{"report_id":"d55a2486-cc69-4e0e-a432-0e432414d570","version":6,"status":"done","tags":[],"date":"2026-05-31T11:25:18Z","url":{"schema":"http","addr":"amberyak.buzz","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":0,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"amberyak.buzz/","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"title":"QUANTUM AI TRADING","dom":{"size":77480,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (920)","md5":"f06f1bc947d2a62f2291ff08db29141c","sha1":"f9585551256770d8dcec40fe4322d3577762eb02","sha256":"bf401757f551bd0a23df2e020f7fc3ae8380a476541d99b6fa3af8520f90df97","sha512":"8b84766bf0e4eeab01aceab46b2562d9789b6ea8069867155e8034dbd446b69a50b9d569686ef14e8ce11cac2c6c76ca2193e4ed44ec0a1d48ad83a709b84d03","ssdeep":"384:2PTKqnKx0yvtTlbCLTgnYAwRq3jm9gmYi:2PTKqnW0yv9kMl3jygmj","tlshash":"c77362117a711c26a007a2d4f2e2de67aa02f713ca4a45f4b6ec40f1bfc7db16963359","dom_hash":"domhashf5a6cd49f7eb99ca0fcca372df0bacea","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"amberyak.buzz","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":0,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-05T11:25:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2026-05-24T22:48:41.874191Z","alert_count":0,"request_count":1,"received_data":20321,"sent_data":504,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"amberyak.buzz","ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":120,"request_count":24,"received_data":1317165,"sent_data":10986,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.1.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-05-24T22:26:02.229202Z","alert_count":0,"request_count":2,"received_data":875000,"sent_data":886,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.google.com","ip":{"addr":"142.251.150.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-05-24T22:41:50.23946Z","alert_count":0,"request_count":2,"received_data":1002,"sent_data":1771,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"amberyak.buzz/","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f72923da25f47293204fdd3113e55b74","sha1":"3daec2f772668d69d7568fc95bf505065b29b6f3","sha256":"f891f34caf2712afe6251fd36794f5d0c678305b675cb0df6aaa7312cd17f247","sha512":"aae23eaaf6096aaf9e33ed89fa99b2fd7494a00d6848ad02ddca0beab6e6c180d5a345cb054344bb4eb53f40d761d0853ae4a6c12f4235010e47371290894e38","ssdeep":"","tlshash":"bff0234c3c56f42337f93574c2238b7f33a1070035835524c605cc24385048608c6c8d","size":445,"data":"","first_seen":"2026-05-31T06:41:41.786682Z","last_seen":"2026-05-31T11:25:24.838262Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9ccd1fdde81d387487983268d8e42a6b","sha1":"95dd60160d48acb193d6f3f6c564f50cac01cc1f","sha256":"ad46267282eee5dadc62875e323024b1671efa48c6ecc77189a385fa95025ba5","sha512":"79cd7f0ef49ec64e71c3f6718b145dd9b4f34746da7cb0b18e9e24dd3c16ac48c1150783748e6fc1087466ec2ea6a565cebbe899543cc7e9b0cf806e49a11157","ssdeep":"","tlshash":"5cf0ab9d3ca6f4673bf97638c323ce6f37a6070179839624c646cc2868649861896d8e","size":445,"data":"","first_seen":"2026-05-31T06:41:41.787619Z","last_seen":"2026-05-31T11:25:24.839129Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-05-31T15:18:39.564431Z","times_seen":336800,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-11370901259","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.1.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c903064676e7428d345db2614ac7440","sha1":"f3c5863eeed48b8ddd045e2572002320fd764348","sha256":"7bc04838f9dce9ac4f134acc5e4f5bab28c125816ed0e4f8788f1145382d5fc5","sha512":"81c3f6d44854cb4c6be726c557d9904b6e946e348c35a58c0b6243838f0025e7767ee9900bc38520305684c519fa75f2049e574230695995d06c630f82e83c5c","ssdeep":"6144:9PRfDNMVf3AlwSXbTFQSvtxhuX7aWCBbnSlKaob+:9AVf3ARxQSUPob+","tlshash":"348408cdb3d6745253a3b478503f018ba27a79e2b44cc899f186d8e42e7069a4277f7c","size":397996,"data":"","first_seen":"2026-05-31T11:25:24.830616Z","last_seen":"2026-05-31T14:02:37.073161Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4fc266e3b0b4d82c8bebb7e1dd8ab4da","sha1":"3e99b0e3b9c2b159721a8361ce6f38e9c7a52091","sha256":"6fec671446527e53818e8f3f9f8f5700cca5894ed40c0809310f3756721165f2","sha512":"2caf94713a7df657ad2fb052d795846054b631cc8f61082a12bf9e7eca939403c5eabcf8d2973f458ad4c66a7dec07380abea57976abbb5f958280c7452a9861","ssdeep":"","tlshash":"99f0a39d3c66b45737f93538c2278a7f3355070175839624c655cc2578a48861847d4d","size":445,"data":"","first_seen":"2026-05-31T06:41:41.78843Z","last_seen":"2026-05-31T11:25:24.840009Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"bf34ee86ea62fc4281c599d71642f378","sha1":"fc503a589dba0b604e8879ae185b5d5e40b727d9","sha256":"a973e159d5e78e41b1a029b33dc51a6860101bf8d0b3c59a402e8c0093e74bfb","sha512":"d959cc76af240901f5226be6aa1b54e3c6b31edeac56c4d3374e2693d9affa61a33eea993766f91d05553f9ff2a5af75abbae6578c1f5704823c6f883e0c35bd","ssdeep":"","tlshash":"52c0808d221e1cb146ff1701c77fa604b4063268e4955d314c5d23059d30f13d754950","size":192,"data":"","first_seen":"2026-05-31T06:41:41.789107Z","last_seen":"2026-05-31T14:02:37.08774Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-6LER5P74K1\u0026cx=c\u0026gtm=4e65r2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.1.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ff141372dd91c26deeeab037286eb293","sha1":"ee1d6a3a8a848ffbc683a4a693f3533101f53868","sha256":"6057ecb380341c7169e106a60b1a71cff9f42edceab9236d3b240ff37b360c79","sha512":"d1958e800aea45a207697ef3757621296a6e84587e260212f94a55196543d583cdc09c93dd5edb168756fa32395ab88937566d720784f70d4ab6ca1fa12238b8","ssdeep":"6144:js+FRfDNalVf36lwSXbDQCtEhuX7aWCBbn95ma5V/Qo+:jJklVf36RDQZ75xl+","tlshash":"11a4f9cdb3d674625396f478503f018ba57b28e2b44cc89ab189cce42e7469a4277f7c","size":475770,"data":"","first_seen":"2026-05-31T11:25:24.815803Z","last_seen":"2026-05-31T14:02:37.057341Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"940297fd71b874f9fc7e334d328bea74","sha1":"fec2408040f4418b3f323cbd3f8a2d66574a3084","sha256":"65b071028c05f324c71a685c63c38c8ade1295094cdec30e3f58ce2cadfa271f","sha512":"9d9023fbc002a75f2dfe715947b43829aba54e12087dbeb06b57148050c76aa9eb1792db449d02a292bdda838d74e247d3ca2cb0e8a34140fccd71dfc7be1b8e","ssdeep":"","tlshash":"34e0865771d3087409eb397a1b5ea744386241531c0d5c057e1c89558fb4bca50b7684","size":396,"data":"","first_seen":"2026-05-31T06:41:41.789978Z","last_seen":"2026-05-31T14:02:37.088602Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"60448ebe60e3b7185ca2f6537da06626","sha1":"35bc94b74372d6f930951cfbc72efeb202fb32ae","sha256":"15726f9d65a47c1741abe485d8655171100d8f05708494e23cb6c9a0d25d08d3","sha512":"6cf594d59aa76df2e7d0bec8aaa7cd47942e65f603c742693309de7a5ba4e52bd30717bf343e6f52fdf09ac2c6676ca1ccd2de215c57b0011fe243123acba84a","ssdeep":"","tlshash":"b0d02236d4d004e1c97b28b4c3c328187342820bd0048e04fd0c63802f2969f8860bce","size":251,"data":"","first_seen":"2026-05-31T06:41:41.790811Z","last_seen":"2026-05-31T11:25:24.842516Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"amberyak.buzz/","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-31T11:24:56.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:56 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 26 May 2026 11:58:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a158af3-16e90\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}],"data":{"size":93840,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (901)","md5":"44fac842731bf1e43a377a94dc6849f6","sha1":"c80bfba5baec61bbd388413e69bd83b5d1a2a33a","sha256":"197a0b353f72fa9419ec6ba819d72f3d5b43c53aed73057d91b264b11e3ea487","sha512":"f25ace00b1460cfdf42e2ec2cc382d68aa8da041fd7d56cd7cb7036b11f42bcc17be4d4bfc666f184c46fb8eefb5840a835cb50706d5cbd0c76f302ad0f5ad50","ssdeep":"384:1PTxiTunUm/bNMR+R1tDbcHLGLuLG9qfnP4FOzMM:1PTxiT0Um/pMov9AHaCdfPgOzv","tlshash":"639352117b711c96600f92d4f6e2dea36602f603ca4a45b8b9ed41f1bfc3eb0a953319","first_seen":"2026-05-31T06:41:41.755286Z","last_seen":"2026-05-31T11:25:24.811699Z","times_seen":2,"resource_available":true,"data":null}},"time_used":977,"timings":{"blocked":341,"dns":38,"connect":147,"send":0,"wait":295,"receive":0,"ssl":152},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/tx(33).png","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/tx(33).png HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-3b9e\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 166, 8-bit colormap, non-interlaced","md5":"2cda72ed07877c9668b90b1463471f6b","sha1":"c4b69a9235cadf462216c943224818b7103dd2da","sha256":"adce5289141be6af89331faa13faf547aeac4e9c0d24353c2db3139e140f8188","sha512":"c398a1723653b192688a27aa05220329311d847e96d9bc6f4f5e5914063f8eed513ac0d4c89e76ba714300d04df6013016877bd1991891be817f5dfe42c9c029","ssdeep":"384:i4kEmVN22wfWIkD2nmkrDV540k/JrHdPDSmozdea6RNstdnk:TpmVNkWIy2nmkPTqRr9bPozdeXXT","tlshash":"2062e1a09927460783d3db608a97f64fdca95fbc081be4e9e2259fc151be31336b0127","first_seen":"2023-09-23T05:15:31Z","last_seen":"2026-05-31T14:02:37.082234Z","times_seen":15,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":433,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/tx(66).png","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/tx(66).png HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-3ff1\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16369,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 166, 8-bit colormap, non-interlaced","md5":"480f306a9e6b9fb2ef2bb1cf09cafc98","sha1":"aaec94bf16ba5bf98f256f45f5019defbeee4ab7","sha256":"88e20cb76646145f87ab920076fb83afecf6425303f0a3fc970786c64d4388d9","sha512":"4ae8582d472985c15e1e6b22817250ff360f91f30d9a609d328a364780e9502e1372fc103ae56713a338c71852ff0ccdb381bb895f07398e9a54762e9de00483","ssdeep":"384:gHnxQd4lZvDTjdaFyu1gxTvfdcZtkdIfY8mRG1dGj1Gk5XNeiob:gHx5vDTjdQYTvOy2EG1IZZ8","tlshash":"ea72d0040776d504d94d7eea83e8a6d2bd173022fbd030e9a7698d4d0830f983b57fa5","first_seen":"2023-09-23T05:15:31Z","last_seen":"2026-05-31T14:02:37.053182Z","times_seen":15,"resource_available":false,"data":null}},"time_used":430,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":430,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-6LER5P74K1\u0026cx=c\u0026gtm=4e65r2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.1.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:58.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:51:35 GMT","end":"Thu, 30 Jul 2026 15:51:34 GMT"},"fingerprint":{"sha1":"4F:F6:A0:5C:88:9C:38:C1:57:D2:C2:16:50:CD:79:E3:67:50:CC:B0","sha256":"93:D6:F4:89:DB:C5:7B:E8:C8:73:F7:36:40:1B:87:32:83:AA:3F:54:8B:26:97:45:83:DB:E6:BF:FD:F5:70:33"}}},"request":{"raw":"GET /gtag/js?id=G-6LER5P74K1\u0026cx=c\u0026gtm=4e65r2 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 31 May 2026 11:24:58 GMT\r\nexpires: Sun, 31 May 2026 11:24:58 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 157569\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":475770,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"ff141372dd91c26deeeab037286eb293","sha1":"ee1d6a3a8a848ffbc683a4a693f3533101f53868","sha256":"6057ecb380341c7169e106a60b1a71cff9f42edceab9236d3b240ff37b360c79","sha512":"d1958e800aea45a207697ef3757621296a6e84587e260212f94a55196543d583cdc09c93dd5edb168756fa32395ab88937566d720784f70d4ab6ca1fa12238b8","ssdeep":"6144:js+FRfDNalVf36lwSXbDQCtEhuX7aWCBbn95ma5V/Qo+:jJklVf36RDQZ75xl+","tlshash":"11a4f9cdb3d674625396f478503f018ba57b28e2b44cc89ab189cce42e7469a4277f7c","first_seen":"2026-05-31T11:25:24.815803Z","last_seen":"2026-05-31T14:02:37.057341Z","times_seen":4,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/fancybox.css","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/fancybox.css HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-5e0e\"\r\nexpires: Sun, 31 May 2026 23:24:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24078,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (24078), with no line terminators","md5":"d74f2bf0b0f416a96ff3cd78bb73d8af","sha1":"7c7cff35566e4ee9f37f4b91e8dfbe6de19f16b8","sha256":"23145dfecf89c5cecea4352cd9e8d8ebac53cec164b5ec73c48f66baa3bbe082","sha512":"f433113d29b8509f1512eea37b86e9a501eedbdd46ba136dad0215044b3295112f9fb2fa6462f103a90fe40580f9d28ad929ae52163a7a0e6cfd78b1d355f1d2","ssdeep":"384:CM1VMcoRIgQEd4HlSKfGYkNbPv1NFCVqVz33q06m8NDr:CRIgQEsgvAVqV56mkr","tlshash":"31b295d709443c3d4a234b44938a884da339eac3ea2567fb215da99683c53d431ff6ce","first_seen":"2023-05-06T10:55:56Z","last_seen":"2026-05-31T14:02:37.071957Z","times_seen":289,"resource_available":false,"data":null}},"time_used":442,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":442,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/youtube-x-logo--w--min.png","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/youtube-x-logo--w--min.png HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-1cb8\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7352,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 700 x 167, 8-bit/color RGBA, non-interlaced","md5":"50ab17af5932df69db7f597d8325085a","sha1":"d7e2bdd375344d42478c80641c7f9b6fe754260d","sha256":"f50e6200be19ae86aa938f3a41b3a571b0119d0e974b90bdf764889d08104341","sha512":"2b57b2523769e2349a7d1c4e1e1a4df80148660978e8cb757c8ab6623694734b1fe0b1137378672b17333af304f65add3e7b1753648e6d8e7e600b00981b262a","ssdeep":"192:MAWnKE8rFfJ+Fjhyo/2aitC6MFocfroGBZ2/2FV1Q1:MAwKE8XajXkUlFhBw/2rk","tlshash":"e9e18f04ea048e44fedfd9ea464657641b5bf821248092522650b8e4f3f9612d7ce7d9","first_seen":"2023-09-23T05:15:31Z","last_seen":"2026-05-31T14:02:37.070382Z","times_seen":12,"resource_available":false,"data":null}},"time_used":440,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":440,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/b2-s.jpg","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/b2-s.jpg HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-9f24\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40740,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 498 x 300, 8-bit/color RGBA, non-interlaced","md5":"2d8b9183b3dfd73715cc89196ec3dcf0","sha1":"a1a5a9cfc84e9b3d0f77491274901200a82d4f10","sha256":"826c1e3a4931eb46ea779afba387ce6a4a7f0a135b95e22d83c8a931f295b14b","sha512":"b9078b2d58bff27021fcfd5ad1dbae5a1b7c03b7767d076ea4927d4c23b01b2441155ede965d9c897d2dde51cade84322a67ab98e9910953fe111bd65421100f","ssdeep":"768:831+HiODxv5TngvBWZBeOH1+CPBcA149R5wP6L1bku5jy:X1hTYWZoe+CPOAsRFy","tlshash":"0e03f1b2b3f7adb6ad4df9c2ee08cc912d341960876836dc8bc2f5255919d503129f8b","first_seen":"2025-01-17T11:59:02.495534Z","last_seen":"2026-05-31T14:02:37.073779Z","times_seen":7,"resource_available":false,"data":null}},"time_used":437,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":437,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/tx(55).png","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/tx(55).png HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-3bc3\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15299,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 166, 8-bit colormap, non-interlaced","md5":"c23716fb3234b59bbe5af180b74d6979","sha1":"ef010015e929122b0ed0098a8bcae8914e29f1a7","sha256":"78c7a6c39e36b5ad5325fcc2a431a436095ee0b1ec0aa42adc24e9166b428cb8","sha512":"4150642e8f16ce1665abb4074f9a0ec38a43acab45a079185fa37255fa28b515f4f5690cb8ba6644da8dddce4b55c526f2e45a8575709d8f05a9f0fa30be78b7","ssdeep":"384:Yzx7C1QQfApjVkjZXVyal5JTqJG28xL+n7jA9Zd:Y1C1zYNVklJbTqE2V/+Zd","tlshash":"b262b0d5889590ee6f5d997d9850214a629093fcccc2db40ceb4ef8377a167b3028e7c","first_seen":"2023-09-23T05:15:31Z","last_seen":"2026-05-31T14:02:37.064399Z","times_seen":15,"resource_available":false,"data":null}},"time_used":431,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":431,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/favicon.ico","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:58.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nCookie: _gcl_au=1.1.1607955880.1780226698\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:58 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 548\r\nlast-modified: Mon, 04 May 2026 06:47:00 GMT\r\netag: \"69f840e4-224\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":548,"size_decoded":0,"mime_type":"image/x-icon","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"370e16c3b7dba286cff055f93b9a94d8","sha1":"65f3537c3c798f7da146c55aef536f7b5d0cb943","sha256":"d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090","sha512":"75cd6a0ac7d6081d35140abbea018d1a2608dd936e2e21f61bf69e063f6fa16dd31c62392f5703d7a7c828ee3d4ecc838e73bff029a98ced8986acb5c8364966","ssdeep":"","tlshash":"02f0909f5f12287f2e238571f4c35169cf680a57fb9925e28748011f7aca04549f1fad","first_seen":"2023-03-08T16:42:13Z","last_seen":"2026-05-31T15:32:30.681427Z","times_seen":18365,"resource_available":true,"data":null}},"time_used":148,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/lander.css","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/lander.css HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-1f5f\"\r\nexpires: Sun, 31 May 2026 23:24:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8031,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4694)","md5":"cd90000dc184bcfcea9b81591ad80ffd","sha1":"3a2ecf8fdb6a9ea8551ae30a66b166bd8fd7129a","sha256":"8f9b12f5dd44c8d4169851f070611c5a51b28fef8bef50cf531c756d34ce9dd2","sha512":"5c11ebb2a1b791bb0c2586719e22cea5a53a4fecbc5be2321b7cf76fd5b04f19d33f7a00ab3ac4394ba52edb168a944b4178d0e9350618e8bb27d87d0540e4b1","ssdeep":"96:cG0wddAUcSpUcOTzVMFZzUhY6+kv2V19UcjpW8oNJUOWo0OtOv4/cNn8jNHY73d7:wc3AZgQ+DrxpsXUOv0OtOv/NwY73d2yN","tlshash":"eef1f0a2bf92246db01b881ee183b7bd6e29591393130debf9117a75dbc64e70170a09","first_seen":"2026-05-31T06:41:41.762845Z","last_seen":"2026-05-31T14:02:37.060483Z","times_seen":5,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/v4-shims.min.css","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/v4-shims.min.css HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-6b1f\"\r\nexpires: Sun, 31 May 2026 23:24:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27423,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (27247)","md5":"a20fc4bb11eef49c60be43baecfcb9e7","sha1":"c2bb4af4a915c00be8c03f8845ee73a39f40f219","sha256":"0566cefe40eb9f45155255d2bea7b2db6b221b2bb2d5728439bcb84ce272c29f","sha512":"ab623f03d5c687440554fcf4554a40afddf45c1df7dead4716c26a46f10eaa2b788a14abb2f2838c7583ce46b15468c1a216af6b54e25e798c518055fd9f727b","ssdeep":"192:cPxxxbl74K9YUpfPHH5PNjbp8S1cZQRG1B8tzmePAMRMJV68NzQAmnRt:ad74K9YIZPNjR1FRG1WPAMUNNzQAmnRt","tlshash":"32c22565931da0d3b3ace847bb0172a82776b75999825c50f30b7c4c9dc3a1776e8f28","first_seen":"2023-08-04T21:16:32Z","last_seen":"2026-05-31T14:02:37.081397Z","times_seen":56,"resource_available":false,"data":null}},"time_used":442,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":442,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/sgs2b_bcmlogo.png","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/sgs2b_bcmlogo.png HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-237e\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9086,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 107, 8-bit colormap, non-interlaced","md5":"988356fda3c9e6662dc77ddf056f97ad","sha1":"bd4a82a9e9dd3f0f6e618f7321e581f1ead16708","sha256":"e7cf6737a9397bf9b28f72c8addcc3eb095c724092e87c0b233228f1e6cee7bb","sha512":"22fa19528619390574079fa960b88c9187b1a26118db0ca9ffec7fea1352612ac932be353ee66a34344c3d5bf038dfc2e1ea8660ce76a1b43db522b9bbe82b53","ssdeep":"192:bLMbTjOfK0iDI4sibolm2zpt4fLD4H7ToGafyfse+dYw9PHJAB8u5C55zz27mprc:vMqf+NsiIm2zpt4ob4pv9hy8u5Cm7mtc","tlshash":"7412af901f58b005dec3bcbf2863133f96631977eaf41a5d4138d899761ce4dea11e14","first_seen":"2023-09-23T05:15:31Z","last_seen":"2026-05-31T14:02:37.08309Z","times_seen":14,"resource_available":false,"data":null}},"time_used":425,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":425,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=18\u0026frm=0\u0026auid=1607955880.1780226698\u0026dt=QUANTUM%20AI%20TRADING\u0026en=page_view\u0026dl=https%3A%2F%2Famberyak.buzz%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1878158658.1780226698\u0026navt=n\u0026npa=1\u0026gtm=45be65r2v9235904545za200zd9235904545xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938465~115938468~116701382~118012007~119027224~119034491~119064591\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-11370901259\u0026tid=AW-11370901259\u0026tft=1780226698115\u0026tfd=1752","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.150.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:58.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:58 GMT","end":"Thu, 30 Jul 2026 15:53:57 GMT"},"fingerprint":{"sha1":"3D:2F:68:CA:7D:7E:91:9E:9A:F6:55:25:90:92:2C:70:DF:61:E1:AA","sha256":"17:D0:A6:F1:72:DB:CB:B5:FD:37:15:CC:95:48:17:63:D5:77:2E:57:FC:4D:6A:36:5B:D9:8A:76:6B:1B:54:5E"}}},"request":{"raw":"GET /ccm/collect?rcb=18\u0026frm=0\u0026auid=1607955880.1780226698\u0026dt=QUANTUM%20AI%20TRADING\u0026en=page_view\u0026dl=https%3A%2F%2Famberyak.buzz%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1878158658.1780226698\u0026navt=n\u0026npa=1\u0026gtm=45be65r2v9235904545za200zd9235904545xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938465~115938468~116701382~118012007~119027224~119034491~119064591\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-11370901259\u0026tid=AW-11370901259\u0026tft=1780226698115\u0026tfd=1752 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\npragma: no-cache\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ndate: Sun, 31 May 2026 11:24:58 GMT\r\ncontent-type: text/plain\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T15:30:59.550945Z","times_seen":15964973,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/tx(77).png","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/tx(77).png HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-452f\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17711,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 166, 8-bit colormap, non-interlaced","md5":"ee489bff0e22b13fa5a96f1d4fab7c19","sha1":"aa8e9bbb3aedfba5b603129c9c150a6cbb6afdfc","sha256":"d43f408ab0835e0382fbd7ae8f315e16de778df72547de72c425c5807b750918","sha512":"d78ae73656e1457633a2b40774ade2ecf5e5749e33fff7ef48d8cd71fd5f5a55c8bd3a80e2c8a3135afa3243e7caa3449a757a15f41346db9260c3dff71ac88c","ssdeep":"384:m74ZAje+OwXGjEbtRyTd4P6X+kQnT4Neeqqi9K1Zv0XYzfpt+PP:m74eWJuk6T4NefM1ZcoDw","tlshash":"7f82e172c9f8ae8052b563046d94c4ff46d624347ed219e14eabd63009fc7face99382","first_seen":"2023-09-23T05:15:31Z","last_seen":"2026-05-31T14:02:37.065701Z","times_seen":15,"resource_available":false,"data":null}},"time_used":429,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":429,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Apr 2026 18:57:25 GMT","end":"Thu, 16 Jul 2026 19:57:22 GMT"},"fingerprint":{"sha1":"AB:25:45:8F:55:B6:2B:26:B5:B1:EF:90:E0:60:64:9C:56:47:0F:B5","sha256":"47:83:31:CC:5E:02:0E:51:A7:52:AC:83:1B:8A:A8:4C:74:11:A5:F1:61:8D:C5:6D:29:3C:9D:6A:C9:29:AF:7F"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://amberyak.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 07 May 2026 16:44:36 GMT\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a0459d7a0b9b568b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-05-31T15:18:39.564431Z","times_seen":336800,"resource_available":true,"data":null}},"time_used":161,"timings":{"blocked":64,"dns":1,"connect":1,"send":0,"wait":11,"receive":0,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/fonts/fa-solid-900.woff2","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /fonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/assets/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 55\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\netag: \"69404d8c-37\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55,"size_decoded":0,"mime_type":"font/woff2","magic":"ASCII text, with no line terminators","md5":"0c60aed391de4a8186e51ee3025203d9","sha1":"73ad40368f81ce8ff822802fe8a5d0a5b5a6db0f","sha256":"0758055afa0b3cb8e75b13b667334db429e7bb86697e046fe6fc13517917ea6f","sha512":"ba8154f17b7f39e4dfc882fd32ab2287b3165b9fc5ee7705f0e648c7d47c5abf01475930ee2ca3b9c1374404a7a300584b8058641a40836c62e3f0dd5d71a513","ssdeep":"","tlshash":"279002ba96532610478541b51056f408d4462935345819219046846d44e4670093514d","first_seen":"2026-05-31T06:41:41.782169Z","last_seen":"2026-05-31T11:25:24.828458Z","times_seen":2,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/all.min.css","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/all.min.css HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-7c7e9\"\r\nexpires: Sun, 31 May 2026 23:24:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":509929,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (52040)","md5":"cf5cb0683b4e6c4727ef8c6d1e23af77","sha1":"6f00ef8b7e2f0b6360fc56a7d301e4d2b70970cd","sha256":"29a7d44b525b7bf9e4ae813f1a36edaa65083c687d3bffa86f026a34ce59f21f","sha512":"e1fb6166da62fa5d3a1ea49e2f042b31f2d883fd69f18a72646654c36797a836dd8b6d4baa470e02ac7126600da9b3c494a0e5f650a47557edba215ae192ab9e","ssdeep":"3072:e2bQzfbumZd1FHU2vjVkYgcpfZCnFJcAdHNoB/Ryd0K68xRDxDQjd:BbQzTZZd1FHUCaeeJ7dHqB/RC6MMd","tlshash":"ebb4e9a0a05520dcb3d7e60f5b02b629e4b3f33ed9814f5fe1d5484e0dd3a6871867aa","first_seen":"2026-05-31T06:41:41.772737Z","last_seen":"2026-05-31T14:02:37.068027Z","times_seen":5,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-11370901259","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.1.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:51:35 GMT","end":"Thu, 30 Jul 2026 15:51:34 GMT"},"fingerprint":{"sha1":"4F:F6:A0:5C:88:9C:38:C1:57:D2:C2:16:50:CD:79:E3:67:50:CC:B0","sha256":"93:D6:F4:89:DB:C5:7B:E8:C8:73:F7:36:40:1B:87:32:83:AA:3F:54:8B:26:97:45:83:DB:E6:BF:FD:F5:70:33"}}},"request":{"raw":"GET /gtag/js?id=AW-11370901259 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\nexpires: Sun, 31 May 2026 11:24:57 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Sun, 31 May 2026 09:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 137409\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":397996,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5930)","md5":"5c903064676e7428d345db2614ac7440","sha1":"f3c5863eeed48b8ddd045e2572002320fd764348","sha256":"7bc04838f9dce9ac4f134acc5e4f5bab28c125816ed0e4f8788f1145382d5fc5","sha512":"81c3f6d44854cb4c6be726c557d9904b6e946e348c35a58c0b6243838f0025e7767ee9900bc38520305684c519fa75f2049e574230695995d06c630f82e83c5c","ssdeep":"6144:9PRfDNMVf3AlwSXbTFQSvtxhuX7aWCBbnSlKaob+:9AVf3ARxQSUPob+","tlshash":"348408cdb3d6745253a3b478503f018ba27a79e2b44cc899f186d8e42e7069a4277f7c","first_seen":"2026-05-31T11:25:24.830616Z","last_seen":"2026-05-31T14:02:37.073161Z","times_seen":4,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":84,"dns":0,"connect":15,"send":0,"wait":31,"receive":42,"ssl":88},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/logoooo-1-min.png","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/logoooo-1-min.png HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-24e8\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9448,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1900 x 119, 4-bit colormap, non-interlaced","md5":"a6b024cad66f8103f8df78a424e651ae","sha1":"f6ad796ca8da0ae8d97409be7e0e3ab9cab3ec05","sha256":"5576e55d5c3ba252c4b9fe5abf231bfca774fe41f35fe6afbc6cb731eeb9df00","sha512":"efb24c2e37e9200c39ba8eb2f0318f8477b9b363c47f7089a284708ca8105c0f5b5e5481ce4d32ea2ca38682e6cd182f3045b7e9948ad0e97b231e2a99d05453","ssdeep":"192:4o7msmTDu0YLUkuHB60NQlW9bCGxNjtvS3Xf2wV:lnmTOLYB9qo9bCeZ9wV","tlshash":"0212c0f52b5a883e8237e7c7b7be2e6e32146cdc53299b48164530c2162d8cf4331a13","first_seen":"2025-01-17T11:59:02.500769Z","last_seen":"2026-05-31T14:02:37.051546Z","times_seen":8,"resource_available":false,"data":null}},"time_used":436,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":436,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/tx(44).png","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/tx(44).png HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-4346\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17222,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 166, 8-bit colormap, non-interlaced","md5":"f728af6bfa079b95bc99f70d35361da6","sha1":"825e402c955efbc79a278630f0033d34fe7e46af","sha256":"382c8656daad108d6f23095c8cf55f9f114f7cefc4c206a22702231c7af917d4","sha512":"52aa38e4869fc77ca89872306f5eb54fe5c4ef8a7b52f1db5307da8fd0da93ed9986c4b4c0dc1eed2c048c85845ca44db3c8e6da1c32435ce5c9bc6f3a233128","ssdeep":"384:/KN1sT6RAcYEkoPfRWf6yFrXNAi+lFFet1BFR1dHYc:/KN6c0eWf6yzAi+lbeNj1N","tlshash":"fb72c023e520acc8d9e8ace727567088773d462a0149aecddc53d4ea6c83f22d5a5e85","first_seen":"2023-09-23T05:15:31Z","last_seen":"2026-05-31T14:02:37.063053Z","times_seen":15,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":432,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/tx(88).png","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/tx(88).png HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-3ef1\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16113,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 166, 8-bit colormap, non-interlaced","md5":"224bf636ec890620da2caa5fef7fc48a","sha1":"08671f802cdc53008165610a3d6f4411ff2a2d26","sha256":"724138fbfedb05f9595795a6a11d868b11d152aabe7d672c7901cee5de297c3c","sha512":"5562ed7d7befe52f6384b967e936667afb6c3b18a32a90e259479383c11890cbf41a48a2837818761e57c61c82313a0a553aff65e96de52a12e2aa7844480d27","ssdeep":"384:c5LlLpmeIXzgD/7rX4CyqBW9WuPYIC93bVeyeABrE4lH/pgArrQW:c7LpKz0rl/BW9Wf9LQyeErEG/Fr1","tlshash":"a872c05360dba5eaa129d63775bd322a4ca4fde3c31302b946747b0b41cef01afe5522","first_seen":"2023-09-23T05:15:31Z","last_seen":"2026-05-31T14:02:37.069341Z","times_seen":15,"resource_available":false,"data":null}},"time_used":428,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":428,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=18\u0026frm=0\u0026auid=1607955880.1780226698\u0026dt=QUANTUM%20AI%20TRADING\u0026en=page_view\u0026dl=https%3A%2F%2Famberyak.buzz%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1878158658.1780226698\u0026navt=n\u0026npa=1\u0026gtm=45be65r2v9235904545za200zd9235904545xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938465~115938468~116701382~118012007~119027224~119034491~119064591\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-11370901259\u0026tid=AW-11370901259\u0026tft=1780226698115\u0026tfd=1752","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.150.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:58.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:58 GMT","end":"Thu, 30 Jul 2026 15:53:57 GMT"},"fingerprint":{"sha1":"3D:2F:68:CA:7D:7E:91:9E:9A:F6:55:25:90:92:2C:70:DF:61:E1:AA","sha256":"17:D0:A6:F1:72:DB:CB:B5:FD:37:15:CC:95:48:17:63:D5:77:2E:57:FC:4D:6A:36:5B:D9:8A:76:6B:1B:54:5E"}}},"request":{"raw":"POST /ccm/collect?rcb=18\u0026frm=0\u0026auid=1607955880.1780226698\u0026dt=QUANTUM%20AI%20TRADING\u0026en=page_view\u0026dl=https%3A%2F%2Famberyak.buzz%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1878158658.1780226698\u0026navt=n\u0026npa=1\u0026gtm=45be65r2v9235904545za200zd9235904545xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938465~115938468~116701382~118012007~119027224~119034491~119064591\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-11370901259\u0026tid=AW-11370901259\u0026tft=1780226698115\u0026tfd=1752 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://amberyak.buzz/\r\nOrigin: https://amberyak.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 31 May 2026 11:24:58 GMT\r\npragma: no-cache\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://amberyak.buzz\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T15:30:59.550945Z","times_seen":15964973,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":51,"dns":0,"connect":8,"send":0,"wait":17,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/b1-s.jpg","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/b1-s.jpg HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-adb7\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44471,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=449, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=750], progressive, precision 8, 498x300, components 3","md5":"7085959191bc771b86cc0c3eb74e982c","sha1":"415c771a76a167b1e860dd229442195c5e10bd5e","sha256":"1769c08a71616bb576aee9b1cd447bb33f65c4838205d15c364c072e0486f6b4","sha512":"0cb0201070a539ac08ac6b9b92d84b4ac087abf6666a17e305b61daafb07b1ec00951552494203616d64f735ae818db1b435e2aad1a3f6a37d6a7bc469911ef7","ssdeep":"768:YYy6ccbC07PHYy6ccbC0Lzl1Gx7Pxy+Se24rR7G95/7:YMbdzMbdLzlEHy+Sembz","tlshash":"2413cf35ef68ae07fdf15b3464a4c382a350b62857e33b82745ca80537b66d0de9c683","first_seen":"2026-05-31T06:41:41.767836Z","last_seen":"2026-05-31T14:02:37.078837Z","times_seen":5,"resource_available":false,"data":null}},"time_used":438,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":438,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/tx(22).png","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/tx(22).png HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-4b7f\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19327,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 166, 8-bit colormap, non-interlaced","md5":"aafac7cb3f53af27e57549e56e2b628e","sha1":"839de55119b73f909f234f4bdf7e3985171251c9","sha256":"76a14c5d42185326d013128532351530afd2a28211531dff2f4357fa65a65477","sha512":"3487e9725ce17af953bb38e98b5d4ba0a450f5b8f09da9445b71eda94822cd6e351e5b320c542f4c0196e25d0c1017e0a4c9786860affa3cbef4a125a0dbf3b9","ssdeep":"384:YcI4pwBXyeT3BkLPyfHzaHLyX+JNmToqa3Gyfm3VznqBhCGCfwr:YipwBXBBIyLu2CgoZFe3VzYAI","tlshash":"8992c0c3a5e170dd983a07e540480786dcc6714cbb29e567a67bfe40ac4ac617ffaa07","first_seen":"2023-09-23T05:15:31Z","last_seen":"2026-05-31T14:02:37.071245Z","times_seen":15,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":434,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/b3-s.jpg","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/b3-s.jpg HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-575d\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22365,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 498x300, components 3","md5":"45ecb4c146eb4c197788e31775476108","sha1":"67dbd0c31b62567029d5e9bf048213b4d99c990a","sha256":"326579aac874d43f38719c4eeb35ebc7041b849abc7c6f49557065387d14b539","sha512":"f97d88f00f54eaa0437e788cc0302e25a2308b118c8b8b76510b92ad98faeb2ebfae7f5f7939dc2dd8514a85f7948e54fa0b3f2b66b804e7daf476fce0641bd4","ssdeep":"384:nrugcGQ6fa1zfYtSBQmcM7b++9e4dvsfrR78naXu:CAQxQhM7S+0f18nae","tlshash":"59a2cf61666348ee48380a23c1cdf31972624e3c0eb7b656a0457e4d7b04a68bbe747d","first_seen":"2025-01-17T11:59:02.496661Z","last_seen":"2026-05-31T14:02:37.08035Z","times_seen":7,"resource_available":false,"data":null}},"time_used":436,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":436,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/fonts/fa-solid-900.ttf","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:58.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /fonts/fa-solid-900.ttf HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/assets/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:58 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 53\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\netag: \"69404d8c-35\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53,"size_decoded":0,"mime_type":"application/octet-stream","magic":"ASCII text, with no line terminators","md5":"e0b0174a4c639ef0bae4bde88e581d26","sha1":"82aa754d0e346e704b506b3a3d8c5ed30434527e","sha256":"4dcd9a078a46833aab8b947bc31a9d502ced9eb363346dc860c72e4f43170dce","sha512":"698a1d13890aaaf90e6655a4b13a97a21033bcadb48ec91e96923af90ee7090ea3468ffa6ec3b77a78d36d905f2bffcfecd48fd5c9ef963812a614e3185d8656","ssdeep":"","tlshash":"239002ba86521610474441b91056f40cd4466825346459259041846d40d4660053514d","first_seen":"2026-05-31T06:41:41.784049Z","last_seen":"2026-05-31T11:25:24.835415Z","times_seen":2,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":395,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/cdn-cgi/rum?","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:58.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1017\r\nOrigin: https://amberyak.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nCookie: _gcl_au=1.1.1607955880.1780226698; _ga_6LER5P74K1=GS2.1.s1780226698$o1$g0$t1780226698$j60$l0$h0; _ga=GA1.1.908394915.1780226698\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1017,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":1543,\"startTime\":1780226696362,\"versions\":{\"fl\":\"2024.11.0\",\"js\":\"2024.6.1\",\"timings\":2},\"pageloadId\":\"97637c04-4a65-4ba1-97ed-36fc23c9c048\",\"location\":\"https://amberyak.buzz/\",\"nt\":\"navigate\",\"timingsV2\":{\"unloadEventStart\":0,\"unloadEventEnd\":0,\"domInteractive\":1526,\"domContentLoadedEventStart\":1541,\"domContentLoadedEventEnd\":1547,\"domComplete\":2137,\"loadEventStart\":2137,\"loadEventEnd\":2137,\"type\":\"navigate\",\"redirectCount\":0,\"initiatorType\":\"navigation\",\"nextHopProtocol\":\"h2\",\"workerStart\":0,\"redirectStart\":0,\"redirectEnd\":0,\"fetchStart\":19,\"domainLookupStart\":20,\"domainLookupEnd\":58,\"connectStart\":58,\"connectEnd\":361,\"secureConnectionStart\":209,\"requestStart\":361,\"responseStart\":656,\"responseEnd\":656,\"transferSize\":10291,\"encodedBodySize\":9848,\"decodedBodySize\":93840,\"name\":\"https://amberyak.buzz/\",\"entryType\":\"navigation\",\"startTime\":0,\"duration\":2137},\"siteToken\":\"d2dce6a60d844b82a08acd048c012db9\",\"st\":2}"}},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:58 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-05-31T15:22:25.307684Z","times_seen":519173,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/tx(11).png","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/tx(11).png HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 15 Dec 2025 18:03:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69404d8c-3604\"\r\nexpires: Tue, 30 Jun 2026 11:24:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13828,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 166, 8-bit colormap, non-interlaced","md5":"06b26393d0c3949b6672afd1fe8eee36","sha1":"25dcfc606599dd60f38fb1310573f1f569ad9b05","sha256":"65d6256f6328c1b00cc2b38f4385d82aab35bdcc99ad49ada8e0a80f67a4a82a","sha512":"20ca759b5a7c48339ec75c59be7b1395d537243c0ae6bc469acef254eedb627d4b7cb59d335e9ae4f0ad3e74d836e9272f300cdb3c38def15138ed053b92e8a9","ssdeep":"192:soJhrhbxJQbMI/AgUy0uYt1vZxHVqtrkv1AdUQtvuEuIRXQW1sH5jISudI:fJhrZON/AJt1BxHVBv14vbuIRXF1Gtu6","tlshash":"3852d06adafc1db872cb592d3adf4041d7b28e30529a63860073f91ed5835325cf80d6","first_seen":"2023-09-23T05:15:31Z","last_seen":"2026-05-31T14:02:37.075211Z","times_seen":15,"resource_available":false,"data":null}},"time_used":435,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":435,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amberyak.buzz/assets/aa.mp4","fqdn":"amberyak.buzz","domain":"amberyak.buzz","tld":"buzz"},"ip":{"addr":"198.105.126.181","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://amberyak.buzz/","date":"2026-05-31T11:24:57.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amberyak.buzz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 06:17:51 GMT","end":"Tue, 04 Aug 2026 06:17:50 GMT"},"fingerprint":{"sha1":"3B:9C:9B:31:17:C7:B8:04:C0:3C:24:E3:8C:D8:44:9E:E7:C0:D4:9C","sha256":"36:BC:08:EF:08:E0:3B:5A:74:9D:5D:81:AC:40:58:2C:30:BB:D7:CD:65:BD:ED:1B:22:4A:D8:C4:FA:93:60:D1"}}},"request":{"raw":"GET /assets/aa.mp4 HTTP/1.1\r\nHost: amberyak.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://amberyak.buzz/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:24:57 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 3565641\r\nlast-modified: Sat, 02 May 2026 15:17:49 GMT\r\netag: \"69f6159d-366849\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 0-3565640/3565641\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":376778,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"dd6df07c36f41dae024afd3170fb92e3","sha1":"32ff955a616ae339b84c97fdb0b31452191d6e33","sha256":"b46b7918106055495e3e6817f7a8fd20d3d150f82b3b03bdd7056bc9a173e71d","sha512":"d0634a3cee909215fffab82e1fec11e2c9202b65214dd11b2343cc3dbbbc09c3ac4efdddec47bc8f4378bf2a737865fab49f78f1f5e36a7b3d0c5c0ccdeca9c8","ssdeep":"6144:roQZi/DGCjzeKIklqqUx8rjNZDwJr0zngYH2Rhse38Isr8rVaX/gjYS/Tv:MQZi/ZNhhxRwUngTRhLMzr8EXlYr","tlshash":"fe840189bb8a1056cb52837891bb4f34b3f1ed905a1b074b095267940ef32e8cd1b5fe","first_seen":"2026-05-31T11:25:24.837293Z","last_seen":"2026-05-31T11:25:24.837293Z","times_seen":1,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":151,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"amberyak.buzz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"amberyak.buzz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}