{"report_id":"9f14d804-74ef-4b5e-a364-9ccf44e48c82","version":6,"status":"done","tags":[],"date":"2024-08-14T16:45:14Z","url":{"schema":"http","addr":"unquestionableclean.com/act/ive/%7BRANDOM_NUMBER13%7D/Q1JvbGxvQEZpdmVIb3VyLmNvbQ==?af_ad=crm_nl_PDA_SneakPeek_NP_X_290124__\u0026af_adset=email\u0026is_retargeting=true\u0026pid=CRM","fqdn":"unquestionableclean.com","domain":"unquestionableclean.com","tld":"com"},"ip":{"addr":"103.83.194.55","port":0,"asn":393960,"as":"HOST4GEEKS-LLC","country":"India","country_code":"IN"},"final":{"url":{"schema":"https","addr":"google.com/404/#CRollo@FiveHour.com","fqdn":"google.com","domain":"google.com","tld":"com"},"title":"Error 404 (Not Found)!!1"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-24T23:59:47Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":3,"received_data":2663,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"unquestionableclean.com","ip":{"addr":"103.83.194.55","port":0,"asn":393960,"as":"HOST4GEEKS-LLC","country":"India","country_code":"IN"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":1,"received_data":318,"sent_data":620,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ntsam80.buzz","ip":{"addr":"172.67.193.16","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":2,"received_data":3242,"sent_data":1618,"comment":"","tags":null,"fingerprints":null},{"fqdn":"google.com","ip":{"addr":"216.58.207.206","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"","domain_rank":1,"first_seen":"","last_seen":"","alert_count":0,"request_count":3,"received_data":4249,"sent_data":1608,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":2,"received_data":1398,"sent_data":650,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"","domain_rank":7,"first_seen":"","last_seen":"","alert_count":0,"request_count":3,"received_data":13045,"sent_data":1436,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":5,"received_data":4439,"sent_data":1635,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-08-14T16:44:47Z","timestamp":1723653887,"ip_dst":{"addr":"44.221.84.105","port":799,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":43052,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"high","alert":"ETPRO MALWARE Backdoor.Win32/Bdaejec.A Checkin","source":"{\"timestamp\":\"2024-08-14T16:44:47.328534+0000\",\"flow_id\":1803984475749208,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":43052,\"dest_ip\":\"44.221.84.105\",\"dest_port\":799,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2807908,\"rev\":5,\"signature\":\"ETPRO MALWARE Backdoor.Win32/Bdaejec.A Checkin\",\"category\":\"Malware Command and Control Activity Detected\",\"severity\":1,\"metadata\":{\"created_at\":[\"2014_03_31\"],\"updated_at\":[\"2020_09_14\"]}},\"http\":{\"hostname\":\"ddos.dnsnb8.net\",\"http_port\":799,\"url\":\"/cj/k5.rar\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":6,\"bytes_toserver\":739,\"bytes_toclient\":372,\"start\":\"2024-08-14T16:39:55.097112+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:49.51321313Z","timestamp":1723653889513,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"8902058E383C2F43751417E1AF1D582F7A16CE0B6FC180AB20CBC76C4B00F914\"\r\nLast-Modified: Wed, 14 Aug 2024 12:55:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7819\r\nExpires: Wed, 14 Aug 2024 18:55:08 GMT\r\nDate: Wed, 14 Aug 2024 16:44:49 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"686480d25645ac2aca7a99974693a82f","sha1":"55ca9d53bd758d2afc75e8a9b59c656ff26a3f70","sha256":"8902058e383c2f43751417e1af1d582f7a16ce0b6fc180ab20cbc76c4b00f914","sha512":"65af6a10b322fb730377c398ae9185f820a73b8bc5f6488927d2664e39fbb75979a13ec0932cbc3734ae938d530328c525b750e9c0d48413a5d512295610148c","ssdeep":"","tlshash":"1cf0750e15196a6410a18c694ffcc8b30031b451309f316bdd4c54f53021bff098410d","first_seen":"2024-08-14T14:57:02Z","last_seen":"2024-08-19T13:21:13.094181Z","times_seen":48873,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:49.522657184Z","timestamp":1723653889522,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A5DC8C5B994299DA9E84F8285EC6D80BECA382C792FBDCF8E67201148AAD2269\"\r\nLast-Modified: Tue, 13 Aug 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18107\r\nExpires: Wed, 14 Aug 2024 21:46:36 GMT\r\nDate: Wed, 14 Aug 2024 16:44:49 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"38ec58de07b1016bd9b813c7eda301e9","sha1":"c37f1517a0074a1de19e1dd4fb2f12a0b59c6ce3","sha256":"a5dc8c5b994299da9e84f8285ec6d80beca382c792fbdcf8e67201148aad2269","sha512":"1f40998f56093ff220181a27016cfb293f7c5a86aae8d6824f7d58454fade2ae6c947d2d38df5a23e60f04f76ec9900b342e39e78405e7fe79b2f69350d947c8","ssdeep":"","tlshash":"3cf0201311cebc7067ec51818aa4c20a09288eb92c860ed2384082a0580036884c458c","first_seen":"2024-08-14T08:03:37Z","last_seen":"2024-08-19T13:23:00.293541Z","times_seen":12815,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:50.013513311Z","timestamp":1723653890013,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CB805178E24A0E3DC60B6CC58BEA299C339E1C8760D532D166DBF136C7A86459\"\r\nLast-Modified: Tue, 13 Aug 2024 18:26:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5220\r\nExpires: Wed, 14 Aug 2024 18:11:50 GMT\r\nDate: Wed, 14 Aug 2024 16:44:50 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c3ed27cd211b1e3affab6fe9e39f4c79","sha1":"4587e7d95e174bdb02bb96aae17ce0a40d205c56","sha256":"cb805178e24a0e3dc60b6cc58bea299c339e1c8760d532d166dbf136c7a86459","sha512":"2273e2882ad5785de2a432847a690303a542a7e3d34e4a57aba9aac57b133b9e8e0911b081fcf57b6a61fade9dc7a1a4e0e69984866486625fe2244fa1ddfe37","ssdeep":"","tlshash":"95f00e5716efb555fe2a5d306beccb2a0e10fdb92050a5f530d091d17c99bf488d2888","first_seen":"2024-08-14T17:21:48Z","last_seen":"2024-08-19T13:20:27.620435Z","times_seen":1767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"unquestionableclean.com/act/ive/%7BRANDOM_NUMBER13%7D/Q1JvbGxvQEZpdmVIb3VyLmNvbQ==?af_ad=crm_nl_PDA_SneakPeek_NP_X_290124__\u0026af_adset=email\u0026is_retargeting=true\u0026pid=CRM","fqdn":"unquestionableclean.com","domain":"unquestionableclean.com","tld":"com"},"ip":{"addr":"103.83.194.55","port":0,"asn":393960,"as":"HOST4GEEKS-LLC","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:50.150619344Z","timestamp":1723653890150,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /act/ive/%7BRANDOM_NUMBER13%7D/Q1JvbGxvQEZpdmVIb3VyLmNvbQ==?af_ad=crm_nl_PDA_SneakPeek_NP_X_290124__\u0026af_adset=email\u0026is_retargeting=true\u0026pid=CRM HTTP/1.1\r\nHost: unquestionableclean.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 14 Aug 2024 16:44:50 GMT\r\nServer: Apache\r\nrefresh: 0;url=https://ntsam80.buzz/n/?c3Y9bzM2NV8xX25vbSZyYW5kPVVVUnpaM2s9JnVpZD1VU0VSMTQwODIwMjRVMDgwODE0Mzc=#CRollo@FiveHour.com\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-04T21:49:00.154331Z","times_seen":16123915,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:50.619879168Z","timestamp":1723653890619,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"62ACC6047405E1E5E89C898325A6F5BA2D9F993214648DC9E50CF0D4F5AA9BAA\"\r\nLast-Modified: Tue, 13 Aug 2024 18:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17978\r\nExpires: Wed, 14 Aug 2024 21:44:28 GMT\r\nDate: Wed, 14 Aug 2024 16:44:50 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"e4a9f1133ab7ff8fdfec972dc9d80181","sha1":"2a253964c7b022d903b90b57585333f32f730527","sha256":"62acc6047405e1e5e89c898325a6f5ba2d9f993214648dc9e50cf0d4f5aa9baa","sha512":"ff4caa233cfb73b8d7263ab83a94567daf14edefcd5fd1c6eb16fcabfb01afa146db3d639caa64ee91202ce0bcb065f4eea9339a5fa37094c31796895d62cb75","ssdeep":"","tlshash":"46f00eda21faf88167e09185aaecd4622c20b56d385045d9149c06eb94807c59e598de","first_seen":"2024-08-14T03:08:11Z","last_seen":"2024-08-19T13:24:19.880186Z","times_seen":16024,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ntsam80.buzz/n/?c3Y9bzM2NV8xX25vbSZyYW5kPVVVUnpaM2s9JnVpZD1VU0VSMTQwODIwMjRVMDgwODE0Mzc=","fqdn":"ntsam80.buzz","domain":"ntsam80.buzz","tld":"buzz"},"ip":{"addr":"172.67.193.16","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:52.204935602Z","timestamp":1723653892204,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"POST /n/?c3Y9bzM2NV8xX25vbSZyYW5kPVVVUnpaM2s9JnVpZD1VU0VSMTQwODIwMjRVMDgwODE0Mzc= HTTP/1.1\r\nHost: ntsam80.buzz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 111469\r\nOrigin: https://ntsam80.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ntsam80.buzz/n/?c3Y9bzM2NV8xX25vbSZyYW5kPVVVUnpaM2s9JnVpZD1VU0VSMTQwODIwMjRVMDgwODE0Mzc=\r\nCookie: _cid=135947033aeee0a33b746ad99bbf2a91\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 302 Found\r\ndate: Wed, 14 Aug 2024 16:44:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://google.com/404/\r\nx-powered-by: PHP/8.0.30\r\ncache-control: no-store\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=gf7RVnAOp2es3R4s2fQAXUlKjwYKE9Gb7XKooI5REOPizHDfDXAvtmzcEbD3cuuKmf18lfFSUyxHaFk9xR2NMA8on3TtT0p3XHgIR5hMSUgj0m03OBwhvWBKAxXANa8%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8b3269743e85569c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"b89424bb626b300ff7adfa1161c6de25","sha1":"7796796fcaf3a7d189778e7d6f2ced532002d8a7","sha256":"c3a38c2962568975563281bb01bfad14d2a3b2ed79cd6ad89cc37fa742f4b7c2","sha512":"1c67cfc69ce5e244c3e12863e2c3ffbe5aca1fa55c119d9262378454442da4509e53abdb4c40febde8ad34d3b72dcfe3a579a3bfd79e49cfd1d2ee3cbd27aee9","ssdeep":"","tlshash":"6df0230418fa39e50d5eac35fffef0195910dc6a2c6c2542233889407456ffb9d5023b","first_seen":"2024-08-13T18:03:32Z","last_seen":"2024-08-19T13:34:44.073108Z","times_seen":1200,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"google.com/404/","fqdn":"google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.206","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:52.320753462Z","timestamp":1723653892320,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /404/ HTTP/1.1\r\nHost: google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ntsam80.buzz/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=UTF-8\r\nreferrer-policy: no-referrer\r\ncontent-length: 1565\r\ndate: Wed, 14 Aug 2024 16:44:52 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1565,"size_decoded":1565,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1136)","md5":"bc0ad2db3272298238c3933ea0d944d1","sha1":"ccb1767caf616c73513dc921cd3f5da072582a77","sha256":"0a6ad5109827eff80f61f2106f29d9fb38ce486fa397551e506bf5b6ed861f36","sha512":"064388fd474e86ecb2d17082c79f6c9232db605f62979598d9ea525600b8f9786716b758220d7c3ecc116e8e84af8bb6ab6297c4005bcef26e69dd64f4d61a72","ssdeep":"","tlshash":"c131977fadcd209fa82fc0e194d3911461568dc1f355cbde674dd639e4a9a4910339c8","first_seen":"2024-06-02T00:55:59Z","last_seen":"2026-06-04T18:36:01.238897Z","times_seen":21493,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:52.501484598Z","timestamp":1723653892501,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 14 Aug 2024 16:44:52 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"b89424bb626b300ff7adfa1161c6de25","sha1":"7796796fcaf3a7d189778e7d6f2ced532002d8a7","sha256":"c3a38c2962568975563281bb01bfad14d2a3b2ed79cd6ad89cc37fa742f4b7c2","sha512":"1c67cfc69ce5e244c3e12863e2c3ffbe5aca1fa55c119d9262378454442da4509e53abdb4c40febde8ad34d3b72dcfe3a579a3bfd79e49cfd1d2ee3cbd27aee9","ssdeep":"","tlshash":"6df0230418fa39e50d5eac35fffef0195910dc6a2c6c2542233889407456ffb9d5023b","first_seen":"2024-08-13T18:03:32Z","last_seen":"2024-08-19T13:34:44.073108Z","times_seen":1200,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:52.6004337Z","timestamp":1723653892600,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 14 Aug 2024 16:44:52 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"a76c168cb62683f5006d24aa07c4756b","sha1":"823de448ac59ef1bef0d8b9bb3c47a67ed7fc291","sha256":"d4cfeab02a4e10ed5c94197e50c9419990bdf556cc00c73de793f4c99c718f02","sha512":"bf35070dcadfd5959ffd2510256d30df4ffb09c85acd1389297c8c07d011da2a3a13035cb7936cae6d756d69eaa17566fdb7f36e755d9b1d2e01f058ff82fc3b","ssdeep":"","tlshash":"97f0dca43fbe2c92097359c816d9cabeb9944798343ba40d933db3cc01cd3bdd919628","first_seen":"2024-08-13T18:04:44Z","last_seen":"2024-08-19T13:34:47.193543Z","times_seen":1250,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/images/errors/robot.png","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://google.com/404/#CRollo@FiveHour.com","date":"2024-08-14T16:44:52.546Z","timestamp":1723653892546,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Jul 2024 12:50:13 GMT","end":"Tue, 22 Oct 2024 12:50:12 GMT"},"fingerprint":{"sha1":"78:90:10:00:62:E9:32:D2:E2:99:72:73:B5:44:27:CB:98:2E:AD:29","sha256":"96:99:9E:F1:9A:E0:E2:25:0C:DC:32:0C:88:75:C1:B6:E9:E4:76:67:BD:EA:99:00:F9:2B:CB:EB:C3:B3:04:EA"}}},"request":{"raw":"GET /images/errors/robot.png HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"static-on-bigtable\"\r\nreport-to: {\"group\":\"static-on-bigtable\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/static-on-bigtable\"}]}\r\ncontent-length: 6327\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 10 Aug 2024 02:58:04 GMT\r\nexpires: Sun, 10 Aug 2025 02:58:04 GMT\r\ncache-control: public, max-age=31536000\r\nage: 395208\r\nlast-modified: Tue, 22 Oct 2019 18:30:00 GMT\r\ncontent-type: image/png\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6327,"size_decoded":6327,"mime_type":"image/png","magic":"PNG image data, 171 x 213, 8-bit colormap, non-interlaced","md5":"4c9acf280b47cef7def3fc91a34c7ffe","sha1":"c32bb847daf52117ab93b723d7c57d8b1e75d36b","sha256":"5f9fc5b3fbddf0e72c5c56cdcfc81c6e10c617d70b1b93fbe1e4679a8797bff7","sha512":"369d5888e0d19b46cb998ea166d421f98703aec7d82a02dc7ae10409aec253a7ce099d208500b4e39779526219301c66c2fd59fe92170b324e70cf63ce2b429c","ssdeep":"192:fqjwqVtaVHyEy9BWc2AwJ+3qg1f6WUBIT8mIKPNc93Y8Nm:Yk3WBkAkg1CWUCwmIKS93O","tlshash":"b3d19e286386813b8d4bc3524fc9aee151b18f971d5ee2c1921d72c80379298f95be83","first_seen":"2023-05-01T02:40:19Z","last_seen":"2026-06-04T18:36:28.132591Z","times_seen":30448,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":55,"dns":1,"connect":8,"send":0,"wait":9,"receive":1,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://google.com/404/#CRollo@FiveHour.com","date":"2024-08-14T16:44:52.549Z","timestamp":1723653892549,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Jul 2024 12:50:13 GMT","end":"Tue, 22 Oct 2024 12:50:12 GMT"},"fingerprint":{"sha1":"78:90:10:00:62:E9:32:D2:E2:99:72:73:B5:44:27:CB:98:2E:AD:29","sha256":"96:99:9E:F1:9A:E0:E2:25:0C:DC:32:0C:88:75:C1:B6:E9:E4:76:67:BD:EA:99:00:F9:2B:CB:EB:C3:B3:04:EA"}}},"request":{"raw":"GET /images/branding/googlelogo/1x/googlelogo_color_150x54dp.png HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"static-on-bigtable\"\r\nreport-to: {\"group\":\"static-on-bigtable\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/static-on-bigtable\"}]}\r\ncontent-length: 3170\r\ndate: Wed, 14 Aug 2024 16:44:52 GMT\r\nexpires: Wed, 14 Aug 2024 16:44:52 GMT\r\ncache-control: private, max-age=31536000\r\nlast-modified: Tue, 22 Oct 2019 18:30:00 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3170,"size_decoded":3170,"mime_type":"image/png","magic":"PNG image data, 150 x 54, 8-bit/color RGBA, non-interlaced","md5":"9d73b3aa30bce9d8f166de5178ae4338","sha1":"d0cbc46850d8ed54625a3b2b01a2c31f37977e75","sha256":"dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139","sha512":"8e55d1677cdbfe9db6700840041c815329a57df69e303adc1f994757c64100fe4a3a17e86ef4613f4243e29014517234debfbcee58dab9fc56c81dd147fdc058","ssdeep":"","tlshash":"3a516c9f7ed492b7cb5bb78d45832410450f0cf60b1b0de9d8f089098c2c4873115eb9","first_seen":"2023-04-05T07:39:29Z","last_seen":"2026-06-04T19:42:55.27807Z","times_seen":50808,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":61,"dns":0,"connect":21,"send":0,"wait":24,"receive":1,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"google.com/favicon.ico","fqdn":"google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.206","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://google.com/404/#CRollo@FiveHour.com","date":"2024-08-14T16:44:52.699Z","timestamp":1723653892699,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Jul 2024 12:32:53 GMT","end":"Tue, 22 Oct 2024 12:32:52 GMT"},"fingerprint":{"sha1":"A9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69","sha256":"06:5E:3B:66:39:0A:5D:3C:7C:E5:1F:27:34:24:42:60:64:53:B3:D9:8E:4D:4E:97:F5:B7:08:B5:9D:19:0A:0A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 Moved Permanently\r\nlocation: https://www.google.com/favicon.ico\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nserver: sffe\r\ncontent-length: 231\r\nx-xss-protection: 0\r\ndate: Wed, 14 Aug 2024 16:38:51 GMT\r\nexpires: Wed, 14 Aug 2024 17:08:51 GMT\r\ncache-control: public, max-age=1800\r\ncontent-type: text/html; charset=UTF-8\r\nage: 361\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":231,"size_decoded":231,"mime_type":"","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"6d21a983a522362d451dcd2e625ea898","sha1":"0806e71eff8516f0afb4bdd2667e0b4c69483e90","sha256":"5703b7184d02200a0e369e70479bb41064b5c3cb2731ce9ae03080122ac9a6ce","sha512":"740243eceae4c2a10ece1968099cb1bbed96bbcce7c06acfeb36d8b3e4173f08d1c828b0a19e2db383d9915bdcac566edd067e5c96991e11c184ff7e2caa62ac","ssdeep":"","tlshash":"76d0a9be1c0e582b6793fa65746a9435cc266001da6a888b82fa086908d8d7e01c2ac0","first_seen":"2023-04-05T23:11:34Z","last_seen":"2025-02-27T20:31:52.720557Z","times_seen":1380,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/favicon.ico","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://google.com/404/#CRollo@FiveHour.com","date":"2024-08-14T16:44:52.720Z","timestamp":1723653892720,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Jul 2024 12:32:53 GMT","end":"Tue, 22 Oct 2024 12:32:52 GMT"},"fingerprint":{"sha1":"A9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69","sha256":"06:5E:3B:66:39:0A:5D:3C:7C:E5:1F:27:34:24:42:60:64:53:B3:D9:8E:4D:4E:97:F5:B7:08:B5:9D:19:0A:0A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"static-on-bigtable\"\r\nreport-to: {\"group\":\"static-on-bigtable\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/static-on-bigtable\"}]}\r\ncontent-length: 1494\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 14 Aug 2024 14:56:25 GMT\r\nexpires: Thu, 22 Aug 2024 14:56:25 GMT\r\ncache-control: public, max-age=691200\r\nlast-modified: Tue, 22 Oct 2019 18:30:00 GMT\r\ncontent-type: image/x-icon\r\nvary: Accept-Encoding\r\nage: 6507\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1494,"size_decoded":5430,"mime_type":"","magic":"MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"f3418a443e7d841097c714d69ec4bcb8","sha1":"49263695f6b0cdd72f45cf1b775e660fdc36c606","sha256":"6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770","sha512":"82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563","ssdeep":"48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B","tlshash":"65b1b8b7e6c63030c85805bc49373a6d1e1b6ee31a9cf064fecc326a1a320d175256be","first_seen":"2023-04-05T04:39:39Z","last_seen":"2026-06-04T20:42:55.210075Z","times_seen":78453,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:52.746292428Z","timestamp":1723653892746,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942\"\r\nLast-Modified: Mon, 12 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20567\r\nExpires: Wed, 14 Aug 2024 22:27:39 GMT\r\nDate: Wed, 14 Aug 2024 16:44:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"77619f0113a62e8c4c44f195901b385c","sha1":"1e1a5e3768ca683e66667aa14efa7042df57ee2f","sha256":"520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942","sha512":"459cb24749852faa2cc051ed3001e7591e96899f52c68d761e7a7e9539f87881e58e3a6e3df41df0c01f15106d8c097f8a658ab7f7ac31212afbbffc19ac658d","ssdeep":"","tlshash":"7ff054800d6174120f1508eb96ddc1330930db7414f039f34a9c23e52c79fbe8a4052d","first_seen":"2024-08-12T23:20:08Z","last_seen":"2024-08-19T13:41:24.292342Z","times_seen":47316,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:52.758365304Z","timestamp":1723653892758,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942\"\r\nLast-Modified: Mon, 12 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20567\r\nExpires: Wed, 14 Aug 2024 22:27:39 GMT\r\nDate: Wed, 14 Aug 2024 16:44:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"77619f0113a62e8c4c44f195901b385c","sha1":"1e1a5e3768ca683e66667aa14efa7042df57ee2f","sha256":"520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942","sha512":"459cb24749852faa2cc051ed3001e7591e96899f52c68d761e7a7e9539f87881e58e3a6e3df41df0c01f15106d8c097f8a658ab7f7ac31212afbbffc19ac658d","ssdeep":"","tlshash":"7ff054800d6174120f1508eb96ddc1330930db7414f039f34a9c23e52c79fbe8a4052d","first_seen":"2024-08-12T23:20:08Z","last_seen":"2024-08-19T13:41:24.292342Z","times_seen":47316,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:52.764254931Z","timestamp":1723653892764,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942\"\r\nLast-Modified: Mon, 12 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20567\r\nExpires: Wed, 14 Aug 2024 22:27:39 GMT\r\nDate: Wed, 14 Aug 2024 16:44:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"77619f0113a62e8c4c44f195901b385c","sha1":"1e1a5e3768ca683e66667aa14efa7042df57ee2f","sha256":"520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942","sha512":"459cb24749852faa2cc051ed3001e7591e96899f52c68d761e7a7e9539f87881e58e3a6e3df41df0c01f15106d8c097f8a658ab7f7ac31212afbbffc19ac658d","ssdeep":"","tlshash":"7ff054800d6174120f1508eb96ddc1330930db7414f039f34a9c23e52c79fbe8a4052d","first_seen":"2024-08-12T23:20:08Z","last_seen":"2024-08-19T13:41:24.292342Z","times_seen":47316,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T16:44:52.765931504Z","timestamp":1723653892765,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942\"\r\nLast-Modified: Mon, 12 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20567\r\nExpires: Wed, 14 Aug 2024 22:27:39 GMT\r\nDate: Wed, 14 Aug 2024 16:44:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"77619f0113a62e8c4c44f195901b385c","sha1":"1e1a5e3768ca683e66667aa14efa7042df57ee2f","sha256":"520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942","sha512":"459cb24749852faa2cc051ed3001e7591e96899f52c68d761e7a7e9539f87881e58e3a6e3df41df0c01f15106d8c097f8a658ab7f7ac31212afbbffc19ac658d","ssdeep":"","tlshash":"7ff054800d6174120f1508eb96ddc1330930db7414f039f34a9c23e52c79fbe8a4052d","first_seen":"2024-08-12T23:20:08Z","last_seen":"2024-08-19T13:41:24.292342Z","times_seen":47316,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"google.com/404/","fqdn":"google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.206","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-14T16:44:52.142Z","timestamp":1723653892142,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Jul 2024 12:32:53 GMT","end":"Tue, 22 Oct 2024 12:32:52 GMT"},"fingerprint":{"sha1":"A9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69","sha256":"06:5E:3B:66:39:0A:5D:3C:7C:E5:1F:27:34:24:42:60:64:53:B3:D9:8E:4D:4E:97:F5:B7:08:B5:9D:19:0A:0A"}}},"request":{"raw":"GET /404/ HTTP/1.1\r\nHost: google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ntsam80.buzz/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=UTF-8\r\nreferrer-policy: no-referrer\r\ncontent-length: 1565\r\ndate: Wed, 14 Aug 2024 16:44:52 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1565,"size_decoded":1565,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1574), with no line terminators","md5":"6ca478ad4b8d6671394c23a4833b9959","sha1":"e9f59a18302746528b4a7542278193993d624dd3","sha256":"ee269e07bcf98c99bb1f86af6ba7956d09c553b6f0805fd72ad92f610148ee11","sha512":"3b2c310b05d88b8e8c76e926d6be77e10cdb295f1ad9b099d07768c4a52c88cce62050601c064ee96f768f1379e6efb1e9d94f5d119a9109f4f73f99c50ee935","ssdeep":"","tlshash":"7b3195bf7ccd209f682fc0e1a8c3a11851564dc1b315cbde770cd638a09694910339c4","first_seen":"2024-06-10T17:42:00Z","last_seen":"2025-04-06T12:13:37.365739Z","times_seen":995,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":65,"dns":0,"connect":8,"send":0,"wait":111,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ntsam80.buzz/n/?c3Y9bzM2NV8xX25vbSZyYW5kPVVVUnpaM2s9JnVpZD1VU0VSMTQwODIwMjRVMDgwODE0Mzc=","fqdn":"ntsam80.buzz","domain":"ntsam80.buzz","tld":"buzz"},"ip":{"addr":"172.67.193.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-14T16:44:51.245Z","timestamp":1723653891245,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ntsam80.buzz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Aug 2024 05:34:19 GMT","end":"Sun, 10 Nov 2024 05:34:18 GMT"},"fingerprint":{"sha1":"37:6C:D3:AF:BB:C1:71:47:6B:BA:95:C0:CB:55:62:F1:61:E3:67:64","sha256":"D0:B8:7A:58:88:48:7C:37:AD:E9:EE:D4:AE:71:C3:76:D9:11:86:F5:03:80:C8:CE:B4:13:5F:9F:91:BF:BD:FD"}}},"request":{"raw":"POST /n/?c3Y9bzM2NV8xX25vbSZyYW5kPVVVUnpaM2s9JnVpZD1VU0VSMTQwODIwMjRVMDgwODE0Mzc= HTTP/1.1\r\nHost: ntsam80.buzz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 111469\r\nOrigin: https://ntsam80.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ntsam80.buzz/n/?c3Y9bzM2NV8xX25vbSZyYW5kPVVVUnpaM2s9JnVpZD1VU0VSMTQwODIwMjRVMDgwODE0Mzc=\r\nCookie: _cid=135947033aeee0a33b746ad99bbf2a91\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Wed, 14 Aug 2024 16:44:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://google.com/404/\r\nx-powered-by: PHP/8.0.30\r\ncache-control: no-store\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=gf7RVnAOp2es3R4s2fQAXUlKjwYKE9Gb7XKooI5REOPizHDfDXAvtmzcEbD3cuuKmf18lfFSUyxHaFk9xR2NMA8on3TtT0p3XHgIR5hMSUgj0m03OBwhvWBKAxXANa8%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8b3269743e85569c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1565,"size_decoded":1565,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-04T21:49:00.154331Z","times_seen":16123915,"resource_available":true,"data":null}},"time_used":905,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":904,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}