{"report_id":"238c01a6-09e0-4e43-b475-992e7f2f4941","version":6,"status":"done","tags":[],"date":"2025-12-20T15:23:20Z","url":{"schema":"http","addr":"intelligence.pobc.live/","fqdn":"intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"103.224.182.251","port":0,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","fqdn":"ww25.intelligence.pobc.live","domain":"pobc.live","tld":"live"},"title":"pobc.live","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"intelligence.pobc.live/","fqdn":"intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"103.224.182.251","port":0,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-24T15:23:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"ww25.intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"ww25.intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"syndicatedsearch.goog","ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-04-14","domain_rank":5365,"first_seen":"2023-09-25T09:30:59Z","last_seen":"2025-12-14T22:30:59.059099Z","alert_count":0,"request_count":4,"received_data":150852,"sent_data":3286,"comment":"","tags":null,"fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}]},{"fqdn":"www.google.com","ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-12-14T22:21:29.619834Z","alert_count":0,"request_count":1,"received_data":134743,"sent_data":453,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ep1.adtrafficquality.google","ip":{"addr":"216.58.211.2","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3093,"first_seen":"2024-07-24T04:17:49Z","last_seen":"2025-12-14T22:44:27.710821Z","alert_count":0,"request_count":1,"received_data":11439,"sent_data":553,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ep2.adtrafficquality.google","ip":{"addr":"142.250.178.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3229,"first_seen":"2024-08-13T12:56:28Z","last_seen":"2025-12-15T00:14:30.531009Z","alert_count":0,"request_count":2,"received_data":34547,"sent_data":1010,"comment":"","tags":null,"fingerprints":null},{"fqdn":"afs.googleusercontent.com","ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":65181,"first_seen":"2013-05-06T19:11:00Z","last_seen":"2025-12-14T22:36:21.107248Z","alert_count":0,"request_count":2,"received_data":2046,"sent_data":1006,"comment":"","tags":null,"fingerprints":null},{"fqdn":"intelligence.pobc.live","ip":{"addr":"103.224.182.251","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"domain_registered":"2024-11-27","domain_rank":0,"first_seen":"2025-12-20T15:23:20.731731Z","last_seen":"2025-12-20T15:23:20.731731Z","alert_count":4,"request_count":4,"received_data":36099,"sent_data":1947,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"ww25.intelligence.pobc.live","ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2024-11-27","domain_rank":0,"first_seen":"2025-12-20T15:23:20.734143Z","last_seen":"2025-12-20T15:23:20.734143Z","alert_count":10,"request_count":5,"received_data":52450,"sent_data":2635,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"intelligence.pobc.live/js/fingerprint/iife.min.js","fqdn":"intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"103.224.182.251","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"63f9fd621d1fbd53b7c5856e58c11ccd","sha1":"a46973c2fbdbfeb159e0d717a90f88307e274012","sha256":"c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089","sha512":"d4df433c7368ec078fbc473398a4ab21e6da20950ac4db34338623296887db40320b05b9bde6130e43d2b55c82b81a56b60bab0d6a4c97df54a0cb7a8f09325b","ssdeep":"384:XhQYTcHRx9vfQxcuK83ERxXYxMvtTpIBNwBUZXLew5gc+RW7+5ERNFaqE8E0QI+V:XSbHRTArOGSoyISuNwxJzZbPePKe9y","tlshash":"6cf207d8b2c3b02d227378ba497f6006b63abd55641c4803d57be5c178a4e5a813bfb8","size":34240,"data":"","first_seen":"2023-05-01T16:20:27Z","last_seen":"2026-05-24T16:24:17.844544Z","times_seen":57316,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","fqdn":"ww25.intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7fe0237183d50a3881b5ec5ee44d10d1","sha1":"280a25cc17e271ef856a6fec6f23d461dab08f5e","sha256":"1f66f77aaf3c39d489bf0aba0f45cfd2336355cc358396464d2b7ff3bf7fa15a","sha512":"564bf11d3f71ddbae2df113f7dead7510abcdec2ca1571239ec97a7f0bf3d776ba08224750f6db4484a1822543f49efed69c88b073e29acc6cca113f5d03300b","ssdeep":"","tlshash":"45f0dc3f62b5e25ce0388a1342770ee8ab12b88208a0e94ab1d1888a372079b10056c8","size":449,"data":"","first_seen":"2025-12-20T15:23:26.380457Z","last_seen":"2025-12-20T15:23:26.380457Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.intelligence.pobc.live/becLVGcZW.js","fqdn":"ww25.intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7b1d05cc5eca8a6c34180094d84c832","sha1":"661ebcd47e2646f3735a52a3196e5b748efc26de","sha256":"87c20bfd7711adbf86f6dccefab12e8de11109798020e964ea9e061475421ffc","sha512":"1e51d10e0021edd9c1803738d88c227c16be5186c5c53911c5897a640e505c58526b6dee1366d2d64b54cead7d79a6e60c385353b046536e0d03a486b174987d","ssdeep":"768:TP2y15NVc67n85NdxBB5gPAJOJ3GIqNMalnEE0xNE2X0Ddem+euROgvMzLXWI+6b:jLalnEE0xNEGR+4g","tlshash":"cb134c667ab3d07046e2c9dae9b75215f238315a3006c06cf96cc8cb374e947d63ab79","size":44541,"data":"","first_seen":"2025-12-08T15:49:59.93398Z","last_seen":"2026-01-14T16:48:21.881942Z","times_seen":26829,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026bodis=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2ca6e885b75d0ff0060fec9957ae1ab","sha1":"e70754db262451174bb1bc69b1d75e1e2a90e59a","sha256":"7b786ae59fb8e4f9f2cbca281705651e1bc064d921b9b2d9d5f35db679b162a2","sha512":"64cab43f1ee9eb94c57bd5758ce7e8af3f097f670751506068dc7e9e9e78eb4694d222a3eea00d5ed98c0febed38a6e0f7bb25bf10fe95210cf1a25e53f46771","ssdeep":"1536:pzL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:YuydkXiR5zzTq+bxpD3ZV4T","tlshash":"72d33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","size":134027,"data":"","first_seen":"2025-12-11T16:41:57.082479Z","last_seen":"2026-01-07T19:31:18.868862Z","times_seen":14513,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","size":19990,"data":"","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?sjk=qOyBxbpaRBS4kbZVxe0dKg%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol115%2Cpid-bodis-gcontrol461%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.intelligence.pobc.live%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20251221-0222-58f7-ab74-8f4652270c44\u0026type=3\u0026swp=as-drid-2936916502645281\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107\u0026format=r3\u0026nocache=3291766244180935\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.intelligence.pobc.live\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=3\u0026u_tz=0\u0026dt=1766244180936\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=http%3A%2F%2Fww25.intelligence.pobc.live%2F%3Fsubid1%3D20251221-0222-58f7-ab74-8f4652270c44","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fe7f7338c793f92aba1771255f5134d2","sha1":"e4534cce621d91b94a229aa8f89862aa700331a7","sha256":"38f38b8020aea82a832cda1ebf22c41e9665e4b9af9b72560f68fdb38a1b4825","sha512":"1ace04c1f3054578763f08d745ba01017cc2c239b3b5b8a2736576fe22d88bd5935e52b5968498e48ac6842406bb8411abc989b058a282d51c8d41cb71d00c56","ssdeep":"","tlshash":"d1f0c0e619650232d46300374d0f3fa024581cf032876744f51eb48e157cbde93980af","size":529,"data":"","first_seen":"2025-12-20T15:23:26.381378Z","last_seen":"2025-12-20T15:23:26.381378Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6cb2ae5fef74172bd46fac2076465814","sha1":"8a69280b6ae834ae875865e26a83c782c303f509","sha256":"2b0280579e3a031edcdd4a833827f74797b72ada721b69f148823c048cc3ad56","sha512":"bcbb70e3f933a33bb19e773efe9d4cd7c32e61aafdbc119ae2728c7d8206fe4e420e1d9687cfb9148824d8a3f1f7e79c8a8e17c71dd512b4a6a7d387f296e509","ssdeep":"1536:/zL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:SuydkXiR5zzTq+bxpD3ZV4T","tlshash":"a2d33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","size":134034,"data":"","first_seen":"2025-12-11T16:43:36.5228Z","last_seen":"2026-01-07T19:29:49.170183Z","times_seen":11621,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intelligence.pobc.live/","fqdn":"intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"103.224.182.251","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"be6709c49d343e67512ffe58b31498b9","sha1":"dc5efbab003e01c1d269dcca5a8854b845ce5d13","sha256":"e8d0a1d2075fc0d5fd600c90a382154e7c99585bb6bdbcf67bad429d146be869","sha512":"1d296e98bcf5ee369530933a2b3947070ea687857b42df8ef01ee233331a20998a02af6440064d0dad7600ba4c509f80518f3bcb8455032292a58109ebc04873","ssdeep":"","tlshash":"f9f0978cf4ea7962757c106f9ef8400fc1bb024c008da5bcd006ab189c421aff168de7","size":518,"data":"","first_seen":"2025-12-20T15:23:26.382669Z","last_seen":"2025-12-20T15:23:26.382669Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"25e6119e62d1ba8afd52ec0f623a82bd","sha1":"5a880ff68e376984e4bcd6a646026c67438ecbac","sha256":"dec2ecd2607f2e892cd7041307752b509b1ea8db61ec38cc3a5bb9664ac48f62","sha512":"31ca39bd744be12fc88109f84a02d66290fb50829c5f41c31f938fabeb121eb2463366edfdf6ba4ef5898cc922b1bcda29658506e4162f4f3044428db4b5ca40","ssdeep":"","tlshash":"5911cbc577a2e441813615abd50f144bf575e47758acb410e6a1c4e4acb0abb443ab06","size":956,"data":"","first_seen":"2025-03-12T19:00:14.122018Z","last_seen":"2026-02-26T17:00:03.80743Z","times_seen":79470,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"intelligence.pobc.live/","fqdn":"intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"103.224.182.251","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-20T15:22:57.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yeezypods.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Dec 2025 14:30:19 GMT","end":"Mon, 02 Mar 2026 14:30:18 GMT"},"fingerprint":{"sha1":"82:43:3B:03:3C:76:C1:09:1D:90:39:F1:78:65:08:53:39:59:05:40","sha256":"68:2A:1C:00:EA:E5:ED:B7:D3:E5:78:B0:BA:D6:31:08:EC:F0:69:59:15:8E:F5:5C:FA:7F:9F:4D:EB:C2:51:60"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: intelligence.pobc.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Sat, 20 Dec 2025 15:22:58 GMT\r\nserver: Apache\r\nset-cookie: __tad=1766244178.6382332; expires=Tue, 18 Dec 2035 15:22:58 GMT; Max-Age=315360000\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 573\r\ncontent-type: text/html; charset=UTF-8\r\nconnection: close\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1079,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"b4cdd88d89a56924a0e6e00aab5fd9e3","sha1":"2252285599ace36c579d00fa2bde2863ee9c3429","sha256":"98e280f7fc84339a08822f02dbc2b709211e40d5aad3491b5d93cc843ec9a828","sha512":"24ea7c2c0f6719b614a7b3b7f690d49dac6d81212e7db704299d9187e486e561dae8e26b04d5882c3c3590f42121c9c9f2dd6b67fc9eba67c23bba948602ece3","ssdeep":"","tlshash":"4a11f04dfcc2b9527029045e9df8a10fc0a7724c81ccc978d1c2eb144c4269de9699d6","first_seen":"2025-12-20T15:23:26.365708Z","last_seen":"2025-12-20T15:23:26.365708Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1644,"timings":{"blocked":716,"dns":356,"connect":162,"send":0,"wait":212,"receive":0,"ssl":196},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intelligence.pobc.live/js/fingerprint/iife.min.js","fqdn":"intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"103.224.182.251","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intelligence.pobc.live/","date":"2025-12-20T15:22:58.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yeezypods.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Dec 2025 14:30:19 GMT","end":"Mon, 02 Mar 2026 14:30:18 GMT"},"fingerprint":{"sha1":"82:43:3B:03:3C:76:C1:09:1D:90:39:F1:78:65:08:53:39:59:05:40","sha256":"68:2A:1C:00:EA:E5:ED:B7:D3:E5:78:B0:BA:D6:31:08:EC:F0:69:59:15:8E:F5:5C:FA:7F:9F:4D:EB:C2:51:60"}}},"request":{"raw":"GET /js/fingerprint/iife.min.js HTTP/1.1\r\nHost: intelligence.pobc.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intelligence.pobc.live/\r\nCookie: __tad=1766244178.6382332\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Sat, 20 Dec 2025 15:22:58 GMT\r\nserver: Apache\r\nlast-modified: Tue, 22 Oct 2024 03:25:42 GMT\r\netag: \"85c0-6250852f4b980\"\r\naccept-ranges: bytes\r\ncontent-length: 34240\r\ncontent-type: text/javascript\r\nconnection: close\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":34240,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33896), with CRLF line terminators","md5":"63f9fd621d1fbd53b7c5856e58c11ccd","sha1":"a46973c2fbdbfeb159e0d717a90f88307e274012","sha256":"c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089","sha512":"d4df433c7368ec078fbc473398a4ab21e6da20950ac4db34338623296887db40320b05b9bde6130e43d2b55c82b81a56b60bab0d6a4c97df54a0cb7a8f09325b","ssdeep":"384:XhQYTcHRx9vfQxcuK83ERxXYxMvtTpIBNwBUZXLew5gc+RW7+5ERNFaqE8E0QI+V:XSbHRTArOGSoyISuNwxJzZbPePKe9y","tlshash":"6cf207d8b2c3b02d227378ba497f6006b63abd55641c4803d57be5c178a4e5a813bfb8","first_seen":"2023-05-01T16:20:27Z","last_seen":"2026-05-24T16:24:17.844544Z","times_seen":57316,"resource_available":true,"data":null}},"time_used":1094,"timings":{"blocked":368,"dns":1,"connect":176,"send":0,"wait":355,"receive":2,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","fqdn":"ww25.intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-20T15:23:00.498Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /?subid1=20251221-0222-58f7-ab74-8f4652270c44 HTTP/1.1\r\nHost: ww25.intelligence.pobc.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Sat, 20 Dec 2025 15:23:00 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 1198\r\nx-request-id: 6b154950-eb3e-486a-949b-131278848d84\r\ncache-control: no-store, max-age=0\r\naccept-ch: sec-ch-prefers-color-scheme\r\ncritical-ch: sec-ch-prefers-color-scheme\r\nvary: sec-ch-prefers-color-scheme\r\nx-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_C0h1ta2xXDJMSxv0S3isLSaY9YuBz0huh5MhCg2sJTCGWxdVaY3WfuVBgs/uJ1+oqo4Mk/DkRPUMSSPrsfw5PQ==\r\nset-cookie: parking_session=6b154950-eb3e-486a-949b-131278848d84; expires=Sat, 20 Dec 2025 15:38:00 GMT; path=/\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1198,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (466)","md5":"435bf88c05bbc8aa45c8bb8e6519d4b9","sha1":"a9c7f9bf6b60178ef27aba2a47ffa4207d53e3c8","sha256":"6b142e6d37bfa8fcb80111f16f18d512eb5acc798f5ed48e4d4af66c1e09f594","sha512":"c2d83eecd687761a7a575446f71327210b81b9fa179621f15205990b361593bbba2e7c964712ec67c2605f05e88e66217102f275558734e31d976e41bafcf99c","ssdeep":"","tlshash":"f7210a3f24a2d94ee0b046535db29e1ccd077b4a5440bd857ad9d0ab7a847d3541b2cc","first_seen":"2025-12-20T15:23:26.368203Z","last_seen":"2025-12-20T15:23:26.368203Z","times_seen":1,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"ww25.intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"ww25.intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=66xppwp6i25\u0026cd_fexp=72717107\u0026aqid=Vb9Gaca5CLW3juwPstuMiAM\u0026psid=3113057640\u0026pbt=bs\u0026adbx=290\u0026adby=145\u0026adbh=373\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis31_3ph\u0026errv=842209568\u0026csala=5%7C0%7C381%7C67%7C9\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:02.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:00:06 GMT","end":"Wed, 25 Feb 2026 16:00:05 GMT"},"fingerprint":{"sha1":"06:BA:36:2F:71:DB:00:20:7E:63:51:E1:07:B3:C2:09:F9:D3:65:87","sha256":"B7:6A:65:78:FC:51:25:23:3A:6D:B6:59:D6:C1:56:D4:36:21:34:3D:25:55:DA:C7:8E:BB:EF:64:94:1B:50:C7"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=66xppwp6i25\u0026cd_fexp=72717107\u0026aqid=Vb9Gaca5CLW3juwPstuMiAM\u0026psid=3113057640\u0026pbt=bs\u0026adbx=290\u0026adby=145\u0026adbh=373\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis31_3ph\u0026errv=842209568\u0026csala=5%7C0%7C381%7C67%7C9\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.intelligence.pobc.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-WGUpAXPUK9eSo2ksok76bg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Sat, 20 Dec 2025 15:23:02 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T17:07:59.023654Z","times_seen":15665480,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=r5heljwg6kqd\u0026cd_fexp=72717107\u0026aqid=Vb9Gaca5CLW3juwPstuMiAM\u0026psid=3113057640\u0026pbt=bv\u0026adbx=290\u0026adby=145\u0026adbh=373\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis31_3ph\u0026errv=842209568\u0026csala=5%7C0%7C381%7C67%7C9\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:02.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:00:06 GMT","end":"Wed, 25 Feb 2026 16:00:05 GMT"},"fingerprint":{"sha1":"06:BA:36:2F:71:DB:00:20:7E:63:51:E1:07:B3:C2:09:F9:D3:65:87","sha256":"B7:6A:65:78:FC:51:25:23:3A:6D:B6:59:D6:C1:56:D4:36:21:34:3D:25:55:DA:C7:8E:BB:EF:64:94:1B:50:C7"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=r5heljwg6kqd\u0026cd_fexp=72717107\u0026aqid=Vb9Gaca5CLW3juwPstuMiAM\u0026psid=3113057640\u0026pbt=bv\u0026adbx=290\u0026adby=145\u0026adbh=373\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis31_3ph\u0026errv=842209568\u0026csala=5%7C0%7C381%7C67%7C9\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.intelligence.pobc.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-PcLzIDiyb04UK-qFDpo6SA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Sat, 20 Dec 2025 15:23:02 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T17:07:59.023654Z","times_seen":15665480,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.intelligence.pobc.live/becLVGcZW.js","fqdn":"ww25.intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:00.642Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /becLVGcZW.js HTTP/1.1\r\nHost: ww25.intelligence.pobc.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44\r\nCookie: parking_session=6b154950-eb3e-486a-949b-131278848d84\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Sat, 20 Dec 2025 15:22:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 44541\r\nx-request-id: e133c543-5596-4de8-add6-b37e64cc852e\r\nset-cookie: parking_session=6b154950-eb3e-486a-949b-131278848d84; expires=Sat, 20 Dec 2025 15:38:00 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44541,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (44537)","md5":"c7b1d05cc5eca8a6c34180094d84c832","sha1":"661ebcd47e2646f3735a52a3196e5b748efc26de","sha256":"87c20bfd7711adbf86f6dccefab12e8de11109798020e964ea9e061475421ffc","sha512":"1e51d10e0021edd9c1803738d88c227c16be5186c5c53911c5897a640e505c58526b6dee1366d2d64b54cead7d79a6e60c385353b046536e0d03a486b174987d","ssdeep":"768:TP2y15NVc67n85NdxBB5gPAJOJ3GIqNMalnEE0xNE2X0Ddem+euROgvMzLXWI+6b:jLalnEE0xNEGR+4g","tlshash":"cb134c667ab3d07046e2c9dae9b75215f238315a3006c06cf96cc8cb374e947d63ab79","first_seen":"2025-12-08T15:49:59.93398Z","last_seen":"2026-01-14T16:48:21.881942Z","times_seen":26829,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"ww25.intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"ww25.intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026bodis=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:00.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:20 GMT","end":"Wed, 25 Feb 2026 15:57:19 GMT"},"fingerprint":{"sha1":"13:5B:80:5A:23:15:61:AE:98:37:1B:0A:3C:F6:E2:BD:63:8E:3B:D6","sha256":"22:03:24:94:F7:E3:5F:66:1B:39:CE:18:75:20:3D:01:AC:FE:93:AA:1A:73:8C:D5:34:98:AB:2B:E5:19:37:12"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026bodis=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.intelligence.pobc.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Sat, 20 Dec 2025 15:23:00 GMT\r\nexpires: Sat, 20 Dec 2025 15:23:00 GMT\r\ncache-control: private, max-age=3600\r\netag: \"6022745352614002532\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":134027,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2840)","md5":"d2ca6e885b75d0ff0060fec9957ae1ab","sha1":"e70754db262451174bb1bc69b1d75e1e2a90e59a","sha256":"7b786ae59fb8e4f9f2cbca281705651e1bc064d921b9b2d9d5f35db679b162a2","sha512":"64cab43f1ee9eb94c57bd5758ce7e8af3f097f670751506068dc7e9e9e78eb4694d222a3eea00d5ed98c0febed38a6e0f7bb25bf10fe95210cf1a25e53f46771","ssdeep":"1536:pzL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:YuydkXiR5zzTq+bxpD3ZV4T","tlshash":"72d33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","first_seen":"2025-12-11T16:41:57.082479Z","last_seen":"2026-01-07T19:31:18.868862Z","times_seen":14513,"resource_available":true,"data":null}},"time_used":195,"timings":{"blocked":86,"dns":1,"connect":8,"send":0,"wait":22,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?sjk=qOyBxbpaRBS4kbZVxe0dKg%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol115%2Cpid-bodis-gcontrol461%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.intelligence.pobc.live%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20251221-0222-58f7-ab74-8f4652270c44\u0026type=3\u0026swp=as-drid-2936916502645281\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107\u0026format=r3\u0026nocache=3291766244180935\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.intelligence.pobc.live\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=3\u0026u_tz=0\u0026dt=1766244180936\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=http%3A%2F%2Fww25.intelligence.pobc.live%2F%3Fsubid1%3D20251221-0222-58f7-ab74-8f4652270c44","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:00.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:00:06 GMT","end":"Wed, 25 Feb 2026 16:00:05 GMT"},"fingerprint":{"sha1":"06:BA:36:2F:71:DB:00:20:7E:63:51:E1:07:B3:C2:09:F9:D3:65:87","sha256":"B7:6A:65:78:FC:51:25:23:3A:6D:B6:59:D6:C1:56:D4:36:21:34:3D:25:55:DA:C7:8E:BB:EF:64:94:1B:50:C7"}}},"request":{"raw":"GET /afs/ads?sjk=qOyBxbpaRBS4kbZVxe0dKg%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol115%2Cpid-bodis-gcontrol461%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.intelligence.pobc.live%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20251221-0222-58f7-ab74-8f4652270c44\u0026type=3\u0026swp=as-drid-2936916502645281\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107\u0026format=r3\u0026nocache=3291766244180935\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.intelligence.pobc.live\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=3\u0026u_tz=0\u0026dt=1766244180936\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=http%3A%2F%2Fww25.intelligence.pobc.live%2F%3Fsubid1%3D20251221-0222-58f7-ab74-8f4652270c44 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.intelligence.pobc.live/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-disposition: inline\r\ndate: Sat, 20 Dec 2025 15:23:01 GMT\r\nexpires: Sat, 20 Dec 2025 15:23:01 GMT\r\ncache-control: private, max-age=3600\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-UTierImH57O5_esQaJOglA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 2921\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":13997,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (13523)","md5":"82b23f373fab36c56441fad6fdc68da6","sha1":"4e3a923968d3932391035d521853e707f2a0c097","sha256":"3b177e8db8f07dfba82d7b082d5717c23640a20b2fd800a921cdbe2d4b8e7caa","sha512":"7432142cb74ef9511f257f7bb3f959b6e3562550b8c5794097e4aa3248c894555801573674ef9f5b3c910134b1bfd44e2566b6d3b7a68170108c6d9d6a51a65b","ssdeep":"192:GE12iMpgbogm0yXqMcH5WrsfpEmpV5g8k0:Gni0dH6r5pbrk0","tlshash":"105243376062272d1517dc541b296f6dd181d43ac46f32e848a35f26c7ebf828be638e","first_seen":"2025-12-20T15:23:26.371924Z","last_seen":"2025-12-20T15:23:26.371924Z","times_seen":1,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":113,"dns":1,"connect":16,"send":0,"wait":186,"receive":1,"ssl":94},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intelligence.pobc.live/favicon.ico","fqdn":"intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intelligence.pobc.live/","date":"2025-12-20T15:22:59.286Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: intelligence.pobc.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intelligence.pobc.live/\r\nCookie: __tad=1766244178.6382332\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T17:07:59.023654Z","times_seen":15665480,"resource_available":true,"data":null}},"time_used":1,"timings":{"blocked":0,"dns":1,"connect":178,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ep1.adtrafficquality.google/getconfig/sodar?sv=200\u0026tid=afs\u0026tv=1234567890\u0026st=env\u0026sjk=qOyBxbpaRBS4kbZVxe0dKg==\u0026sde=1","fqdn":"ep1.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"216.58.211.2","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:00.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:59:52 GMT","end":"Wed, 25 Feb 2026 15:59:51 GMT"},"fingerprint":{"sha1":"E4:25:76:F6:C4:FB:46:FE:7A:37:E5:D8:E5:14:75:A2:B3:75:D2:9B","sha256":"34:44:B0:C8:96:F4:D4:42:DB:58:BD:4B:C9:72:0A:E2:31:20:B1:87:B3:2A:DD:E7:6B:62:AA:AB:58:B6:92:89"}}},"request":{"raw":"GET /getconfig/sodar?sv=200\u0026tid=afs\u0026tv=1234567890\u0026st=env\u0026sjk=qOyBxbpaRBS4kbZVxe0dKg==\u0026sde=1 HTTP/1.1\r\nHost: ep1.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://ww25.intelligence.pobc.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.intelligence.pobc.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\ncontent-type: application/json; charset=UTF-8\r\nx-content-type-options: nosniff\r\ncontent-disposition: attachment; filename=\"f.txt\"\r\ncontent-encoding: br\r\ndate: Sat, 20 Dec 2025 15:23:01 GMT\r\nserver: cafe\r\ncontent-length: 8224\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10882,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"f7cf6ce548c6ebef8f0982a051ac1c28","sha1":"b1dabbdd7b42c54c5b1bce7393aeeee647354cf2","sha256":"283d74acb94291dbdc672371b6860d1b3dd8dc4b948f77d201b3fb277d9dceb1","sha512":"1325acc02d785cd1ce98ba99bd248e9e125231cedd61317a5597da6066ee25547117c191305b6f1537d5d332795a636067654bd31da4b3296c36fedc4983a7fa","ssdeep":"192:Z6KLt6RfFqSF4bHQqBgdYG3s/xyRRoIf3V5eBwp2EyMme2LXozTnG0/kRVwWs:ZXLsZFxFCBhUpv7JnfPGHts","tlshash":"b822c04cdeb32900427db48571826e78779149a6cee905fbe3e8ff8c2199a7dbc91043","first_seen":"2025-12-20T15:23:26.373526Z","last_seen":"2025-12-20T15:23:26.373526Z","times_seen":1,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":89,"dns":1,"connect":20,"send":0,"wait":39,"receive":1,"ssl":65},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:01.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:00:04 GMT","end":"Wed, 25 Feb 2026 16:00:03 GMT"},"fingerprint":{"sha1":"3F:6B:79:EB:6A:36:69:37:B8:80:08:17:24:3C:C7:A5:F2:4C:1D:A6","sha256":"C1:88:6A:43:5F:52:63:57:56:27:18:5B:53:42:8D:AC:C0:80:AB:8C:59:0D:49:81:7A:83:6D:01:14:14:78:6E"}}},"request":{"raw":"GET /sodar/sodar2.js HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.intelligence.pobc.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 7188\r\ndate: Sat, 20 Dec 2025 15:23:01 GMT\r\nexpires: Sat, 20 Dec 2025 15:23:01 GMT\r\ncache-control: private, max-age=3000\r\netag: \"1747411493688989\"\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19990,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1398)","md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":88,"dns":1,"connect":16,"send":0,"wait":25,"receive":1,"ssl":70},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:01.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:00:04 GMT","end":"Wed, 25 Feb 2026 16:00:03 GMT"},"fingerprint":{"sha1":"3F:6B:79:EB:6A:36:69:37:B8:80:08:17:24:3C:C7:A5:F2:4C:1D:A6","sha256":"C1:88:6A:43:5F:52:63:57:56:27:18:5B:53:42:8D:AC:C0:80:AB:8C:59:0D:49:81:7A:83:6D:01:14:14:78:6E"}}},"request":{"raw":"GET /sodar/sodar2/237/runner.html HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.intelligence.pobc.live/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 5044\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 20 Dec 2025 14:34:19 GMT\r\nexpires: Sat, 20 Dec 2025 15:24:19 GMT\r\ncache-control: public, max-age=3000\r\nage: 2922\r\nlast-modified: Tue, 13 May 2025 23:17:50 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13159,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2024)","md5":"0120a1d624ff8fc3ec792d93a7133947","sha1":"1e3bd23df78ff2c60b187b40a0c6505be9ab889f","sha256":"14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966","sha512":"84286e299ebc6690ee904b5581cd6aaf6b59d06200b61156923301484d1b75fa517894167c4f4777553ba09c840a2d74a723e3ff112448f00514d910dfd172c5","ssdeep":"192:pl/6xS2OASROqI3wgh5MXDc9EAOaK3qzfaGDCiMgIcTa1mx:rz2NQJIVsTiMH3qzfcOIr1mx","tlshash":"4842a7ccbad2b0210353b4f1a13f400ff13ea8aae44c9954b181e8e17cb56a94667f7d","first_seen":"2025-05-19T23:59:48.478548Z","last_seen":"2026-02-26T18:27:55.136579Z","times_seen":169945,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"intelligence.pobc.live/?tr_uuid=20251221-0222-58f7-ab74-8f4652270c44\u0026fp=-7","fqdn":"intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"103.224.182.251","port":80,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-20T15:22:59.609Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /?tr_uuid=20251221-0222-58f7-ab74-8f4652270c44\u0026fp=-7 HTTP/1.1\r\nHost: intelligence.pobc.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __tad=1766244178.6382332\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\ndate: Sat, 20 Dec 2025 15:22:59 GMT\r\nserver: Apache\r\nlocation: http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44\r\ncontent-length: 2\r\ncontent-type: text/html; charset=UTF-8\r\nconnection: close\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T17:07:59.023654Z","times_seen":15665480,"resource_available":true,"data":null}},"time_used":536,"timings":{"blocked":165,"dns":1,"connect":165,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","fqdn":"ww25.intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-20T15:22:59.986Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /?subid1=20251221-0222-58f7-ab74-8f4652270c44 HTTP/1.1\r\nHost: ww25.intelligence.pobc.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T17:07:59.023654Z","times_seen":15665480,"resource_available":true,"data":null}},"time_used":498,"timings":{"blocked":0,"dns":418,"connect":1,"send":0,"wait":0,"receive":0,"ssl":77},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"ww25.intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"ww25.intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ww25.intelligence.pobc.live/_fd?subid1=20251221-0222-58f7-ab74-8f4652270c44","fqdn":"ww25.intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:00.693Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /_fd?subid1=20251221-0222-58f7-ab74-8f4652270c44 HTTP/1.1\r\nHost: ww25.intelligence.pobc.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44\r\nContent-Type: application/json\r\nOrigin: http://ww25.intelligence.pobc.live\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: parking_session=6b154950-eb3e-486a-949b-131278848d84\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Sat, 20 Dec 2025 15:23:00 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 5189\r\nx-request-id: 6a2bc8f5-93a7-4dcf-9ccc-73036929537c\r\nset-cookie: parking_session=6b154950-eb3e-486a-949b-131278848d84; expires=Sat, 20 Dec 2025 15:38:00 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5189,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with very long lines (5189), with no line terminators","md5":"dd99687808730bf578c4d498403e9d0e","sha1":"0ab57bfef86a3d7ca6f3950a85a0305d5f8df2a5","sha256":"647db93075873a91ede160e377d02e69a2c154f7521ec7b9ee3c730e87ddc598","sha512":"bb0d7ad82ecb6531e5289fd682dedb4c21a4e6a643eebc21192b184cf25df505935d0ff221473bea1c751ff5163ca2ac9a56eb7dc6bc90449e24ff9296061b89","ssdeep":"96:N9KCOSJqASAoGQtUzPULGQQGJ2ITTAwSY7K5oo/:aCFpRQSzS/vNnqd5oo/","tlshash":"fcb172f18a59359bdb07460370ce03d9520e97be3776262e595fda8c4b1960fb4e022e","first_seen":"2025-12-20T15:23:26.376529Z","last_seen":"2025-12-20T15:23:26.376529Z","times_seen":1,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"ww25.intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"ww25.intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=qOyBxbpaRBS4kbZVxe0dKg%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol115%2Cpid-bodis-gcontrol461%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.intelligence.pobc.live%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20251221-0222-58f7-ab74-8f4652270c44\u0026type=3\u0026swp=as-drid-2936916502645281\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107\u0026format=r3\u0026nocache=3291766244180935\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.intelligence.pobc.live\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=3\u0026u_tz=0\u0026dt=1766244180936\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=http%3A%2F%2Fww25.intelligence.pobc.live%2F%3Fsubid1%3D20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:01.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:00:06 GMT","end":"Wed, 25 Feb 2026 16:00:05 GMT"},"fingerprint":{"sha1":"06:BA:36:2F:71:DB:00:20:7E:63:51:E1:07:B3:C2:09:F9:D3:65:87","sha256":"B7:6A:65:78:FC:51:25:23:3A:6D:B6:59:D6:C1:56:D4:36:21:34:3D:25:55:DA:C7:8E:BB:EF:64:94:1B:50:C7"}}},"request":{"raw":"GET /adsense/domains/caf.js HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Sat, 20 Dec 2025 15:23:01 GMT\r\nexpires: Sat, 20 Dec 2025 15:23:01 GMT\r\ncache-control: private, max-age=3600\r\netag: \"16356897480330983528\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":134034,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2840)","md5":"6cb2ae5fef74172bd46fac2076465814","sha1":"8a69280b6ae834ae875865e26a83c782c303f509","sha256":"2b0280579e3a031edcdd4a833827f74797b72ada721b69f148823c048cc3ad56","sha512":"bcbb70e3f933a33bb19e773efe9d4cd7c32e61aafdbc119ae2728c7d8206fe4e420e1d9687cfb9148824d8a3f1f7e79c8a8e17c71dd512b4a6a7d387f296e509","ssdeep":"1536:/zL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:SuydkXiR5zzTq+bxpD3ZV4T","tlshash":"a2d33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","first_seen":"2025-12-11T16:43:36.5228Z","last_seen":"2026-01-07T19:29:49.170183Z","times_seen":11621,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=qOyBxbpaRBS4kbZVxe0dKg%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol115%2Cpid-bodis-gcontrol461%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.intelligence.pobc.live%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20251221-0222-58f7-ab74-8f4652270c44\u0026type=3\u0026swp=as-drid-2936916502645281\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107\u0026format=r3\u0026nocache=3291766244180935\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.intelligence.pobc.live\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=3\u0026u_tz=0\u0026dt=1766244180936\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=http%3A%2F%2Fww25.intelligence.pobc.live%2F%3Fsubid1%3D20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:01.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:52:44 GMT","end":"Wed, 25 Feb 2026 15:52:43 GMT"},"fingerprint":{"sha1":"6A:F0:34:52:EF:16:19:7F:E7:B8:2A:C3:D8:EC:36:27:5F:48:61:31","sha256":"15:AF:19:35:54:71:85:51:A2:01:3A:93:C7:2E:1A:DF:0B:24:9A:C4:A8:2A:59:2F:4B:82:64:81:BB:74:37:D8"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 20 Dec 2025 04:35:38 GMT\r\nexpires: Sun, 21 Dec 2025 03:35:38 GMT\r\ncache-control: public, max-age=82800\r\nage: 38843\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"11b3089d616633ca6b73b57aa877eeb4","sha1":"07632f63e06b30d9b63c97177d3a8122629bda9b","sha256":"809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1","sha512":"079b0e35b479dfdbe64a987661000f4a034b10688e26f2a5fe6aaa807e81ccc5593d40609b731ab3340e687d83dd08de4b8b1e01cdac9d4523a9f6bb3acfcba0","ssdeep":"","tlshash":"d9d02291c2182d28441e82e0c37c312600fab0a2634c00dcfa80e300b20c9abb861669","first_seen":"2023-04-06T23:53:06Z","last_seen":"2026-05-03T22:11:49.614123Z","times_seen":412187,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":67,"dns":0,"connect":7,"send":0,"wait":10,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=qOyBxbpaRBS4kbZVxe0dKg%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol115%2Cpid-bodis-gcontrol461%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.intelligence.pobc.live%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20251221-0222-58f7-ab74-8f4652270c44\u0026type=3\u0026swp=as-drid-2936916502645281\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107\u0026format=r3\u0026nocache=3291766244180935\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.intelligence.pobc.live\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=3\u0026u_tz=0\u0026dt=1766244180936\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=http%3A%2F%2Fww25.intelligence.pobc.live%2F%3Fsubid1%3D20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:01.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:52:44 GMT","end":"Wed, 25 Feb 2026 15:52:43 GMT"},"fingerprint":{"sha1":"6A:F0:34:52:EF:16:19:7F:E7:B8:2A:C3:D8:EC:36:27:5F:48:61:31","sha256":"15:AF:19:35:54:71:85:51:A2:01:3A:93:C7:2E:1A:DF:0B:24:9A:C4:A8:2A:59:2F:4B:82:64:81:BB:74:37:D8"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 20 Dec 2025 07:07:52 GMT\r\nexpires: Sun, 21 Dec 2025 06:07:52 GMT\r\ncache-control: public, max-age=82800\r\nage: 29709\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d47125b2ba92be53dcff07ba322ce1de","sha1":"e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28","sha256":"5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6","sha512":"78a1bf7547b1c28f600163689161955bc56a621ace3228c9169143be933ccf789fc6106bbf729f2e9483bcaa03271529d3913088094c7fb906b44673e13f1f92","ssdeep":"","tlshash":"72d02291d2286d38441e82e0c37c712200ee70a2230c10ccfa81a700720c8abb8a1668","first_seen":"2023-04-07T07:55:51Z","last_seen":"2026-02-01T02:48:24.72202Z","times_seen":175105,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":67,"dns":2,"connect":10,"send":0,"wait":9,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.intelligence.pobc.live/_tr","fqdn":"ww25.intelligence.pobc.live","domain":"pobc.live","tld":"live"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44","date":"2025-12-20T15:23:01.450Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /_tr HTTP/1.1\r\nHost: ww25.intelligence.pobc.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ww25.intelligence.pobc.live/?subid1=20251221-0222-58f7-ab74-8f4652270c44\r\nContent-Type: application/json\r\nContent-Length: 2041\r\nOrigin: http://ww25.intelligence.pobc.live\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: parking_session=6b154950-eb3e-486a-949b-131278848d84\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2041,"data":"{\"signature\":\"UxFdVMwNFNwN0wzODEybVeyJhZF9sb2FkZWRfY2FsbGJhY2siOnsiY29udGFpbmVyTmFtZSI6InJzIiwiYWRzTG9hZGVkIjp0cnVlLCJjYWxsYmFja09wdGlvbnMiOnsiY2FmUmVxdWVzdEFjY2VwdGVkIjp0cnVlLCJjYWZTdGF0dXMiOnsiY2xpZW50IjoicGFydG5lci1kcC1ib2RpczMxXzNwaCIsImFkdWx0IjpmYWxzZX19fSwiYXBwX3ZlcnNpb24iOiIwLjkuMyIsImNhZl9jbGllbnRfaWQiOiJwYXJ0bmVyLWRwLWJvZGlzMzFfM3BoIiwiY2FmX3RpbWVkX291dCI6ZmFsc2UsImNhZl9sb2FkZWRfbXMiOjUxMiwiY2hhbm5lbCI6InBpZC1ib2Rpcy1nY29udHJvbDk3LHBpZC1ib2Rpcy1nY29udHJvbDExNSxwaWQtYm9kaXMtZ2NvbnRyb2w0NjEscGlkLWJvZGlzLWdjb250cm9sMTUxLHBpZC1ib2Rpcy1nY29udHJvbDE2MiIsImRlc2t0b3AiOnRydWUsInRlcm1zIjoiIiwiZmRfc2VydmVyX2RhdGV0aW1lIjoxNzY2MjQ0MTgwLCJmZF9zZXJ2ZXIiOiJpcC0xMC0yMDEtNDAtMTMwLmV1LXdlc3QtMS5jb21wdXRlLmludGVybmFsIiwiZmxleF9ydWxlIjp7ImFjdGlvbiI6IiIsImN1c3RvbV9yZWFzb24iOiIiLCJmbGV4X2lkIjowLCJtaXNtYXRjaCI6ZmFsc2V9LCJob3N0Ijoid3cyNS5pbnRlbGxpZ2VuY2UucG9iYy5saXZlIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJpdnQiOmZhbHNlLCJtb2JpbGUiOmZhbHNlLCJwYWdlX2hlYWRlcnMiOnt9LCJwYWdlX2xvYWRlZF9jYWxsYmFjayI6eyJyZXF1ZXN0QWNjZXB0ZWQiOnRydWUsInN0YXR1cyI6eyJjbGllbnQiOiJwYXJ0bmVyLWRwLWJvZGlzMzFfM3BoIiwiYWR1bHQiOmZhbHNlfX0sInBhZ2VfbWV0aG9kIjoiR0VUIiwicGFnZV9yZXF1ZXN0Ijp7InN1YmlkMSI6IjIwMjUxMjIxLTAyMjItNThmNy1hYjc0LThmNDY1MjI3MGM0NCJ9LCJwYWdlX3RpbWUiOjE3NjYyNDQxODAsInBhZ2VfdXJsIjoiaHR0cDovL3d3MjUuaW50ZWxsaWdlbmNlLnBvYmMubGl2ZS8/c3ViaWQxPTIwMjUxMjIxLTAyMjItNThmNy1hYjc0LThmNDY1MjI3MGM0NCIsInRhYmxldCI6ZmFsc2UsInRlbXBsYXRlX2lkIjozNDUsInR5cGUiOiJ2aXNpdCIsInVzZXJfaGFzX2FkX2Jsb2NrZXIiOm51bGwsInVzZXJfaWQiOjc0Mzc4LCJ1dWlkIjoiNmIxNTQ5NTAtZWIzZS00ODZhLTk0OWItMTMxMjc4ODQ4ZDg0IiwiemVyb2NsaWNrIjp7fSwicG9wdXAiOmZhbHNlLCJ0aW1lem9uZV9vZmZzZXQiOjAsInVzZXJfcHJlZmVyZW5jZSI6eyJsb2NhbGUiOiJlbi1VUyIsImNhbGVuZGFyIjoiZ3JlZ29yeSIsIm51bWJlcmluZ1N5c3RlbSI6ImxhdG4iLCJ0aW1lWm9uZSI6IlVUQyIsInllYXIiOiJudW1lcmljIiwibW9udGgiOiJudW1lcmljIiwiZGF5IjoibnVtZXJpYyJ9LCJ1c2VyX3VzaW5nX2Rhcmttb2RlIjpmYWxzZSwidXNlcl9zdXBwb3J0c19kYXJrbW9kZSI6dHJ1ZSwid2luZG93X3Jlc29sdXRpb24iOnsid2lkdGgiOjEyODAsImhlaWdodCI6MTAyNH0sInNjcmVlbl9yZXNvbHV0aW9uIjp7IndpZHRoIjoxMjgwLCJoZWlnaHQiOjEwMjR9LCJmcmFtZSI6bnVsbH0=\"}"}},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Sat, 20 Dec 2025 15:23:01 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 2\r\nx-request-id: a81af71e-e499-4a2f-960d-5f65f2826ef0\r\nset-cookie: parking_session=6b154950-eb3e-486a-949b-131278848d84; expires=Sat, 20 Dec 2025 15:38:01 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-05-24T16:57:20.263306Z","times_seen":416588,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"ww25.intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"ww25.intelligence.pobc.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}