:02 GMT\r\netag: \"4254-5ecd59dbaaf80\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28846,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\\012- data","md5":"5aebb82f5af92d647fee92ce0737c21a","sha1":"bbbd338490cd374fe35de31469d835efd78d10d7","sha256":"2963699f5f103c7f46c86c5914c010144641571a4d0cbdcc4d5829bb11cf039b","sha512":"9a28a3ada3553fd5d92be2530415ca147f823ce89d54d68d7f38f6d4c015349d8f8c46c45a9a0dfb05829f36900f09d83ab0796db86ba5c81f3acb45de9a1457","ssdeep":"","tlshash":"","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/fonts/nunito-sans-v12-latin-600.woff","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:03.276Z","timestamp":1699217523276,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/fonts/nunito-sans-v12-latin-600.woff HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nuke.biz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:09 GMT\r\ncontent-type: application/font-woff\r\ncontent-length: 21048\r\nlast-modified: Sun, 06 Nov 2022 23:25:02 GMT\r\netag: \"5238-5ecd59dbaaf80\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21048,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 21048, version 1.1\\012- data","md5":"79ca5494c53495af3d607a356a181fa9","sha1":"8b1976713c7c694e6ebd4338685c49959cb738d5","sha256":"af36b391244e3c8c4ab03691c412c59c86c1a02812b16b76db7a907f25b6b59a","sha512":"bda1990b1bc9213af7823077a52c5212cc48fcdecebdcca6e5654fe96cf6cf52ee5207310baa8611e88f41b7372a706be6463676deed644fc3619514d14cd71f","ssdeep":"384:n899FdtLqKsyR5WWpSwktGjrY78jDOb+MgMmSoz46J0fmwHFQ8nqQeztsift:nKTrqjKWW3kAa8ja+Jz4K0OwH2txzBt","tlshash":"b192d1eb5f11b6baceb764faa1dbd2ca2448910f44c4b034cb1251c17bde7b2c587465","first_seen":"2023-07-19T01:40:51Z","last_seen":"2026-04-30T20:40:30.930702Z","times_seen":23,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/fonts/nunito-sans-v12-latin-regular.ttf","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:09.139Z","timestamp":1699217529139,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/fonts/nunito-sans-v12-latin-regular.ttf HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nuke.biz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:09 GMT\r\ncontent-type: application/font-sfnt\r\ncontent-length: 39652\r\nlast-modified: Sun, 06 Nov 2022 23:25:02 GMT\r\netag: \"9ae4-5ecd59dbaaf80\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39652,"size_decoded":0,"mime_type":"application/font-sfnt","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 8 names, Microsoft, language 0x409, Copyright 2016 The Nunito Sans Project Authors (https://github.com/Fonthausen/NunitoSans)Nunito \\012- data","md5":"da716d1e63b1e4ddacb98b552883f5aa","sha1":"a4ca73d5c7d65c816c403198625a1c5e3c70f260","sha256":"ed9a72228e4ac259a758e7d47a07d8ed121221405897eea5df8bcddcc76f16bb","sha512":"835a8767b7903b5631dbad3d308f90d115977d1f8e17a93192bf63820dc48327c4ce991fd08c076cee710761c125b2a97fe915acbced2730150cf776e768bdde","ssdeep":"768:uWdisNxD4KXiZnvk2kbw/L+8AQUbw/iDhKj4yg4/hur8MfL+lZ3coQf2Dob:uWdinZnUbw/L+8AQUbw/iRygQhs1fL+U","tlshash":"d7034a13b701a746d80b2ebc4eb2f3f69335f8161f97474bb184657adc8a1c81ad6386","first_seen":"2023-07-19T01:40:51Z","last_seen":"2026-05-06T14:42:20.862913Z","times_seen":95,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/fonts/nunito-sans-v12-latin-600.ttf","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:09.171Z","timestamp":1699217529171,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/fonts/nunito-sans-v12-latin-600.ttf HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nuke.biz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:09 GMT\r\ncontent-type: application/font-sfnt\r\ncontent-length: 40096\r\nlast-modified: Sun, 06 Nov 2022 23:25:02 GMT\r\netag: \"9ca0-5ecd59dbaaf80\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40096,"size_decoded":0,"mime_type":"application/font-sfnt","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 8 names, Microsoft, language 0x409, Copyright 2016 The Nunito Sans Project Authors (https://github.com/Fonthausen/NunitoSans)Nunito \\012- data","md5":"04cdf5dd245bc21d9ccabe0895c2ca25","sha1":"9385314cbfcf04d3e561f28d3e1a163252343e8e","sha256":"27a6442744a9983ecb3c4758a4474b9f4942f9e2fced03797982c8243eb57dd5","sha512":"c8ac035a7e38af294176b6c18053d4ecb0050d6e9dc89115cc881d342f820b2708f7d2772d4101ac13fecdd311284016c29a54cbf12b32ea5082a0b4757741cb","ssdeep":"","tlshash":"","first_seen":"2023-07-19T01:40:51Z","last_seen":"2026-03-27T14:20:18.367876Z","times_seen":10,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":72,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c\u0026type=direct\u0026page_id=6096484\u0026screen_width=20\u0026screen_height=634\u0026os=Linux%20x86_64\u0026refurl=https%3A%2F%2Fllama.website%2F\u0026pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15487444%2FDailymotion.com.txt.html\u0026rnd=1699217522901","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.21","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:04.686Z","timestamp":1699217524686,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 22:07:14 GMT","end":"Thu, 01 Feb 2024 22:07:13 GMT"},"fingerprint":{"sha1":"8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9","sha256":"07:59:4F:1D:42:4F:55:8E:06:78:31:DF:B2:F6:55:29:EB:02:AD:B6:00:E5:14:97:62:B3:A5:C7:A7:20:62:22"}}},"request":{"raw":"GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c\u0026type=direct\u0026page_id=6096484\u0026screen_width=20\u0026screen_height=634\u0026os=Linux%20x86_64\u0026refurl=https%3A%2F%2Fllama.website%2F\u0026pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15487444%2FDailymotion.com.txt.html\u0026rnd=1699217522901 HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: private, must-revalidate, max-age=0\r\ncontent-type: text/plain;charset=ISO-8859-1\r\ncontent-length: 590\r\ndate: Sun, 05 Nov 2023 20:52:01 GMT\r\nset-cookie: bepolite_id=103f8ca448e8f15367fa20e462b60e46; Max-Age=7776000; Expires=Sat, 03-Feb-2024 20:52:02 GMT; SameSite=None; Secure\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 1013362872\r\nage: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":590,"size_decoded":0,"mime_type":"text/plain; charset=ISO-8859-1","magic":"ASCII text","md5":"861f4fb6baa2937a6b7a15af7fd0c015","sha1":"44a08d201ecb4c26bfc16eab5bf3caf850e1e461","sha256":"a1b82ba1a7bf5f15ad46e9ff9c363dcb0c0ac83a1b638270b665f325799aa031","sha512":"19cb1e40e9fb221b812902b62d01edd35ca394fb37e4e5650bda5323df08810a3e9cd72d64d8005ec2f270c70bdfd04a755f824c455699ab5eba5e12d0118f7e","ssdeep":"","tlshash":"14f09660ae064014fa1c306164b5e16c7414743b8c43c912c44dec7e2df2fa54deb10c","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":true,"data":null}},"time_used":10608,"timings":{"blocked":5163,"dns":5003,"connect":13,"send":0,"wait":270,"receive":1,"ssl":155},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gishejuy.com/impression/O5XJnwVu6vkILg5OKED4OpvRlKUKZqLBKzFbRDVge7kt_VUylbQBLnAVUl_GEFkmU-bGO0YmtaDmbifwg_pcZPLRqNVPeiYz4oAcycHwuf_qW9z5ENz_p8fC8bsZbd79V6cF3c8p83fBCnCpo_aV-aSDaDBylDkmru6rj5UTtzCEKBL47-TW8Lp4jEG5mhMW9PGBVdo2GpbT4ZNasD0JYz7HmYN0MUJsQ3nPSONEtfjQPOkWg3CVn6-dWW3OoeDYAb76G7yTvPPwiYZ6aUKOVBeFwYlfkYJUBZthqF0-jsYoeQTu5INCNnOsr-fW4hTwN9DVLKO3YqP0g1mEvUe4b8563AViTxWwnrFOhSn_ERCVMLhGjzPUTsZjXLOUFpTndc_b7FmCYOrxrjCsFJFK-jluwvdrx0WK59XNRXQm5WKAw7jDLL8ZaDl375ssS00f298BKIrU6wlZDABagPB0cmBNYTJ3Vrm84hkwbneLZR7CwTiDPwB--vSfptMJZ3LgrtiJlriAlH9dUB30b2pQ0HIoZHY4GHi3eifY4yKuvuIVzby1XDswHa2WK6ULs7Uk5DpX_n-RYxbs0OMRLIlMVQ==?_z=6551784\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=4\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0","fqdn":"gishejuy.com","domain":"gishejuy.com","tld":"com"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:11.342Z","timestamp":1699217531342,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gishejuy.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Oct 2023 09:21:45 GMT","end":"Tue, 23 Jan 2024 09:21:44 GMT"},"fingerprint":{"sha1":"99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31","sha256":"FE:D3:58:83:02:F8:0B:53:C4:A1:8B:93:C2:9C:DB:47:1C:83:4F:DE:C2:A8:A7:91:E4:08:98:7D:69:3C:03:E1"}}},"request":{"raw":"GET /impression/O5XJnwVu6vkILg5OKED4OpvRlKUKZqLBKzFbRDVge7kt_VUylbQBLnAVUl_GEFkmU-bGO0YmtaDmbifwg_pcZPLRqNVPeiYz4oAcycHwuf_qW9z5ENz_p8fC8bsZbd79V6cF3c8p83fBCnCpo_aV-aSDaDBylDkmru6rj5UTtzCEKBL47-TW8Lp4jEG5mhMW9PGBVdo2GpbT4ZNasD0JYz7HmYN0MUJsQ3nPSONEtfjQPOkWg3CVn6-dWW3OoeDYAb76G7yTvPPwiYZ6aUKOVBeFwYlfkYJUBZthqF0-jsYoeQTu5INCNnOsr-fW4hTwN9DVLKO3YqP0g1mEvUe4b8563AViTxWwnrFOhSn_ERCVMLhGjzPUTsZjXLOUFpTndc_b7FmCYOrxrjCsFJFK-jluwvdrx0WK59XNRXQm5WKAw7jDLL8ZaDl375ssS00f298BKIrU6wlZDABagPB0cmBNYTJ3Vrm84hkwbneLZR7CwTiDPwB--vSfptMJZ3LgrtiJlriAlH9dUB30b2pQ0HIoZHY4GHi3eifY4yKuvuIVzby1XDswHa2WK6ULs7Uk5DpX_n-RYxbs0OMRLIlMVQ==?_z=6551784\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=4\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026tzofs=0\u0026js_build=8\u0026sw_version=v1.306.0 HTTP/1.1\r\nHost: gishejuy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nCookie: OAID=a54b3fba89bc4d09a1fe9ccba830cea1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:11 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-trace-id: e0c34e1e1323556438fbee0338e52ae4\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-05-08T01:36:21.504213Z","times_seen":99204,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"gishejuy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/fonts/nunito-sans-v12-latin-regular.woff","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:03.577Z","timestamp":1699217523577,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/fonts/nunito-sans-v12-latin-regular.woff HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nuke.biz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: application/font-woff\r\ncontent-length: 20864\r\nlast-modified: Sun, 06 Nov 2022 23:25:02 GMT\r\netag: \"5180-5ecd59dbaaf80\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20864,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 20864, version 1.1\\012- data","md5":"159f6e63e068d1b2233c78fadb789b96","sha1":"dc7a6ec97ef463929eea507a5a2e76d2fb574b25","sha256":"481b0fe050b9209c7dcd0cf23363c1754d094933aa28b329599d360c050a418e","sha512":"982bee594e900d455737e8668e9c188b4a8200d9dc162b4175e670d5a670694f36a124fd16ff00f8ae13ce9ca0a2e43ffc8170a09c1a2544d0e90d45c9f00edd","ssdeep":"384:2BAa5gnPx0XyrWWpSwN6ouhxjTKjq5rb7FhI27fW3tabjnyxpUE8W3ft:2BA/0XyWW3NfwxHKmTra9ijnyUE8st","tlshash":"3692e091ce59e5bae06a29b242d7a211340134093fdcc21b798f8917065dff0bfa9e15","first_seen":"2023-07-19T01:40:51Z","last_seen":"2026-05-06T14:42:20.839355Z","times_seen":108,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pogothere.xyz/asd100.bin","fqdn":"pogothere.xyz","domain":"pogothere.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.203","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.948Z","timestamp":1699217523948,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Tue, 28 Feb 2023 00:00:00 GMT","end":"Tue, 27 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB","sha256":"09:91:FB:E4:53:65:EC:A7:C4:6B:EB:F6:E2:94:A5:09:45:6F:FC:DC:B1:B4:E4:67:80:61:7A:EE:7F:81:DD:45"}}},"request":{"raw":"GET /asd100.bin HTTP/1.1\r\nHost: pogothere.xyz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: binary/octet-stream\r\naccess-control-allow-origin: https://www.upload.ee\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: X-Requested-With, content-type\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 5400\r\nlast-modified: Sun, 05 Nov 2023 19:22:04 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=VNevQkqDEVvKrWrL7MjrQYkgolc8zwVJ%2FDWd%2BPJYEiMr8qWgABQ413qoEyfD0iWcQHiy89ZI42eJHjyQC64XKdOJBXLFBsMmqOJN8arEC49QrriWtpb%2BRNZy9fipfCVd\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8217fa755aa356b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102400,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"4c6426ac7ef186464ecbb0d81cbfcb1e","sha1":"5a6918eebd9d635e8f632e3ef34e3792b1b5ec13","sha256":"f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16","sha512":"5f6dbea410beee80292b16df6fcc767ae6baf058ab4c38fa6a4fc72b7828374af42bd6da094eada2ad006d1a0754f9ff7bdd94c0ef9540e6651729b74fb9ea46","ssdeep":"3::","tlshash":"9ca3000000000000c00000300000000000000000000000000000000000000000000000","first_seen":"2023-04-05T04:27:22Z","last_seen":"2026-03-16T07:24:59.73574Z","times_seen":12181,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":95,"dns":20,"connect":27,"send":0,"wait":9,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nandweandthe.org/VVB4Z2R6bxsUWQcXMiU3ZWlBMgoHZx4vAAQ0SxNQMxYIHgJmYF4TDTFtQV5TYWBAQRQ8NEVWXHMjDAYQICNFVkI8Ph4IWXMmRVZKZX5KSVBzJUVWQiEgGQBZZHYIExA5bUlRXWxiSVBRZ2NIU10","fqdn":"nandweandthe.org","domain":"nandweandthe.org","tld":"org"},"ip":{"addr":"172.67.176.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.059Z","timestamp":1699217523059,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nandweandthe.org","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Oct 2023 06:45:49 GMT","end":"Sun, 28 Jan 2024 06:45:48 GMT"},"fingerprint":{"sha1":"1F:B6:15:88:D9:CB:F8:82:C6:0C:AE:98:CF:A4:E2:D8:06:4E:0D:6D","sha256":"B8:01:DE:85:2B:65:C6:B5:37:64:91:0A:F7:91:37:EF:98:07:84:8C:76:CA:46:E7:54:71:E3:23:E4:02:DE:6D"}}},"request":{"raw":"GET /VVB4Z2R6bxsUWQcXMiU3ZWlBMgoHZx4vAAQ0SxNQMxYIHgJmYF4TDTFtQV5TYWBAQRQ8NEVWXHMjDAYQICNFVkI8Ph4IWXMmRVZKZX5KSVBzJUVWQiEgGQBZZHYIExA5bUlRXWxiSVBRZ2NIU10 HTTP/1.1\r\nHost: nandweandthe.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Y3PyCGGY6x1AX6fx%2FZ1l5I2QFrCTtRrQn1YT8Qz%2FmeLAuBmYWUyIgP9gLQpPk9anfczkHi%2FMNb6J9yaJPcorqhI7QVSmV7BVkoSu%2B2kPS5d7op0TiDgw1Cv8UY5dAszJJUfv\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8217fa6f3be4568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":118,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nandweandthe.org/M3R3dkwcSxQFcWEaNT8ZZgxHJyJHGBM+GncXIBJ9Vx81ARYAH1ECJVdJTk97B0VDUDxaEEpHakAAFgI5QElGUCVdEhhLakVJRlh/B1pEQmIDUgJLfRUABxcrDkVRBjhHGEpHegpNRUd7BkZERnsD","fqdn":"nandweandthe.org","domain":"nandweandthe.org","tld":"org"},"ip":{"addr":"172.67.176.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.494Z","timestamp":1699217523494,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nandweandthe.org","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Oct 2023 06:45:49 GMT","end":"Sun, 28 Jan 2024 06:45:48 GMT"},"fingerprint":{"sha1":"1F:B6:15:88:D9:CB:F8:82:C6:0C:AE:98:CF:A4:E2:D8:06:4E:0D:6D","sha256":"B8:01:DE:85:2B:65:C6:B5:37:64:91:0A:F7:91:37:EF:98:07:84:8C:76:CA:46:E7:54:71:E3:23:E4:02:DE:6D"}}},"request":{"raw":"GET /M3R3dkwcSxQFcWEaNT8ZZgxHJyJHGBM+GncXIBJ9Vx81ARYAH1ECJVdJTk97B0VDUDxaEEpHakAAFgI5QElGUCVdEhhLakVJRlh/B1pEQmIDUgJLfRUABxcrDkVRBjhHGEpHegpNRUd7BkZERnsD HTTP/1.1\r\nHost: nandweandthe.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=ZntGTzYNBGd9M9EfgWwsRYjfLELGN9jIigKtZUDbWEbYEFLj9ZpjAITScR6n8f9VyuMbemGiktsoirifX6PuL4X85sN4I8IcEpWQ9gP4EanxWQSqRfh6oTckPGqE15EIFPQg\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8217fa708df1568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/js/app.min.js","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.169Z","timestamp":1699217522169,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/js/app.min.js HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 22 Aug 2023 17:20:04 GMT\r\netag: W/\"16fe-6038634a51900\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5886,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (6152), with no line terminators","md5":"340b143eaf138cbe01808df36623ba17","sha1":"12028e27b21f2b30dcc8bd5b348e2f9376c23f1e","sha256":"b814997885c4d027fedde3afd5908840303e4fe6d3bbfd9aaebf75ac8c133e4f","sha512":"df8ae15d74d30e28245d1a8d3316b32075dc882d456e8ae742ed50100151f39989849ad333df81c5db9ee85bcb2ba4273334962af251fab3f733c0061b58feb0","ssdeep":"96:uWEazLSMkDH2iXI6hUREfJlmQQH72Khs5QESQkfM27Ks2X2WlnycYyfeb:uWEaXkDx46hWEBl7S7jE8kjXPf8","tlshash":"4ac1b30cb14cb12b23bb72329c2faa0c957779848615e0587151d4aceae89d91db3f2f","first_seen":"2023-10-24T16:45:52Z","last_seen":"2025-03-09T10:21:54.019835Z","times_seen":25,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":129,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/static/ubr__style.css","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:02.481Z","timestamp":1699217522481,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /static/ubr__style.css HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15487444/Dailymotion.com.txt.html\r\nCookie: lng=eng\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 05 Nov 2023 20:52:02 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 17 Oct 2023 12:17:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: W/\"652e7b50-24da\"\r\nExpires: Sun, 12 Nov 2023 20:52:02 GMT\r\nCache-Control: max-age=604800\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9434,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (9680), with no line terminators","md5":"ab59a1bc9fadd0961e5f60c35aa9052a","sha1":"5785a15139773ccec5942d241743d0f26d0e36c4","sha256":"b5bb8632acdad4c1ee9ef902886c1a1475178561c5c17dc4d1b54c849bd60a8a","sha512":"d5a4cccff3f80c1cfb8a09d0166bb8a73b007b9c84fe461d713d628985679a06b663d45b56eca706ba5042570946987db31dba1c1740b5cc2fddddb1a2055c9d","ssdeep":"192:Tbc238bfc300nkkQKU081LCXLZMtu0PcOaw:v30ak30wL+ZIPcOaw","tlshash":"2112a572a66e301eb56bc47ab841f5dd3959988bc0534f34faa63635c9c20d9333bb08","first_seen":"2023-11-05T21:52:26Z","last_seen":"2025-04-06T19:31:01.038712Z","times_seen":103,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gishejuy.com/400/6551784","fqdn":"gishejuy.com","domain":"gishejuy.com","tld":"com"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.949Z","timestamp":1699217522949,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gishejuy.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Oct 2023 09:21:45 GMT","end":"Tue, 23 Jan 2024 09:21:44 GMT"},"fingerprint":{"sha1":"99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31","sha256":"FE:D3:58:83:02:F8:0B:53:C4:A1:8B:93:C2:9C:DB:47:1C:83:4F:DE:C2:A8:A7:91:E4:08:98:7D:69:3C:03:E1"}}},"request":{"raw":"GET /400/6551784 HTTP/1.1\r\nHost: gishejuy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: 55dff35b6a0178d9d74a4f0567566914\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64\r\nset-cookie: OAID=9fb02cb1d83b473dae963eda946ab806; expires=Mon, 04 Nov 2024 20:52:03 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":82015,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e090d59aeb53215074982292f514c3ca","sha1":"e81355ab40be8b86c40546bf386645b53c21b0aa","sha256":"e07745f1a30fffc972c3792214cd4f7b501903f5d05ce11e78d570469c711b20","sha512":"d48245f60013aa310fb7bc32d1e4158b4a417dca53219c82e92811954ec66d13dfbb518f071d01a074490a2996f5713b153753ee70bbc1757151dbf535496269","ssdeep":"1536:CDlqP7JqOO3hJ5zkq88tunUEQwpO+L1YJAL+n:JlwO1qA+n","tlshash":"ab8374a5f16674ea4222f87309af125b977a6664f82f8570a03db291373011ff16f8dc","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":true,"data":null}},"time_used":295,"timings":{"blocked":99,"dns":3,"connect":37,"send":0,"wait":69,"receive":0,"ssl":80},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-05","alert":"Sinkholed","trigger":"gishejuy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nandweandthe.org/popunder.gif","fqdn":"nandweandthe.org","domain":"nandweandthe.org","tld":"org"},"ip":{"addr":"172.67.176.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.840Z","timestamp":1699217523840,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nandweandthe.org","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Oct 2023 06:45:49 GMT","end":"Sun, 28 Jan 2024 06:45:48 GMT"},"fingerprint":{"sha1":"1F:B6:15:88:D9:CB:F8:82:C6:0C:AE:98:CF:A4:E2:D8:06:4E:0D:6D","sha256":"B8:01:DE:85:2B:65:C6:B5:37:64:91:0A:F7:91:37:EF:98:07:84:8C:76:CA:46:E7:54:71:E3:23:E4:02:DE:6D"}}},"request":{"raw":"GET /popunder.gif HTTP/1.1\r\nHost: nandweandthe.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: image/gif\r\naccess-control-allow-origin: *\r\npragma: public\r\ncache-control: public, max-age=604800, immutable\r\ncf-cache-status: HIT\r\nage: 97404\r\nlast-modified: Sat, 04 Nov 2023 17:48:39 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=3wShaetAQzVfEM%2FM4V0%2FYhyj1Kzd7gl%2FxNi3b%2BivYUBS4XfxCEXAYFsGCfw4WoFlTeh1wEt5PvgboL8zl0YtLCKNdjmdJdyZq2usPDordnQ5SEKSBUaGyQR9Dld9WeoFIToQ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8217fa737c3456b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"28d6814f309ea289f847c69cf91194c6","sha1":"0f4e929dd5bb2564f7ab9c76338e04e292a42ace","sha256":"8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015","sha512":"1d68b92e8d822fe82dc7563edd7b37f3418a02a89f1a9f0454cca664c2fc2565235e0d85540ff9be0b20175be3f5b7b4eae1175067465d5cca13486aab4c582c","ssdeep":"","tlshash":"be800003c280c002c2a2c0308e08ca802a8ab0a08a28030fb0ec3baafc2a2a20c00000","first_seen":"2023-04-05T07:36:27Z","last_seen":"2026-05-08T01:42:24.763698Z","times_seen":46916,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nandweandthe.org/cTdIbEdeCCsfehBbHV4TJFsrNSAnDi0qCRt2EBhwKVoZJCJCdm4YLhUKcVVwQgFxSjcYU3VdYQJDKRgyAgp5Si4fUSdRYQcKeUJ0RRl7WGlBET1RdldDOA0gTAZuHDMFW3VdcUgOel1wRAV7XHVA","fqdn":"nandweandthe.org","domain":"nandweandthe.org","tld":"org"},"ip":{"addr":"172.67.176.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.031Z","timestamp":1699217523031,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nandweandthe.org","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Oct 2023 06:45:49 GMT","end":"Sun, 28 Jan 2024 06:45:48 GMT"},"fingerprint":{"sha1":"1F:B6:15:88:D9:CB:F8:82:C6:0C:AE:98:CF:A4:E2:D8:06:4E:0D:6D","sha256":"B8:01:DE:85:2B:65:C6:B5:37:64:91:0A:F7:91:37:EF:98:07:84:8C:76:CA:46:E7:54:71:E3:23:E4:02:DE:6D"}}},"request":{"raw":"GET /cTdIbEdeCCsfehBbHV4TJFsrNSAnDi0qCRt2EBhwKVoZJCJCdm4YLhUKcVVwQgFxSjcYU3VdYQJDKRgyAgp5Si4fUSdRYQcKeUJ0RRl7WGlBET1RdldDOA0gTAZuHDMFW3VdcUgOel1wRAV7XHVA HTTP/1.1\r\nHost: nandweandthe.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=MOR4grtn2f%2BvggTli0Bhmnu9HknNXxgAp3IH%2FizfXWUpTLGdgdqTsIXnVbM6mbxh78ZP1%2B%2FxH%2FO1HWBi97O6USUVl3GdcEzqcxwAUFo5blhoctFlZ%2FNp%2F0676lH8cOmFlBd0\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8217fa6f3be2568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":29,"dns":3,"connect":3,"send":0,"wait":114,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dweatherbe.org/utx?cb=4JMF6jKry0By\u0026top=www.upload.ee\u0026tid=997414","fqdn":"dweatherbe.org","domain":"dweatherbe.org","tld":"org"},"ip":{"addr":"108.157.214.79","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.959Z","timestamp":1699217523959,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dweatherbe.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Sun, 22 Oct 2023 00:00:00 GMT","end":"Tue, 19 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"B9:18:AC:1F:87:E4:2C:E9:36:35:FF:E7:F8:8F:F7:77:F0:AB:4C:4A","sha256":"50:E5:D8:5C:74:BC:BB:FD:C9:EC:F8:CB:E7:31:E6:48:4D:16:4E:C9:56:2D:FA:E7:02:D5:38:25:45:DD:BE:9A"}}},"request":{"raw":"GET /utx?cb=4JMF6jKry0By\u0026top=www.upload.ee\u0026tid=997414 HTTP/1.1\r\nHost: dweatherbe.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\nserver: openresty/1.17.8.2\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.upload.ee\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\nset-cookie: ut=x; Expires=Sun, 05 Nov 2023 20:53:04 GMT; Max-Age=60\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 0078c2805bf98a4574ea5eee972aa9f6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: KwdyE-EsDE7Lw46uOvfSBqRI7sKE83FE5UQtRz7WoCEA2YEQsRHFYA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/custom.min.js","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.170Z","timestamp":1699217522170,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/custom.min.js HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 29 Aug 2023 12:54:04 GMT\r\netag: W/\"3380-6040f4e3e7300\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13184,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text, with very long lines (13184), with no line terminators","md5":"6d0fd498fae4b3e791c3960f13d990a4","sha1":"17fc76b7d7baf945b510380329a265673bfe7bd1","sha256":"e2f9b84536c735a5d94780169580ecfb7e4114f4ae3d011d1fd2f16c408febfe","sha512":"ff9c965b35bb27ea2508a9b66ee687e1fda75fb3d9ae4a69503643a46bb6e9d69dd63e04823d70c5ab9b6a909b5eb584d99cd1aa2fafa6adac204b58e1f8a734","ssdeep":"192:SBYBxP4en6N6C6lH9/JwSzLA5kSApcpX7ctkjQYLIfQ9vz/e6A:R3P4en6N6C6lH9/JwSO1AGaqkQ9v7e6A","tlshash":"8e42622cb169e4bb13ff352b116e694520263c6dd5062219f0a995b52efcc843177b3f","first_seen":"2023-10-19T01:13:37Z","last_seen":"2026-04-18T22:58:50.553124Z","times_seen":35,"resource_available":true,"data":null}},"time_used":468,"timings":{"blocked":128,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49\u0026l=dataLayer\u0026cx=c","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.622Z","timestamp":1699217523622,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:02:30 GMT","end":"Mon, 08 Jan 2024 08:02:29 GMT"},"fingerprint":{"sha1":"3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA","sha256":"B2:36:22:7D:39:74:21:4E:E2:98:4A:15:1D:E5:2D:20:AC:EF:50:AB:7E:1D:E2:0F:75:35:83:BB:BE:A1:9E:ED"}}},"request":{"raw":"GET /gtag/js?id=G-LT9YQX0N49\u0026l=dataLayer\u0026cx=c HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\nexpires: Sun, 05 Nov 2023 20:52:03 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 86036\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":249537,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (3034)","md5":"e3418f24d020365490d1edce09545dd9","sha1":"d8f719f10c7a22b9d1ccdb45b6c360e17e7e1cb3","sha256":"8ccf82db0be4818315a4b2709219dc98667a007f85de97592431457a7ad6c061","sha512":"58d4d9294efd6b11ece6d336967d4101cfaa07dc0276317174a75dd36a94172537ed83a6e5c789f5c652588e62b9de652681396821f45fe53a0229f40656771c","ssdeep":"3072:WHl+V36EllMSX/tyyUyjSeKvxXAKqM8GyP8QUCWaXb3WV/9H72I9LZVokA6q2WxC:uQZBVyyUyWQFP8FCWaXb30FPYkfqK","tlshash":"503407d973c3706682a7b479503f014be5bb2ca6b44ccc94e189c9d02e78a9a517bf7c","first_seen":"2023-11-05T21:52:25Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f","fqdn":"fleraprt.com","domain":"fleraprt.com","tld":"com"},"ip":{"addr":"139.45.195.254","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.667Z","timestamp":1699217524667,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"fleraprt.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Mon, 09 Jan 2023 00:00:00 GMT","end":"Sun, 14 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"A4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9","sha256":"1E:28:77:C9:52:58:8A:A0:51:FE:84:59:28:A0:0C:60:EB:46:B0:7C:5D:3C:F4:AB:A3:77:94:DA:9E:46:9C:46"}}},"request":{"raw":"POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1\r\nHost: fleraprt.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1652\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.10\r\nDate: Sun, 05 Nov 2023 20:52:17 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 12\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://llama.website\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE\r\nAccess-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"troff or preprocessor input, ASCII text, with no line terminators","md5":"6949f52318584a4b51c719a9b84a7287","sha1":"9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905","sha256":"72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375","sha512":"e6fe6933cec9b100c83def2bfd6974540afd67910b75ff3e9d269ab1a5d091e922830656b10e6cdd3bcec7257881a2c6cd0886ed12ecacceb9d89e786f5330de","ssdeep":"","tlshash":"de600000000300c33cc300c000c00030fc000c00000f30000c0c0030c00c0c0c00c000","first_seen":"2023-04-06T16:49:23Z","last_seen":"2025-04-06T22:35:34.412901Z","times_seen":5757,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":179,"dns":3,"connect":32,"send":0,"wait":35,"receive":0,"ssl":143},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"llama.website/Sq","fqdn":"llama.website","domain":"llama.website","tld":"website"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-05T20:52:01.318Z","timestamp":1699217521318,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /Sq HTTP/1.1\r\nHost: llama.website\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=oi5il24eti2u3cdbhu5nj80ssr; path=/\nshort_348=1; expires=Sun, 05-Nov-2023 21:07:01 GMT; Max-Age=900; path=/; HttpOnly\r\nx-powered-by: PHP/8.0.30, PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6777,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (7277), with no line terminators","md5":"f7d89915198972d464a39f280f7736ff","sha1":"4f810d600d0c6e97a4823963ffe874625c421aa4","sha256":"54acd923e4185f6a4b96e6e86863cfe910952f3f457231b6284657d4a1eac49b","sha512":"ec29b46b6932e603aca4583fdee7cde1ce3ffd84721bd23456735e4aca8d630c18739cd885a91f277a4e37c37ddbc8b15d0dd5799bd6240eafd75d92cd3ef4cd","ssdeep":"96:t5H0HyKWSfHks2V3EtdcJXVMhvpz2ZQD7dXHK7/7:t5H0HyKWWEs2V3EtdctV8v0+ndXM/7","tlshash":"afe1a47f5a5dd439020288d81671bc2de926f05aae708819b1dc11dc83e2ff6c49bba5","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":556,"timings":{"blocked":70,"dns":0,"connect":23,"send":0,"wait":415,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/libs/select2/dist/css/select2.min.css","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.152Z","timestamp":1699217522152,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/libs/select2/dist/css/select2.min.css HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 13 Dec 2022 03:15:26 GMT\r\netag: W/\"3a76-5efad07fdaf80\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14966,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14965)","md5":"9f54e6414f87e0d14b9e966f19a174f9","sha1":"ae5735562faabd1a2d9803bbd7bf4c502b5e4f51","sha256":"15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81","sha512":"9cc365a6e6833ebaa5125b37217fd0e7a1f7eaabc1012c1bde2a6ea373317966ec401d7cf35a31d1c46fed43d380196b8aaa329eddf92a313080651e51720f9f","ssdeep":"192:pL5u/nTfc3aqPJRQ9CPjOtWlUJKLPcH9tPOF:3u/TfXARQ9htWGSPcdwF","tlshash":"3f62b935bacc2235b0bf8e7f6cf274946729dd5fc4111b9ab8e9e594c8e04540a8b60f","first_seen":"2023-04-05T09:15:52Z","last_seen":"2026-05-08T02:30:31.209933Z","times_seen":18289,"resource_available":false,"data":null}},"time_used":429,"timings":{"blocked":144,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pogothere.xyz/","fqdn":"pogothere.xyz","domain":"pogothere.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.203","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.951Z","timestamp":1699217523951,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Tue, 28 Feb 2023 00:00:00 GMT","end":"Tue, 27 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB","sha256":"09:91:FB:E4:53:65:EC:A7:C4:6B:EB:F6:E2:94:A5:09:45:6F:FC:DC:B1:B4:E4:67:80:61:7A:EE:7F:81:DD:45"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pogothere.xyz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: text/plain\r\nset-cookie: csu=87222391364238@1@1699217524; Max-Age=31104000; Secure; SameSite=None\r\naccess-control-allow-origin: https://www.upload.ee\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: X-Requested-With, content-type\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=N%2BRpw%2B4ABLeYP357RR0g6aRgefk8uGeulImZOLPVrDo%2BHXpiGxhDkqVAN8tXj5pQeH51R%2BVsimuD9smm8Ro4%2Fl3Nabxbs8yQzMg0%2FiBk3sqkiww74wZu5SOi7qHGRtYX\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8217fa753a8c56b9-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"5520266d1e49ad168106e7d66e95ffdb","sha1":"0ff32b1cbf9f17fa18462996313d4dace6ebbc38","sha256":"9b5b5cc88a30d925cffc85ff0b5764691247441bc59406d44d71209600928113","sha512":"860203ca547caead01e80489ab65f952d010c083e10842e5863099785485e982f6d2c1568ab473151e2673c43ce9abb7f874d747a7b85bd16a6ae57fcc9f1486","ssdeep":"","tlshash":"f37000808bb008a28cf3200000820200afc00a32800a282a00ca0b8020ab338ca20000","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":78,"dns":5,"connect":1,"send":0,"wait":120,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/libs/feather-icons/dist/feather.min.js","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.160Z","timestamp":1699217522160,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/libs/feather-icons/dist/feather.min.js HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 26 Oct 1985 06:15:00 GMT\r\netag: W/\"12803-1c5faa6582100\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":75779,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":500,"timings":{"blocked":-1,"dns":156,"connect":27,"send":0,"wait":344,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pogothere.xyz/asd100.bin","fqdn":"pogothere.xyz","domain":"pogothere.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.203","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.955Z","timestamp":1699217523955,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Tue, 28 Feb 2023 00:00:00 GMT","end":"Tue, 27 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB","sha256":"09:91:FB:E4:53:65:EC:A7:C4:6B:EB:F6:E2:94:A5:09:45:6F:FC:DC:B1:B4:E4:67:80:61:7A:EE:7F:81:DD:45"}}},"request":{"raw":"GET /asd100.bin HTTP/1.1\r\nHost: pogothere.xyz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: binary/octet-stream\r\naccess-control-allow-origin: https://www.upload.ee\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: X-Requested-With, content-type\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 5400\r\nlast-modified: Sun, 05 Nov 2023 19:22:04 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=ix67THeaLnImdStw6VQ9IOgU6%2FZmWiYUDmkML%2F9kCLdEp1y4O5bxn5t9KqoWVYyz2FT0FxCpAGSOwclFhmBZDDC4fW2vS80P9DFuzhLe7QgKAjKEuW4CsrlXUPoFK2Fd\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8217fa755aa756b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102400,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"4c6426ac7ef186464ecbb0d81cbfcb1e","sha1":"5a6918eebd9d635e8f632e3ef34e3792b1b5ec13","sha256":"f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16","sha512":"5f6dbea410beee80292b16df6fcc767ae6baf058ab4c38fa6a4fc72b7828374af42bd6da094eada2ad006d1a0754f9ff7bdd94c0ef9540e6651729b74fb9ea46","ssdeep":"3::","tlshash":"9ca3000000000000c00000300000000000000000000000000000000000000000000000","first_seen":"2023-04-05T04:27:22Z","last_seen":"2026-03-16T07:24:59.73574Z","times_seen":12181,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":90,"dns":17,"connect":27,"send":0,"wait":11,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/bundle.pack.js","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.158Z","timestamp":1699217522158,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/bundle.pack.js HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 28 Oct 2021 23:50:18 GMT\r\netag: W/\"51029-5cf725f70c280\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":331817,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":498,"timings":{"blocked":-1,"dns":157,"connect":27,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:08.619Z","timestamp":1699217528619,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:01 GMT","end":"Mon, 08 Jan 2024 08:10:00 GMT"},"fingerprint":{"sha1":"FA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9","sha256":"49:8C:6B:B2:97:76:80:4E:24:97:74:5B:32:58:34:BD:68:38:53:29:53:2A:A7:1E:4D:63:92:60:0F:60:FB:D4"}}},"request":{"raw":"GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 05 Nov 2023 20:52:08 GMT\r\ndate: Sun, 05 Nov 2023 20:52:08 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10615,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"dbdc7ee435c6a7f4277bfc7fedf28368","sha1":"8194a5d7e0108bed7abb001d8bf2b8985a5aa2ca","sha256":"91b113cbf5aedc9b93ceebe313863344b1ead775a618a7e9f31f9e98dbbdf227","sha512":"3a76c3cce0b9184b80ae6c5aa3b9da358e7ce5b939dab4a666327b91c04dbbeaa903278ad08852cdebedf48875fad222d6a28f52737571daee8bd5532a4fdb19","ssdeep":"192:D7NGz7Nf7NA7Nue7Nu7NJj7NkNa5N4NXNRqNWNIJNENFQNDN8NJXNtNGgN+rNU75:DBGzBfBABueBuBNBiafWdRQciCFe5KJD","tlshash":"622267a1481ba400ab831cd673cf7d35ed4f62152082c476ebfd68a8ade7e27536474e","first_seen":"2023-05-06T10:16:08Z","last_seen":"2026-05-02T08:18:24.01747Z","times_seen":814,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":36,"dns":0,"connect":8,"send":0,"wait":20,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/fonts/nunito-sans-v12-latin-regular.woff","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:09.075Z","timestamp":1699217529075,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/fonts/nunito-sans-v12-latin-regular.woff HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nuke.biz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:09 GMT\r\ncontent-type: application/font-woff\r\ncontent-length: 20864\r\nlast-modified: Sun, 06 Nov 2022 23:25:02 GMT\r\netag: \"5180-5ecd59dbaaf80\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20864,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 20864, version 1.1\\012- data","md5":"159f6e63e068d1b2233c78fadb789b96","sha1":"dc7a6ec97ef463929eea507a5a2e76d2fb574b25","sha256":"481b0fe050b9209c7dcd0cf23363c1754d094933aa28b329599d360c050a418e","sha512":"982bee594e900d455737e8668e9c188b4a8200d9dc162b4175e670d5a670694f36a124fd16ff00f8ae13ce9ca0a2e43ffc8170a09c1a2544d0e90d45c9f00edd","ssdeep":"384:2BAa5gnPx0XyrWWpSwN6ouhxjTKjq5rb7FhI27fW3tabjnyxpUE8W3ft:2BA/0XyWW3NfwxHKmTra9ijnyUE8st","tlshash":"3692e091ce59e5bae06a29b242d7a211340134093fdcc21b798f8917065dff0bfa9e15","first_seen":"2023-07-19T01:40:51Z","last_seen":"2026-05-06T14:42:20.839355Z","times_seen":108,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":55,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pogothere.xyz/","fqdn":"pogothere.xyz","domain":"pogothere.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.203","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.upload.ee/files/15487444/Dailymotion.com.txt.html","date":"2023-11-05T20:52:03.956Z","timestamp":1699217523956,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Tue, 28 Feb 2023 00:00:00 GMT","end":"Tue, 27 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB","sha256":"09:91:FB:E4:53:65:EC:A7:C4:6B:EB:F6:E2:94:A5:09:45:6F:FC:DC:B1:B4:E4:67:80:61:7A:EE:7F:81:DD:45"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pogothere.xyz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Nov 2023 20:52:04 GMT\r\ncontent-type: text/plain\r\nset-cookie: csu=855732120997847@1@1699217524; Max-Age=31104000; Secure; SameSite=None\r\naccess-control-allow-origin: https://www.upload.ee\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: X-Requested-With, content-type\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=cHhkY%2BDngzs5ayloSmO7QztlVBtvcPO9WWyACnzp%2FWX4SmR5JFTQRI95EW3bJDxnMJN3%2F6jmpVaF77OBXk0gLXPlKwnWXs9A3rAda0IVZUvoOd82k%2FATviQ8qTAizeU3\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8217fa754a8f56b9-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"663cb5b75f25a60ae560e7cf105ea505","sha1":"9b566f39db31f71efc48d87f5fff7f78a2b56d87","sha256":"bb91d0f1aeebb47658f4205af7326a82699dcb2e08c34a4c898c102790f07ab9","sha512":"8c494d5b0ace986e3459192923eda3f961400218b6496e8333c20acf807a88fcd2504a9b45b252017b0d6278445b2aceb211eb665d2587c34dfa6e4709b53a40","ssdeep":"","tlshash":"178000008b220ee2c82008828288008882e80fa020302cae0280a280000ea30c200000","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":77,"dns":8,"connect":1,"send":0,"wait":114,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ibrapush.com/pfe/current/defaultSkin.min.js","fqdn":"ibrapush.com","domain":"ibrapush.com","tld":"com"},"ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:05.125Z","timestamp":1699217525125,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ibrapush.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 25 Aug 2023 05:43:35 GMT","end":"Thu, 23 Nov 2023 05:43:34 GMT"},"fingerprint":{"sha1":"3B:3D:4B:42:6B:6E:62:C4:F4:D3:DC:97:17:EF:48:8C:68:5C:58:85","sha256":"AA:D3:D2:41:41:D1:0D:72:78:07:A2:BC:C4:A2:AB:BC:A3:19:1C:89:62:3C:00:77:F3:2E:C4:37:A6:AD:7D:90"}}},"request":{"raw":"GET /pfe/current/defaultSkin.min.js HTTP/1.1\r\nHost: ibrapush.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llama.website/\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 02 Nov 2023 08:40:08 GMT\r\netag: W/\"65436068-df63\"\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache\r\npragma: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":57187,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg","fqdn":"offerimage.com","domain":"offerimage.com","tld":"com"},"ip":{"addr":"104.22.33.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:08.585Z","timestamp":1699217528585,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Mon, 06 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"DB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0","sha256":"34:C5:1C:5B:A8:54:FD:04:12:B5:7D:F2:1C:E0:EA:99:16:9A:0A:83:AD:56:FC:59:BC:A3:27:5E:81:D7:0B:23"}}},"request":{"raw":"GET /www/images/c203639f459b6e675afc744dd5393fc6.jpeg HTTP/1.1\r\nHost: offerimage.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Nov 2023 20:52:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 10857\r\ncache-control: max-age=86400\r\ncf-bgj: h2pri\r\netag: \"6388849a-2a69\"\r\nexpires: Mon, 06 Nov 2023 00:58:39 GMT\r\nlast-modified: Thu, 01 Dec 2022 10:40:26 GMT\r\ntiming-allow-origin: *\r\ncf-cache-status: HIT\r\nage: 71609\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8217fa91bf2e0a18-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10857,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\\012- data","md5":"c203639f459b6e675afc744dd5393fc6","sha1":"c83a0142c1a7f6a07c2dd360243197a27f560932","sha256":"64b4e386658d3f5764261f576a4673eb506fcad5e38e69ef085723f8dab72263","sha512":"5e4567854d8239655c82699958cd00e68d24ee7095f4e6e035d5a82423acee3accd55491a426bc223c3fc85add5794e6f9931d1bd50c9cdea1509b746a67122a","ssdeep":"192:3EtsHMFai4Wy9P6ZKvp6rPwTYKZg1TxxBibj+j0KOIk:00MFh4WQ6ZcpUiFCdKbatjk","tlshash":"fd22bfb12232828cc9439a771f824494ce17ec939f3ad3968123b7dc62dc967641b28f","first_seen":"2023-04-09T18:58:42Z","last_seen":"2023-11-08T08:03:43Z","times_seen":526,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/css/style.min.css","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.156Z","timestamp":1699217522156,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/css/style.min.css HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 03 Aug 2023 01:57:38 GMT\r\netag: W/\"72eca-601fb1ac80880\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":470730,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":426,"timings":{"blocked":141,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veepteero.com/?rb=npC4dmOUAdv4VjJow7jleoVeAT9r_Afg16uYefGa2H3emkiGbAJoUamRWqHVSPU9eoOpm17x3qyZ9gNQJLntpT2jKh_u3RwafKRVi7D0F-iDYYKlQoegvEQmvE5M117bFLqzMD1GE0cc1rQBKEfdF3de4Vcyd_4auteEeJ3us7KXSCwldsfJOq73usZx9sHF7cxvKtJ3mkpO_td5ksn4uga1Nk8%3D\u0026request_ab2=0\u0026zoneid=6551783\u0026js_build=iclick-v1.622.1\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wih=1024\u0026wiw=1280\u0026wfc=1\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026wgl=\u0026js_build=iclick-v1.622.1\u0026bs=d604e473-b231-4191-8b4d-1569a0c9f92f\u0026userId=a54b3fba89bc4d09a1fe9ccba830cea1\u0026m=link","fqdn":"veepteero.com","domain":"veepteero.com","tld":"com"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:03.730Z","timestamp":1699217523730,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"veepteero.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Oct 2023 05:22:23 GMT","end":"Sat, 13 Jan 2024 05:22:22 GMT"},"fingerprint":{"sha1":"1A:C6:97:A2:07:05:7E:05:7E:51:8B:FD:B1:65:6D:73:73:55:0A:0A","sha256":"69:A0:9E:05:A5:CE:99:7C:E9:78:D1:28:DA:87:B5:25:1A:40:82:69:47:A6:31:A8:FF:A3:8D:B6:5F:28:52:A9"}}},"request":{"raw":"GET /?rb=npC4dmOUAdv4VjJow7jleoVeAT9r_Afg16uYefGa2H3emkiGbAJoUamRWqHVSPU9eoOpm17x3qyZ9gNQJLntpT2jKh_u3RwafKRVi7D0F-iDYYKlQoegvEQmvE5M117bFLqzMD1GE0cc1rQBKEfdF3de4Vcyd_4auteEeJ3us7KXSCwldsfJOq73usZx9sHF7cxvKtJ3mkpO_td5ksn4uga1Nk8%3D\u0026request_ab2=0\u0026zoneid=6551783\u0026js_build=iclick-v1.622.1\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wih=1024\u0026wiw=1280\u0026wfc=1\u0026pl=https%3A%2F%2Fllama.website%2FSq\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=1\u0026ix=0\u0026nw=1\u0026tb=false\u0026wgl=\u0026js_build=iclick-v1.622.1\u0026bs=d604e473-b231-4191-8b4d-1569a0c9f92f\u0026userId=a54b3fba89bc4d09a1fe9ccba830cea1\u0026m=link HTTP/1.1\r\nHost: veepteero.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llama.website/\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: application/json\r\nx-trace-id: b661d183dda04aca07952e52ee4dbf70\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\naccess-control-max-age: 86400\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nset-cookie: OAID=a54b3fba89bc4d09a1fe9ccba830cea1; expires=Mon, 04 Nov 2024 20:52:03 GMT; path=/; secure; SameSite=None\noaidts=1699217523; expires=Mon, 04 Nov 2024 20:52:03 GMT; path=/; secure; SameSite=None\nsyncedCookie=true; expires=Sun, 12 Nov 2023 20:52:03 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2162,"size_decoded":0,"mime_type":"application/json","magic":"troff or preprocessor input, ASCII text, with very long lines (2191), with no line terminators","md5":"0953fa9b0f6c0ccc7e7c6f619e196461","sha1":"22b6c57e284cfafe016b6df15343ca51b199dd15","sha256":"880f89236d98f76ca2528c75e8458447e05d98614ae66efd1ccccfbda7c84005","sha512":"c4a5f6ba3c5815446022d334fd29a6dfc694eedd94053f8f0bc78299ecbcfe290e5d6e048ec67753770cffc43e113dcc16e4682916d20a41bc4a2a8928d3fd57","ssdeep":"","tlshash":"564107d62268d510444a0d847fb6ae08604bc39b1fc1a469f2c5f3a3824f97f9a02aa8","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nuke.biz/static/frontend/libs/cookieconsent/cookieconsent.css","fqdn":"nuke.biz","domain":"nuke.biz","tld":"biz"},"ip":{"addr":"91.92.249.75","port":443,"asn":34368,"as":"Natskovi \u0026 Sie Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.154Z","timestamp":1699217522154,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nuke.biz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 18:07:19 GMT","end":"Tue, 02 Jan 2024 18:07:18 GMT"},"fingerprint":{"sha1":"54:0F:6E:6A:46:71:1E:28:8E:7B:38:D9:74:78:6F:DC:6B:50:50:8C","sha256":"54:24:02:2C:28:E9:1A:8C:69:D1:59:30:DE:25:86:45:B9:15:74:6D:EF:CD:1B:BE:02:A6:C6:75:97:CB:BC:4A"}}},"request":{"raw":"GET /static/frontend/libs/cookieconsent/cookieconsent.css HTTP/1.1\r\nHost: nuke.biz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llama.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 13 Dec 2022 04:10:38 GMT\r\netag: W/\"4973-5efadcd66cb80\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18803,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (18803), with no line terminators","md5":"a8d96b4620e71d5cdd85ea03a1ee2cc6","sha1":"825f712b1913ed2fcb95dc35ad8e5651598da8f3","sha256":"4e5a1815609e1b500701e8a9c63a4ee98c47794025a0de9bbc7b8a3fdc4419e6","sha512":"8203a6c1ddc5b05308bfb4da28e919c0f0c5209cf2abbeadfc96731cd21a2a001863e24c562261ad637f85ce6c3301a6b2310220286a6071cfad67278d4de437","ssdeep":"384:x82otQcOb2aa274KcEayQFjEfVjETezVcMlcFHlybn9:x82otQcObNa274KcElQ5E2TezPqybn9","tlshash":"f182c86cd750d1dd62abc4229ef09bad323c6129dcd24deef350fe604287add08a956c","first_seen":"2023-04-11T14:13:16Z","last_seen":"2026-05-06T20:40:01.322001Z","times_seen":383,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":142,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ibrapush.com/pfe/current/universal.min.js?v=3.1.471","fqdn":"ibrapush.com","domain":"ibrapush.com","tld":"com"},"ip":{"addr":"139.45.197.250","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:03.693Z","timestamp":1699217523693,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ibrapush.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 25 Aug 2023 05:43:35 GMT","end":"Thu, 23 Nov 2023 05:43:34 GMT"},"fingerprint":{"sha1":"3B:3D:4B:42:6B:6E:62:C4:F4:D3:DC:97:17:EF:48:8C:68:5C:58:85","sha256":"AA:D3:D2:41:41:D1:0D:72:78:07:A2:BC:C4:A2:AB:BC:A3:19:1C:89:62:3C:00:77:F3:2E:C4:37:A6:AD:7D:90"}}},"request":{"raw":"GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1\r\nHost: ibrapush.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llama.website/\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 02 Nov 2023 08:40:08 GMT\r\netag: W/\"65436068-1572c\"\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache\r\npragma: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":87852,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d46d2997ab218d1dba1ab614422ed53f","sha1":"3f1f6b9847c8ad209835db366c62fcb209b83a67","sha256":"09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42","sha512":"8042f4465f1d14c765b2e7be775ab6970bc0a5515552f5784b55beda45d192ccdc0d67be5389112be1b3728f78010c00be43010f6e8c940da9b8039c42820855","ssdeep":"1536:AtGiLDt83ZoniA34gXzFoY/T44V8zOr63UJ7lrVJszwISnKb2ZaIa51WgMP4Sd:c83A9pU4l2EISn/+78","tlshash":"7683b66af1a5fc6419e11dd7243e11814f2ea9d0fa0af870a05be5b2351210ab7f7fe4","first_seen":"2023-11-02T10:05:11Z","last_seen":"2024-08-20T21:23:47.869255Z","times_seen":2914,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veepteero.com/88/19523","fqdn":"veepteero.com","domain":"veepteero.com","tld":"com"},"ip":{"addr":"139.45.197.242","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:02.379Z","timestamp":1699217522379,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"veepteero.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Oct 2023 05:22:23 GMT","end":"Sat, 13 Jan 2024 05:22:22 GMT"},"fingerprint":{"sha1":"1A:C6:97:A2:07:05:7E:05:7E:51:8B:FD:B1:65:6D:73:73:55:0A:0A","sha256":"69:A0:9E:05:A5:CE:99:7C:E9:78:D1:28:DA:87:B5:25:1A:40:82:69:47:A6:31:A8:FF:A3:8D:B6:5F:28:52:A9"}}},"request":{"raw":"GET /88/19523 HTTP/1.1\r\nHost: veepteero.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llama.website/\r\nOrigin: https://llama.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Nov 2023 20:52:02 GMT\r\ncontent-type: application/json\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64\r\naccess-control-allow-origin: https://llama.website\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3009,"size_decoded":0,"mime_type":"application/json","magic":"troff or preprocessor input, ASCII text, with very long lines (3269), with no line terminators","md5":"7052ee19e906a9c2025a9b5aac659ecb","sha1":"ea704c8ce993a9431b75d4e462b3aa542046dec0","sha256":"40be0c1d379d22e84206638c85ebb857f7c5a2586170ceb3ad9c2d6516c96a13","sha512":"a186b020f21ca4cfaa06bf03da7fa5b7d8a62bd32995d8dd4ffa0f19d913f86908efc14036ca6a3b940704de903f71b969722397e889b12b3cc3680e0810107b","ssdeep":"","tlshash":"8d611e49e245ec9fd042046eef3e2c32939c282ab5e27c5ac6d98d4920fb0717349b0a","first_seen":"2023-11-05T21:52:26Z","last_seen":"2023-11-05T21:52:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":489,"timings":{"blocked":112,"dns":15,"connect":36,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nbfcs.org/","fqdn":"www.nbfcs.org","domain":"nbfcs.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://llama.website/Sq","date":"2023-11-05T20:52:04.820Z","timestamp":1699217524820,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.nbfcs.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T02:57:32.660445Z","times_seen":14817878,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}