{"report_id":"7eaa2af7-2b89-43b9-8b1f-71919cef8380","version":6,"status":"done","tags":["microsoft","phishing"],"date":"2023-12-01T18:50:33Z","url":{"schema":"http","addr":"pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html","fqdn":"pub-14c31667a05343c19ddf64766402b12f.r2.dev","domain":"pub-14c31667a05343c19ddf64766402b12f.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html","fqdn":"pub-14c31667a05343c19ddf64766402b12f.r2.dev","domain":"pub-14c31667a05343c19ddf64766402b12f.r2.dev","tld":"r2.dev"},"title":"Outlook Web App"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T09:40:16Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"eu.starton-ipfs.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-03-29","domain_rank":0,"first_seen":"2023-05-23 22:38:54","last_seen":"2023-12-01 03:21:11","alert_count":0,"request_count":1,"received_data":1207,"sent_data":500,"comment":"","tags":null,"fingerprints":null},{"fqdn":"image.thum.io","ip":{"addr":"54.91.120.55","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2016-02-04","domain_rank":282725,"first_seen":"2017-02-03 18:54:24","last_seen":"2023-11-30 20:51:10","alert_count":0,"request_count":1,"received_data":23056,"sent_data":536,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pub-14c31667a05343c19ddf64766402b12f.r2.dev","ip":{"addr":"104.18.2.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":3,"request_count":3,"received_data":13893,"sent_data":1573,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.74.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":12905,"first_seen":"2013-08-16 11:51:31","last_seen":"2023-12-01 08:07:42","alert_count":0,"request_count":1,"received_data":32005,"sent_data":470,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":7,"first_seen":"2015-05-10 13:11:19","last_seen":"2023-11-19 18:48:38","alert_count":0,"request_count":1,"received_data":807,"sent_data":484,"comment":"","tags":null,"fingerprints":null},{"fqdn":"t0.gstatic.com","ip":{"addr":"142.250.74.164","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2013-05-06 22:22:05","last_seen":"2023-11-30 18:46:08","alert_count":0,"request_count":2,"received_data":2002,"sent_data":1102,"comment":"","tags":null,"fingerprints":null},{"fqdn":"webmail.bourbon-online.com","ip":{"addr":"40.68.95.2","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Netherlands","country_code":"NL"},"domain_registered":"2005-02-07","domain_rank":0,"first_seen":"2017-02-06 07:58:12","last_seen":"2023-11-13 00:41:58","alert_count":0,"request_count":1,"received_data":2677,"sent_data":505,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"eu.starton-ipfs.com/ipfs/bafybeicwxropsprytiijj2s6ck44psctz4wl3czeiedcmhcckttym6z7g4","fqdn":"eu.starton-ipfs.com","domain":"starton-ipfs.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e15fa3be97020a1b2249634962fa570","sha1":"f47ca5870fd10a45899d7e0e49ead9299562224d","sha256":"0a724ccfba5e5744a95c83358ca1d1b95e3eef1fbf4c75d6d50ebc48f0b9d383","sha512":"c286f7c548d4497684edb17064963f98cabd2b2c29e5ad6aca211dfe98e805258a47820db06eb99a04ffcc7718f3878df3fb7fbf114a78e5b454c41e308af2dc","ssdeep":"6144:/hRMjBdXUXQNPV7N1WH30ZiDiNYMTkDgbAOV6GA9uQaD0wV3P8dhz4hAvATtKAhT:/ehM/5nW","tlshash":"2f44af1a4d08ff7069af07e748825f842424e767f692ec8d4a924ec3f61d7b2c59786c","size":275686,"data":"","first_seen":"2024-08-20T17:09:05.527342Z","last_seen":"2024-08-20T17:09:05.527342Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-05-08T18:53:58.244326Z","times_seen":235059,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"5267e259b95fff3b7469eccd794eaad2","sha1":"60dcd4091dd639a483a7cc6e812d670befa699b9","sha256":"438b3fe4bd7cb04b03e0469b129c5acceecdee4cc097b1ecdd4f57cf14106184","sha512":"3efc2af8735fd018ca615267ffb91b1b219151a087c942c86187e33f20b5ead957c242dae7a7efc9ea3b20bd58735d8090b8f0065e94bd73e38ad5897aaac7fd","ssdeep":"96:N9AvQ9iKIO5iy56ujK/u2lb0LAic0lCWo4qyw0lCa2nieiQn:N9AvnUl8nlp9DR9a2ieiQn","tlshash":"82b1348324eb14310757f1fe1b5bb80131b524176e00eb693e1c474a2f2ac3ae9fa5e5","size":5269,"data":"","first_seen":"2024-08-20T17:09:05.528364Z","last_seen":"2024-08-20T17:09:05.528364Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"2a1e9871541885edabf8c0bd88240ba5","sha1":"5d66ead2ef66371d7f8e688167e0919a1a6aa342","sha256":"99eb311c7f6bfa157381bed1e1defae1b8a6373f7de43c573019f21166179688","sha512":"70bb1509a6b433bcd291071480a9d45138d0fe70d31aa756b1944cd7aa88ac2f394240c9f7fc53e318faa6aeec2e0ebf558814225ca4fa8a8c79674f88a84f73","ssdeep":"768:r/lj2ZfRbeMaKEt17I23Y+b0hG+Gv9wC/:xj2DSf9TmG+Gv9wC/","tlshash":"2d231a3ba6c06500a536e779f7235b95fd970623820182253ebda7471f7582687a3fcc","size":46606,"data":"","first_seen":"2024-08-20T17:09:05.529538Z","last_seen":"2024-08-20T17:09:05.529538Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html","fqdn":"pub-14c31667a05343c19ddf64766402b12f.r2.dev","domain":"pub-14c31667a05343c19ddf64766402b12f.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.2.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-01T18:50:20.541Z","timestamp":1701456620541,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Oct 2023 17:13:53 GMT","end":"Tue, 09 Jan 2024 17:13:52 GMT"},"fingerprint":{"sha1":"91:F0:8B:D3:AA:FC:86:18:F9:F2:29:EB:98:8C:D8:5A:3A:76:5C:CF","sha256":"F3:D6:02:91:4C:11:83:7C:7C:FD:D0:A3:86:08:75:A0:37:A4:08:AF:67:24:48:AE:14:4D:D0:BA:8D:6A:19:A9"}}},"request":{"raw":"GET /uwa7.html HTTP/1.1\r\nHost: pub-14c31667a05343c19ddf64766402b12f.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 01 Dec 2023 18:50:16 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"e8a95b57a0bcced11b3c4065bfe396e4\"\r\nLast-Modified: Thu, 30 Nov 2023 06:39:40 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 82ed83c848455694-OSL\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":148,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"e8a95b57a0bcced11b3c4065bfe396e4","sha1":"fcabc9120bca2226abe84732009d1dfd8ec2af6d","sha256":"3625fc292647ac05e6262445a77dab441b3709944f74812c187c6251e4be3798","sha512":"4a167992f587f0390ae4cbb5538f462ec4a28ab3b6071dbb8471d926f07f6c1ce77828a019807fab48e9b9ce91318f46a4691b62075f9b0a8654cae92e7a94fe","ssdeep":"","tlshash":"0dc02be21c89c4413a1011c18012f5ecb140a5014800c82e0df040c312c17d81d01c31","first_seen":"2023-12-01T19:50:39Z","last_seen":"2023-12-01T19:50:39Z","times_seen":1,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":21,"dns":0,"connect":1,"send":0,"wait":348,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"pub-14c31667a05343c19ddf64766402b12f.r2.dev/Outlook%20Web%20App_files/lgnexlogo.gif","fqdn":"pub-14c31667a05343c19ddf64766402b12f.r2.dev","domain":"pub-14c31667a05343c19ddf64766402b12f.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.2.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html","date":"2023-12-01T18:50:21.605Z","timestamp":1701456621605,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Oct 2023 17:13:53 GMT","end":"Tue, 09 Jan 2024 17:13:52 GMT"},"fingerprint":{"sha1":"91:F0:8B:D3:AA:FC:86:18:F9:F2:29:EB:98:8C:D8:5A:3A:76:5C:CF","sha256":"F3:D6:02:91:4C:11:83:7C:7C:FD:D0:A3:86:08:75:A0:37:A4:08:AF:67:24:48:AE:14:4D:D0:BA:8D:6A:19:A9"}}},"request":{"raw":"GET /Outlook%20Web%20App_files/lgnexlogo.gif HTTP/1.1\r\nHost: pub-14c31667a05343c19ddf64766402b12f.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Fri, 01 Dec 2023 18:50:16 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 82ed83cec9c65694-OSL\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":6476,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (611)","md5":"df3d48946e8d3f5a83608308edbb4b86","sha1":"47b9c40c97abf2658df96b1c06109324e15e1a00","sha256":"570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499","sha512":"36ec1cec72dc3245730c813277c645525473cc5232e85cd23503b8593d90264f335e61a16d364a1e6c41922820b40ba7c0f46b19f4b91db6a0cf5e31e778ddea","ssdeep":"384:6FamwIluB0sJQqCeSQup5szCUXAG0VVi82OgoKACZQQofNJXY3gW3:663Mp5If8WOmgW3","tlshash":"6bc292dc7bf968e4a5de43aaef2831a8320ba0fb17425904f51d12142f0655cec6f6ed","first_seen":"2023-04-05T17:41:51Z","last_seen":"2025-09-17T15:21:34.980882Z","times_seen":52648,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"pub-14c31667a05343c19ddf64766402b12f.r2.dev/Outlook%20Web%20App_files/lgnbotr.gif","fqdn":"pub-14c31667a05343c19ddf64766402b12f.r2.dev","domain":"pub-14c31667a05343c19ddf64766402b12f.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.2.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html","date":"2023-12-01T18:50:21.608Z","timestamp":1701456621608,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Oct 2023 17:13:53 GMT","end":"Tue, 09 Jan 2024 17:13:52 GMT"},"fingerprint":{"sha1":"91:F0:8B:D3:AA:FC:86:18:F9:F2:29:EB:98:8C:D8:5A:3A:76:5C:CF","sha256":"F3:D6:02:91:4C:11:83:7C:7C:FD:D0:A3:86:08:75:A0:37:A4:08:AF:67:24:48:AE:14:4D:D0:BA:8D:6A:19:A9"}}},"request":{"raw":"GET /Outlook%20Web%20App_files/lgnbotr.gif HTTP/1.1\r\nHost: pub-14c31667a05343c19ddf64766402b12f.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Fri, 01 Dec 2023 18:50:16 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 82ed83ceed8f56af-OSL\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":6481,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (611)","md5":"df3d48946e8d3f5a83608308edbb4b86","sha1":"47b9c40c97abf2658df96b1c06109324e15e1a00","sha256":"570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499","sha512":"36ec1cec72dc3245730c813277c645525473cc5232e85cd23503b8593d90264f335e61a16d364a1e6c41922820b40ba7c0f46b19f4b91db6a0cf5e31e778ddea","ssdeep":"384:6FamwIluB0sJQqCeSQup5szCUXAG0VVi82OgoKACZQQofNJXY3gW3:663Mp5If8WOmgW3","tlshash":"6bc292dc7bf968e4a5de43aaef2831a8320ba0fb17425904f51d12142f0655cec6f6ed","first_seen":"2023-04-05T17:41:51Z","last_seen":"2025-09-17T15:21:34.980882Z","times_seen":52648,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":16,"dns":1,"connect":1,"send":0,"wait":66,"receive":2,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html","date":"2023-12-01T18:50:21.609Z","timestamp":1701456621609,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42","sha256":"9A:90:D4:1D:0C:D1:CA:9D:4D:19:37:44:C4:E6:E4:28:27:C0:F5:0A:9C:B4:56:89:C4:D1:8A:63:A7:01:28:54"}}},"request":{"raw":"GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31021\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Nov 2023 12:36:04 GMT\r\nexpires: Fri, 29 Nov 2024 12:36:04 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Fri, 08 May 2020 07:05:03 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 108852\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31021,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65451)","md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-05-08T18:53:58.244326Z","times_seen":235059,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":66,"dns":1,"connect":8,"send":0,"wait":8,"receive":8,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=undefined\u0026sz=64","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html","date":"2023-12-01T18:50:21.759Z","timestamp":1701456621759,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:57 GMT","end":"Mon, 15 Jan 2024 11:24:56 GMT"},"fingerprint":{"sha1":"B0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1","sha256":"8E:7A:F4:2A:73:D7:C2:C9:1E:EC:59:1E:76:11:A4:E4:8D:03:F6:64:60:A2:8A:86:33:52:6B:1D:FE:19:FA:8D"}}},"request":{"raw":"GET /s2/favicons?domain=undefined\u0026sz=64 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://undefined\u0026size=64\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Fri, 01 Dec 2023 18:50:16 GMT\r\nexpires: Fri, 01 Dec 2023 19:20:16 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 329\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":329,"size_decoded":0,"mime_type":"image/png","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with CRLF, LF line terminators","md5":"de1463eb71f54383349bc3fb9a800328","sha1":"5628dff146ba943e4482c24f26d70266558b7c6e","sha256":"096e4d5fa52a429dea2a183a79e33513872d6aee14d51e4c3af5896a99ab20b3","sha512":"10d040a42d2706747632fde838119260e801586079b2178715be5b32911d35106897f830c1df8e163e1615ace3fd1d8f6d1ba9056f4edc348a8d97dff1830db8","ssdeep":"","tlshash":"57e02d3e0c09042aa333ffa1201ed532dd28a032e91b445be0f80a1c8c44c2e03d9fa0","first_seen":"2023-10-24T01:38:13Z","last_seen":"2025-02-17T11:38:40.990094Z","times_seen":85,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":43,"dns":0,"connect":8,"send":0,"wait":19,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://undefined\u0026size=64","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-01T18:50:21.976723667Z","timestamp":1701456621976,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://undefined\u0026size=64 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 404 Not Found\r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: image/png\r\nx-content-type-options: nosniff\r\ndate: Fri, 01 Dec 2023 18:50:17 GMT\r\nserver: sffe\r\ncontent-length: 726\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":726,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b8a0bf372c762e966cc99ede8682bc71","sha1":"2d7c9b60d1e2b4f4726141de2e4ab738110b9287","sha256":"59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64","sha512":"6883c7a3f702fb3df5e698333c8a05705970fcb476a31a2008444a02122b6870de158176c86a1f6605a0783b88d3523646b4d288696e777b37cc02d5d95266ca","ssdeep":"","tlshash":"fe0165e3a34595286b870a62f4b87082162a6ae560c3c09964e4ec6e1f05168e4e5e9c","first_seen":"2023-04-05T05:54:43Z","last_seen":"2026-05-08T18:20:11.522951Z","times_seen":6861,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webmail.bourbon-online.com/owa/14.3.513.0/themes/resources/favicon.ico","fqdn":"webmail.bourbon-online.com","domain":"bourbon-online.com","tld":"com"},"ip":{"addr":"40.68.95.2","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html","date":"2023-12-01T18:50:21.763Z","timestamp":1701456621763,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.bourbon-online.com","organization":"BOURBON MANAGEMENT"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 30 Mar 2023 13:38:32 GMT","end":"Tue, 30 Apr 2024 13:38:31 GMT"},"fingerprint":{"sha1":"DD:05:12:FD:78:C8:65:A1:61:70:99:C5:2F:3D:1B:D5:88:13:22:6E","sha256":"06:A1:C7:B4:90:6C:E6:E6:A4:B7:FE:E0:A6:0F:6F:10:7E:52:67:0B:25:5F:2F:32:3B:AB:85:56:E7:45:BF:FB"}}},"request":{"raw":"GET /owa/14.3.513.0/themes/resources/favicon.ico HTTP/1.1\r\nHost: webmail.bourbon-online.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: public,max-age=2592000\r\nContent-Length: 1406\r\nContent-Type: image/x-icon\r\nLast-Modified: Thu, 10 Nov 2011 17:24:52 GMT\r\nAccept-Ranges: bytes\r\nx-ms-proxy-app-id: 2fae948a-2e1b-443c-a062-e3f3eec07536\r\nx-ms-proxy-group-id: cf763f30-62e8-43e4-b3aa-abc5f7c8224a\r\nx-ms-proxy-subscription-id: d30c28fe-0ba2-40bd-b498-76d8fa33a04d\r\nx-ms-proxy-transaction-id: c4abd6a3-5c45-4868-8751-16a3b184aebe\r\nx-ms-proxy-service-name: proxy-appproxy-WEUR-AMS02P-2\r\nx-ms-proxy-data-center: WEUR\r\nx-ms-proxy-connector-id: a705a5e9-bb98-4974-9868-bc8c215b2a5f\r\nEtag: \"08ad8a7cd9fcc1:0\"\r\nSet-Cookie: OutlookSession=05d687d255a1443184cbb71ff65922b4; path=/; secure; HttpOnly\nAzureAppProxyAnalyticCookie_2fae948a-2e1b-443c-a062-e3f3eec07536_https_1.3=4|hF8cSgdJGD1EJsMGZzgM6C/E2/TO7ZCo1m+asdjs/gEz8cBZDyW2f3ofwh9LSmxcZGLfBoPUfC4A06B7ta9Jmj07MKfqaSLz66t7e/Le66tMPKb807aqVAEuJOll+JK553X1QiqtHdDjBeyNBQoKXA==; path=/; Secure; SameSite=None\r\nX-Powered-By: ASP.NET\r\nX-Server: EXC-02\r\nNel: {\"report_to\":\"network-errors\",\"max_age\":86400,\"success_fraction\":0.2,\"failure_fraction\":1.0}\r\nReport-To: {\"group\":\"network-errors\",\"max_age\":86400,\"endpoints\":[{\"url\":\"https://ffde.nelreports.net/api/report?cat=proxy-appproxy-WEUR-AMS02P-2\"}]}\r\nDate: Fri, 01 Dec 2023 18:50:16 GMT\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16\\012- data","md5":"87b56a9674f5479f749f4f2f5dd4e80d","sha1":"a4db42c95d77dc2ef14861da3dd2983d2f9bd634","sha256":"1e364b08a7d3f51e1046cf8d84bce2eb1731272287dab854c728896f474769b1","sha512":"f2936d54f06f237b8e84837554c68c8a2d62b5025ac1626bb32011d6e0c0286f6ae57e76017e4ff4f0de7567a6b3819fe285303f712c79a110b9f0b93c3704b7","ssdeep":"","tlshash":"79212bb2b7c8c19ac769cb74906f9153d3a0991589e8662ed821e95eec0f8180d06dd1","first_seen":"2023-07-31T21:38:22Z","last_seen":"2024-08-21T03:40:57.062348Z","times_seen":69,"resource_available":false,"data":null}},"time_used":626,"timings":{"blocked":0,"dns":483,"connect":24,"send":0,"wait":59,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"eu.starton-ipfs.com/ipfs/bafybeicwxropsprytiijj2s6ck44psctz4wl3czeiedcmhcckttym6z7g4","fqdn":"eu.starton-ipfs.com","domain":"starton-ipfs.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html","date":"2023-12-01T18:50:21.172Z","timestamp":1701456621172,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"starton-ipfs.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 21 Nov 2023 13:20:13 GMT","end":"Mon, 19 Feb 2024 13:20:12 GMT"},"fingerprint":{"sha1":"07:7E:C7:A6:30:D0:30:2C:14:C0:2C:3B:D0:02:0E:B3:14:0D:0F:E3","sha256":"49:C3:C9:6B:B3:B3:0E:C0:E8:FE:7E:0D:0E:A5:16:5A:7C:10:CD:5D:70:1D:82:D6:CA:81:D9:02:2A:B0:70:68"}}},"request":{"raw":"GET /ipfs/bafybeicwxropsprytiijj2s6ck44psctz4wl3czeiedcmhcckttym6z7g4 HTTP/1.1\r\nHost: eu.starton-ipfs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 01 Dec 2023 18:50:16 GMT\r\ncontent-type: text/plain; charset=utf-8\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\ncache-control: public, max-age=29030400, immutable\r\netag: W/\"bafybeicwxropsprytiijj2s6ck44psctz4wl3czeiedcmhcckttym6z7g4\"\r\nx-ipfs-path: /ipfs/bafybeicwxropsprytiijj2s6ck44psctz4wl3czeiedcmhcckttym6z7g4\r\nx-ipfs-roots: bafybeicwxropsprytiijj2s6ck44psctz4wl3czeiedcmhcckttym6z7g4\r\nx-kong-upstream-latency: 9\r\nx-kong-proxy-latency: 0\r\nvia: kong/3.2.2.1-enterprise-edition\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=jwUqAxStiXIGxOXtFhWT2eZMK3ohVLQlGf84Be9OBtyb1h5zgVr0Um43l5T2AUkJOzZrBvDPIzyQBe3xf7mK7NDE9VWb18nmkp%2FXfXvu3ku92Fquf59MmrSz9nK09Mtuz6IW3Dk2\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82ed83cc7f03b4f1-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T18:53:18.621705Z","times_seen":14853073,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":63,"dns":30,"connect":1,"send":0,"wait":86,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"image.thum.io/get/65490-1671030344805-37a36e07674665dbe1105f1044aab44d/width/1200/https://undefined","fqdn":"image.thum.io","domain":"thum.io","tld":"io"},"ip":{"addr":"54.91.120.55","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html","date":"2023-12-01T18:50:21.765Z","timestamp":1701456621765,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.thum.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 24 Sep 2023 00:00:00 GMT","end":"Tue, 22 Oct 2024 23:59:59 GMT"},"fingerprint":{"sha1":"07:A3:2D:21:8F:4E:98:41:CF:71:06:8A:8A:92:CF:EA:7F:05:ED:03","sha256":"A5:90:E9:BE:4D:D0:91:B1:02:EA:A1:A8:1B:F5:03:AF:6D:F8:69:E1:F3:E4:72:C9:8E:F3:5F:0C:A5:9A:90:AA"}}},"request":{"raw":"GET /get/65490-1671030344805-37a36e07674665dbe1105f1044aab44d/width/1200/https://undefined HTTP/1.1\r\nHost: image.thum.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 01 Dec 2023 18:50:17 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\nexpires: Sat, 02 Dec 2023 18:50:17 GMT\r\nthum_status_code: 0\r\ncontent-disposition: inline; filename= \"undefined.png\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22778,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 1200, 8-bit/color RGB, non-interlaced\\012- data","md5":"7774382410a95e5866c80f5fab7c2829","sha1":"bd8fc7f10732861a35fb5dc9f62f859eaed67c22","sha256":"b6951484dc910eaeb1d65744b0e44c43575fe09fde37a355638b283b75a298df","sha512":"c926adc50e26c1bebad6efa0928187ef5167030fd1bedfcdfac55e7ec0bd257e6b6b022d9ce3196cd44da823fdc74e253884ceea8b77df802d826d0e166da657","ssdeep":"384:d1VFQr+gJSoj84G8aBafRnCT+8fXHXL2IG:dLWr+wbFaBapnCTZPL2IG","tlshash":"5ca293d7968b13438168159ec2263cb0b1a11fc3ed71ae64b24f1fdc6ca42d57732ba2","first_seen":"2023-10-27T01:21:52Z","last_seen":"2024-08-20T22:17:26.832751Z","times_seen":83,"resource_available":false,"data":null}},"time_used":1354,"timings":{"blocked":618,"dns":29,"connect":100,"send":0,"wait":119,"receive":0,"ssl":486},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://undefined\u0026size=64","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html","date":"2023-12-01T18:50:21.940Z","timestamp":1701456621940,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:18:24 GMT","end":"Mon, 15 Jan 2024 11:18:23 GMT"},"fingerprint":{"sha1":"4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95","sha256":"15:CB:A2:CE:4B:FE:61:1E:1A:B7:EA:EF:89:4D:AC:02:D4:54:5E:C6:82:ED:66:53:FC:05:C1:2F:71:78:EA:AE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://undefined\u0026size=64 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: image/png\r\nx-content-type-options: nosniff\r\ndate: Fri, 01 Dec 2023 18:50:17 GMT\r\nserver: sffe\r\ncontent-length: 726\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":726,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b8a0bf372c762e966cc99ede8682bc71","sha1":"2d7c9b60d1e2b4f4726141de2e4ab738110b9287","sha256":"59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64","sha512":"6883c7a3f702fb3df5e698333c8a05705970fcb476a31a2008444a02122b6870de158176c86a1f6605a0783b88d3523646b4d288696e777b37cc02d5d95266ca","ssdeep":"","tlshash":"fe0165e3a34595286b870a62f4b87082162a6ae560c3c09964e4ec6e1f05168e4e5e9c","first_seen":"2023-04-05T05:54:43Z","last_seen":"2026-05-08T18:20:11.522951Z","times_seen":6861,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}