{"report_id":"82900138-03f0-454b-af05-4068b52cf937","version":6,"status":"done","tags":[],"date":"2025-06-30T02:25:27Z","url":{"schema":"http","addr":"evil.com/shell.txt?","fqdn":"evil.com","domain":"evil.com","tld":"com"},"ip":{"addr":"66.96.146.129","port":0,"asn":29873,"as":"BIZLAND-SD","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"evil.com/shell.txt?","fqdn":"evil.com","domain":"evil.com","tld":"com"},"title":"404 Error - Page Not Found"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-09-08T02:25:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"evil.com","ip":{"addr":"66.96.146.129","port":80,"asn":29873,"as":"BIZLAND-SD","country":"United States","country_code":"US"},"domain_registered":"1995-04-10","domain_rank":447505,"first_seen":"2017-02-08T18:08:34Z","last_seen":"2025-06-27T06:02:57.683259Z","alert_count":0,"request_count":3,"received_data":2539,"sent_data":1355,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.searchvity.com","ip":{"addr":"208.91.196.46","port":80,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"domain_registered":"2019-08-09","domain_rank":284877,"first_seen":"2020-01-10T18:05:06Z","last_seen":"2025-06-27T06:42:37.815909Z","alert_count":0,"request_count":2,"received_data":72498,"sent_data":886,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.106","port":80,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":12905,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-06-25T15:40:09.650838Z","alert_count":0,"request_count":1,"received_data":94011,"sent_data":356,"comment":"","tags":null,"fingerprints":null},{"fqdn":"l.cdn-fileserver.com","ip":{"addr":"172.67.181.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-08","domain_rank":0,"first_seen":"2025-04-11T15:28:22.753596Z","last_seen":"2025-06-27T21:19:01.463324Z","alert_count":0,"request_count":1,"received_data":859,"sent_data":928,"comment":"","tags":null,"fingerprints":null},{"fqdn":"globalresultshub.com","ip":{"addr":"208.91.196.22","port":443,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"domain_registered":"2025-04-06","domain_rank":0,"first_seen":"2025-04-11T18:11:28.391204Z","last_seen":"2025-06-28T13:43:16.560382Z","alert_count":0,"request_count":1,"received_data":722,"sent_data":1263,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"www.searchvity.com/?dn=evil.com\u0026pid=9POL6F2H4","fqdn":"www.searchvity.com","domain":"searchvity.com","tld":"com"},"ip":{"addr":"208.91.196.46","port":80,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"introduction_type":"scriptElement","is_inline":true,"md5":"13df26c2a159cac03c2ce936630c92a9","sha1":"06dbb29a26f3e1545d8289b3e55ba8a42d6ab1a2","sha256":"85c14445d30d0b74b6111f9767a82c6ac66c037d8fc52d9d39876b70ccce36a5","sha512":"08e1fde86183f1a400d01922373b5691853aa5ce72c010e4ab82e9d45afa5d63c05cabb5128b41d82ff0176707723f16f4afe2b3655aa4cfa47d0a5691896fa9","ssdeep":"768:AuVkiIHq9puLMnD5wQNqoKyDKU7oj7bfrVEAA74sQPjRM98VgYlwPN5QXNryKysT:BH+VXgWXhJ8K/NAAYK+4Fl19","tlshash":"89534bca71d2787117a35af6e03f4142f2361075358dc8a4b39adce528e98d96272f3d","size":62517,"data":"","first_seen":"2025-06-17T07:09:05.55704Z","last_seen":"2025-07-08T07:16:46.99507Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"globalresultshub.com/sr/754870121/SAFEFRAME.html?ule=754\u0026%29L2WCCWEgo=\u0026%29PMo~=\u0026%29ovo=\u00262Xj=\u00262lE~~=a\u00266KP=k\u00266MoE2D=_\u00267XXoM=a\u0026C72l5=h%2ASfJrYUk\u0026C72lY=zMjk\u0026CC=OS\u0026CPj=SahaY\u0026CXoeP=\u0026CeP=iGdha-Gix\u0026C~eP=iccJkYJ55\u0026EC~eP=\u0026FM7o=_\u0026FvMXo=_\u0026KPo~=a\u0026KPo~C2MX=\u0026LE=_\u0026LP~NP=\u0026LRE=\u0026LeP=\u0026MC=_5\u0026MLP~NP=\u0026MMvP=%7B%22MMCC%22%3A%22OS%22%2C%22MMCX%29%22%3A%22zMvz%22%2C%22MMeo%22%3A%22%22%2C%22MMMC%22%3A%22_5%22%7D\u0026MeAE=aackgJih\u0026PEClll=\u0026Pl~D=a\u0026RCX=%2AwNEDK~~Rw6O5mkD3m5KKEO~k65K~O5KwA%2F\u0026RPXY=\u0026RPXa=\u0026RPj=\u0026RPzlRe2=\u0026RoG6=\u0026XMCE=fhaa\u0026XoeP=\u0026eMeP=_\u0026htmlsrc=1\u0026je=a4caYc_5_iih_ac5_45\u0026kkdd=u%2A%7C3%7CH9n%2AA\u0026lMoR=_\u0026nF~D=7XXo%3A%2F%2FEjevQCzl%2F\u0026nP=\u0026oeP=\u0026uLeP=\u0026vYX%29oE=PlzvR\u0026zeP=CiiLa4CLsYciEskP4_sRCiYsaPka5_ChRkhJ\u0026zvRD=z2E\u0026~Em6~v=7XXo%3A%2F%2FEjevQCzl\u0026eobd=\u0026eoac=RvYbkNvbY\u0026eoch=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001751250308390015326356488263\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222249879590831904031%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026tchkpts=%7B%22prel2%22%3A1751250308848%7D\u0026stime=1751250308848\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Fglobalresultshub.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252529Gqf%253D%2526%252529Ju-%253Dgxpp%2526%25252AG2G%253D%2526%25252AHUruur-aG%253D%2526%25252AfJG4%253D%2526-u4qf%253D%2526.%252529%252529GJ%253Dp%25262E%252529%25252AG-%253DfWy2Y%25264-ji42%253D.%252529%252529G%25253A%25252F%25252F-nq2_uyW%2526Gqf%253D%2526H-%253DO%2526HY-%253D%2526Hf4%252528f%253D%2526Hqf%253D%2526JHf4%252528f%253D%2526JJ2f%253D%25257B%252522JJuu%252522%25253A%252522Zs%252522%25252C%252522JJu%252529%25252A%252522%25253A%252522yJ2y%252522%25252C%252522JJqG%252522%25253A%252522%252522%25252C%252522JJJu%252522%25253A%252522Oz%252522%25257D%2526Jq0-%253Dpp3mab7x%2526Ju%253DOz%2526LHqf%253D%2526Mf%253D%2526Mk4T%253D.%252529%252529G%25253A%25252F%25252F-nq2_uyW%25252F%2526U%252529n%253D%2526UW-44%253Dp%2526WJGY%253DO%2526YGRi%253D%2526Yf%252529E%253D%2526Yf%252529p%253D%2526Yfn%253D%2526YfyWYqU%253D%2526Yu%252529%253DFA%252528-Tc44YAiZzjmTljzcc-Z4mizc4ZzcA0%25252F%2526cfG4%253Dp%2526cfG4uUJ%252529%253D%2526f-uWWW%253D%2526htmlsrc%253D1%2526iJG-UT%253DO%2526icf%253Dm%2526k2J%252529G%253DO%2526kJ.G%253DO%2526kkdd%253D%25252A9%25257C%252521%25257CuAW%25252AH39nh%2526nq%253DpB3pE3OzO77xOp3zOBz%2526qJqf%253DO%2526u%252529Gqf%253D%2526u.UWE%253DyJnm%2526u.UWz%253DxFsgboEVm%2526u4qf%253D733bmEbzz%2526ufn%253DspxpE%2526uqf%253D7RDxpQR78%2526uu%253DZs%2526y2YT%253DyU-%2526yqf%253Du77HpBuH1E37-1mfBO1Yu7E1pfmpzOuxYmxb%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","fqdn":"globalresultshub.com","domain":"globalresultshub.com","tld":"com"},"ip":{"addr":"208.91.196.22","port":443,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"introduction_type":"scriptElement","is_inline":true,"md5":"d83f09c006189de55eeec162b1f0484e","sha1":"d75d19f4acc1a9865be04a0fe13304bca05f7a56","sha256":"d7ca052230fb7a6f86b4eae9a17c126f46d13b781315cc3ab36c1c92c2203799","sha512":"15cc381d9432d053f4e430ae5c5c99300270312610fd4065c1a105533e54d38340d9dd3ff52345c03b36711fabc48a66acc293f362ff641cf51335b270a8a0d5","ssdeep":"","tlshash":"d1c08086b05c4078bc4e5745f2717e176d200014e1135a15975c5cf58359b4350167a4","size":180,"data":"","first_seen":"2025-06-30T02:25:29.102158Z","last_seen":"2025-06-30T02:25:29.102158Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"globalresultshub.com/sr/754870121/SAFEFRAME.html?ule=754\u0026%29L2WCCWEgo=\u0026%29PMo~=\u0026%29ovo=\u00262Xj=\u00262lE~~=a\u00266KP=k\u00266MoE2D=_\u00267XXoM=a\u0026C72l5=h%2ASfJrYUk\u0026C72lY=zMjk\u0026CC=OS\u0026CPj=SahaY\u0026CXoeP=\u0026CeP=iGdha-Gix\u0026C~eP=iccJkYJ55\u0026EC~eP=\u0026FM7o=_\u0026FvMXo=_\u0026KPo~=a\u0026KPo~C2MX=\u0026LE=_\u0026LP~NP=\u0026LRE=\u0026LeP=\u0026MC=_5\u0026MLP~NP=\u0026MMvP=%7B%22MMCC%22%3A%22OS%22%2C%22MMCX%29%22%3A%22zMvz%22%2C%22MMeo%22%3A%22%22%2C%22MMMC%22%3A%22_5%22%7D\u0026MeAE=aackgJih\u0026PEClll=\u0026Pl~D=a\u0026RCX=%2AwNEDK~~Rw6O5mkD3m5KKEO~k65K~O5KwA%2F\u0026RPXY=\u0026RPXa=\u0026RPj=\u0026RPzlRe2=\u0026RoG6=\u0026XMCE=fhaa\u0026XoeP=\u0026eMeP=_\u0026htmlsrc=1\u0026je=a4caYc_5_iih_ac5_45\u0026kkdd=u%2A%7C3%7CH9n%2AA\u0026lMoR=_\u0026nF~D=7XXo%3A%2F%2FEjevQCzl%2F\u0026nP=\u0026oeP=\u0026uLeP=\u0026vYX%29oE=PlzvR\u0026zeP=CiiLa4CLsYciEskP4_sRCiYsaPka5_ChRkhJ\u0026zvRD=z2E\u0026~Em6~v=7XXo%3A%2F%2FEjevQCzl\u0026eobd=\u0026eoac=RvYbkNvbY\u0026eoch=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001751250308390015326356488263\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222249879590831904031%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026tchkpts=%7B%22prel2%22%3A1751250308848%7D\u0026stime=1751250308848\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Fglobalresultshub.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252529Gqf%253D%2526%252529Ju-%253Dgxpp%2526%25252AG2G%253D%2526%25252AHUruur-aG%253D%2526%25252AfJG4%253D%2526-u4qf%253D%2526.%252529%252529GJ%253Dp%25262E%252529%25252AG-%253DfWy2Y%25264-ji42%253D.%252529%252529G%25253A%25252F%25252F-nq2_uyW%2526Gqf%253D%2526H-%253DO%2526HY-%253D%2526Hf4%252528f%253D%2526Hqf%253D%2526JHf4%252528f%253D%2526JJ2f%253D%25257B%252522JJuu%252522%25253A%252522Zs%252522%25252C%252522JJu%252529%25252A%252522%25253A%252522yJ2y%252522%25252C%252522JJqG%252522%25253A%252522%252522%25252C%252522JJJu%252522%25253A%252522Oz%252522%25257D%2526Jq0-%253Dpp3mab7x%2526Ju%253DOz%2526LHqf%253D%2526Mf%253D%2526Mk4T%253D.%252529%252529G%25253A%25252F%25252F-nq2_uyW%25252F%2526U%252529n%253D%2526UW-44%253Dp%2526WJGY%253DO%2526YGRi%253D%2526Yf%252529E%253D%2526Yf%252529p%253D%2526Yfn%253D%2526YfyWYqU%253D%2526Yu%252529%253DFA%252528-Tc44YAiZzjmTljzcc-Z4mizc4ZzcA0%25252F%2526cfG4%253Dp%2526cfG4uUJ%252529%253D%2526f-uWWW%253D%2526htmlsrc%253D1%2526iJG-UT%253DO%2526icf%253Dm%2526k2J%252529G%253DO%2526kJ.G%253DO%2526kkdd%253D%25252A9%25257C%252521%25257CuAW%25252AH39nh%2526nq%253DpB3pE3OzO77xOp3zOBz%2526qJqf%253DO%2526u%252529Gqf%253D%2526u.UWE%253DyJnm%2526u.UWz%253DxFsgboEVm%2526u4qf%253D733bmEbzz%2526ufn%253DspxpE%2526uqf%253D7RDxpQR78%2526uu%253DZs%2526y2YT%253DyU-%2526yqf%253Du77HpBuH1E37-1mfBO1Yu7E1pfmpzOuxYmxb%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","fqdn":"globalresultshub.com","domain":"globalresultshub.com","tld":"com"},"ip":{"addr":"208.91.196.22","port":443,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"introduction_type":"scriptElement","is_inline":true,"md5":"f5e309b377d9a7e61003c0ce6e7e93a6","sha1":"b0f574e10f31020fc8576bd0915b915a99e62344","sha256":"471c45f3abfad33b59fc452d6370ce3e8364561459bfb1293eb993f02dbb7f0a","sha512":"fc6a3eb5f8b247c76bb022cb860ea7f6cec283296a75fa1e54fe1ea50064698ba17975ac749b6ab69254a3261cdae9205eb190caad521d5d52af8d6a43e18a5f","ssdeep":"","tlshash":"55a002a1e412267c566f478148a656253a72cb50f7f546d1e9fcc2300b1a0d05977724","size":66,"data":"","first_seen":"2025-05-12T10:00:07.635113Z","last_seen":"2026-06-11T20:30:50.341639Z","times_seen":439,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"evil.com/shell.txt?","fqdn":"evil.com","domain":"evil.com","tld":"com"},"ip":{"addr":"66.96.146.129","port":443,"asn":29873,"as":"BIZLAND-SD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"41b75925624ffa2a892a541ab2f860e7","sha1":"746a6cc94e7c2397009b50fbc12980b7c0043543","sha256":"151be81940adab9e832e1ddd4b593acf60b99327badc1dceac1963444b403aeb","sha512":"65cd76d1e67bf8d70acf5199532fd13de55bf27968ef32d3b5aad97709cc4fed36cf953375f37e4300411982bdc9ea1d42339292ffe4e0e5766ec2a09593377f","ssdeep":"","tlshash":"4dd0807d7cdd134139b3a014777793c1765f702f5141d4d9750ca4c05fd04457115558","size":227,"data":"","first_seen":"2025-03-04T19:54:05.841107Z","last_seen":"2026-06-07T05:03:49.632634Z","times_seen":987,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":80,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e0e0559014b222245deb26b6ae8bd940","sha1":"e2f3603e23711f6446f278a411d905623d65201e","sha256":"89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e","sha512":"60740da8f871b8263675db2421b0e565fc18e95c772f7c3d5916f224263cd71a6a2e6acceab2f6f8ba1c0607951f0198f525d87d0589fa57045b1d5f292dacf0","ssdeep":"1536:q4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:qGsKXlI2p0WPSbDrstfam","tlshash":"ba93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","size":93100,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-06-13T00:42:43.025729Z","times_seen":20932,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.searchvity.com/?dn=evil.com\u0026pid=9POL6F2H4","fqdn":"www.searchvity.com","domain":"searchvity.com","tld":"com"},"ip":{"addr":"208.91.196.46","port":80,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"introduction_type":"scriptElement","is_inline":true,"md5":"53cb2b2477e0c8c0e9bd8f53abbd93ad","sha1":"7910d74d00141260a8756b89bca70368983d67cb","sha256":"622b2c75aa61772f4ccc668634fa5ec2218435ac26183438f92f85460fb541e8","sha512":"9cb16d10b6e3b356898801b2b33eacd3bccfbbd901c924b6c77bbc78f87dc3070545f2d01d6a67771917c87665f19fe217a4ca67287bf90348fa38526fd08389","ssdeep":"192:DbsqDNTcMT/EeFKSHaLGAv1bsqDNTcMT/EeFKSHzoOVJd:DhlcOKUayAv1hlcOKUZx","tlshash":"66f108d1223448104dcd1482effd2ed236ea6e2bbcaca41e85ce464491fd27f4f529e6","size":8071,"data":"","first_seen":"2025-06-30T02:25:29.105993Z","last_seen":"2025-06-30T02:25:29.105993Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.searchvity.com/?dn=evil.com\u0026pid=9POL6F2H4","fqdn":"www.searchvity.com","domain":"searchvity.com","tld":"com"},"ip":{"addr":"208.91.196.46","port":80,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"introduction_type":"scriptElement","is_inline":true,"md5":"d1d43a2eb3400f653d4ddca7707a3bb4","sha1":"75ac1f923da94836226d952187a738a3279582cd","sha256":"237d8439802446e7d994316f63d74d51ef5a40c5ded306c586af7daba0a84161","sha512":"8c22415b6494eec68db4fecf911f4f5db28fcd9593dec1dc03fe7fb60e4c98ec1ccd8f842e73e48b36f21ca1fac518f7876cfa1774600803581d24c61e41a9a0","ssdeep":"","tlshash":"86d02bc0fabb00f6460352cdb6cfc8acb2a6f90c0c9954d1ac4e0ba0553027d7842851","size":281,"data":"","first_seen":"2025-06-30T02:25:29.108574Z","last_seen":"2025-06-30T02:25:29.108574Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"evil.com/favicon.ico","fqdn":"evil.com","domain":"evil.com","tld":"com"},"ip":{"addr":"66.96.146.129","port":80,"asn":29873,"as":"BIZLAND-SD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://evil.com/shell.txt?","date":"2025-06-30T02:25:07.686Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: evil.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://evil.com/shell.txt?\r\nCookie: request_id=677f24f5-f646-4a2d-afe6-b19d8cc2490d\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 30 Jun 2025 02:25:07 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 0\r\nConnection: keep-alive\r\nCache-Control: max-age=86400\r\nAge: 0\r\nX-Request-ID: 677f24f5-f646-4a2d-afe6-b19d8cc2490d\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T01:48:50.752837Z","times_seen":16373065,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":120,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.searchvity.com/?dn=evil.com\u0026pid=9POL6F2H4","fqdn":"www.searchvity.com","domain":"searchvity.com","tld":"com"},"ip":{"addr":"208.91.196.46","port":80,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"","requested_by":"http://evil.com/shell.txt?","date":"2025-06-30T02:25:07.697Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /?dn=evil.com\u0026pid=9POL6F2H4 HTTP/1.1\r\nHost: www.searchvity.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://evil.com/\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 30 Jun 2025 02:24:57 GMT\r\nServer: Apache\r\nReferrer-Policy: no-referrer-when-downgrade\r\nAccept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nPermissions-Policy: ch-ua-platform-version=(\"https://dts.gnpge.com\"), ch-ua-model=(\"https://dts.gnpge.com\")\r\nKeep-Alive: timeout=5, max=126\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":71845,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (62265)","md5":"c8c99b165fd902bbe870bb55fcd1085e","sha1":"bc47bc0f0eeb33b5f6f688eef671f8a60bc0bbb4","sha256":"a1d70387b2fc826ab7f254aecd5bd2cc7301edb90e6c2a35661bf424610b66bf","sha512":"f4e3a3267f5474e955741fe2e00adc1dfa6f08de9f0547ba9671303e8dac08374ac0df7086c5a321cc83ce0c790432d760591716d2016dfa124478ae2d6b1608","ssdeep":"768:KuVkiIHq9puLMnD5wQNqoKyDKU7oj7bfrVEAA74sQPjRM98VgYlwPN5QXNryKysQ:fH+VXgWXhJ8K/NAAYK+4Fl1OaED","tlshash":"ae636cc971d2787107e316e6e47f4982b2362435348dc89cb39ac9e568ec8d96232f7d","first_seen":"2025-06-30T02:25:29.094291Z","last_seen":"2025-06-30T02:25:29.094291Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1318,"timings":{"blocked":247,"dns":117,"connect":130,"send":0,"wait":553,"receive":271,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":80,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://evil.com/shell.txt?","date":"2025-06-30T02:25:07.495Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://evil.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Encoding: gzip\r\nAccess-Control-Allow-Origin: *\r\nContent-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\nCross-Origin-Resource-Policy: cross-origin\r\nCross-Origin-Opener-Policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nReport-To: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\nTiming-Allow-Origin: *\r\nContent-Length: 32954\r\nX-Content-Type-Options: nosniff\r\nServer: sffe\r\nX-XSS-Protection: 0\r\nDate: Thu, 26 Jun 2025 20:55:25 GMT\r\nExpires: Fri, 26 Jun 2026 20:55:25 GMT\r\nCache-Control: public, max-age=31536000, stale-while-revalidate=2592000\r\nAge: 278982\r\nLast-Modified: Tue, 03 Mar 2020 19:15:00 GMT\r\nContent-Type: text/javascript; charset=UTF-8\r\nVary: Accept-Encoding\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93100,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32072)","md5":"e0e0559014b222245deb26b6ae8bd940","sha1":"e2f3603e23711f6446f278a411d905623d65201e","sha256":"89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e","sha512":"60740da8f871b8263675db2421b0e565fc18e95c772f7c3d5916f224263cd71a6a2e6acceab2f6f8ba1c0607951f0198f525d87d0589fa57045b1d5f292dacf0","ssdeep":"1536:q4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:qGsKXlI2p0WPSbDrstfam","tlshash":"ba93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-06-13T00:42:43.025729Z","times_seen":20932,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":25,"dns":1,"connect":28,"send":0,"wait":32,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.searchvity.com/","fqdn":"www.searchvity.com","domain":"searchvity.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"http://evil.com/shell.txt?","date":"2025-06-30T02:25:07.668Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.searchvity.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://evil.com/\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T01:48:50.752837Z","times_seen":16373065,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"l.cdn-fileserver.com/bping.php?vgd_oresf=one\u0026vi=1751250308890153073\u0026hvsid=00001751250308390015326356488263\u0026vgd_wlstp=0\u0026vgd_asn=50304\u0026vgd_l2type=dmola\u0026crid=855642633\u0026ssld=%7B%22QQNN%22%3A%22Ia%22%2C%22QQN75%22%3A%22mQjm%22%2C%22QQ8E%22%3A%22%22%2C%22QQQN%22%3A%229A%22%7D\u0026mspa=0\u0026vgd_tsce=L911\u0026vgd_cdv=O1912\u0026wsip=170776868\u0026requrl=http%3A%2F%2Fevil.com\u0026vgd_oreqf=one\u0026lper=100\u0026vgd_cage=2\u0026cc=NO\u0026sc=03\u0026wshp=0\u0026cid=8CU91RC8E\u0026lf=6\u0026ugd=4\u0026vgd_rpth=%2Fola\u0026vgd_setup=c22\u0026prid=8PR11258V\u0026gdpr=1\u0026r=1751250308395\u0026vgd_len=523\u0026vgd_end=1","fqdn":"l.cdn-fileserver.com","domain":"cdn-fileserver.com","tld":"com"},"ip":{"addr":"172.67.181.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"http://www.searchvity.com/?dn=evil.com\u0026pid=9POL6F2H4","date":"2025-06-30T02:25:08.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn-fileserver.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Jun 2025 13:27:32 GMT","end":"Thu, 04 Sep 2025 14:26:11 GMT"},"fingerprint":{"sha1":"0D:20:73:F0:CE:2D:F7:38:5B:38:5E:D1:34:9F:E3:51:FB:7E:04:A2","sha256":"F3:85:9A:A4:AD:74:0E:22:33:A2:D1:D8:EF:0E:16:AE:5C:73:CA:F7:D3:AD:3D:6E:BC:6D:AB:93:7E:EF:96:70"}}},"request":{"raw":"GET /bping.php?vgd_oresf=one\u0026vi=1751250308890153073\u0026hvsid=00001751250308390015326356488263\u0026vgd_wlstp=0\u0026vgd_asn=50304\u0026vgd_l2type=dmola\u0026crid=855642633\u0026ssld=%7B%22QQNN%22%3A%22Ia%22%2C%22QQN75%22%3A%22mQjm%22%2C%22QQ8E%22%3A%22%22%2C%22QQQN%22%3A%229A%22%7D\u0026mspa=0\u0026vgd_tsce=L911\u0026vgd_cdv=O1912\u0026wsip=170776868\u0026requrl=http%3A%2F%2Fevil.com\u0026vgd_oreqf=one\u0026lper=100\u0026vgd_cage=2\u0026cc=NO\u0026sc=03\u0026wshp=0\u0026cid=8CU91RC8E\u0026lf=6\u0026ugd=4\u0026vgd_rpth=%2Fola\u0026vgd_setup=c22\u0026prid=8PR11258V\u0026gdpr=1\u0026r=1751250308395\u0026vgd_len=523\u0026vgd_end=1 HTTP/1.1\r\nHost: l.cdn-fileserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.searchvity.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Jun 2025 02:25:08 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\naccept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\ncache-control: max-age=0, no-cache, no-store\r\nexpires: Sun, 29 Jun 2025 02:25:08 GMT\r\npragma: no-cache\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=63072000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7xsh6brr04kJCnD0ctm3R5G93mnOdSPJb2qRguDa83rCXIipzUkqqnRUj8nVcknJj6TomyIwTu7Dx2bRM0%2F4WLTniedPTVvRE9R3ob9RXdKHQw%3D%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 957a361e0ac2569b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 87a, 1 x 1","md5":"6f1d74c7168076c7666246504a8c03f2","sha1":"00656377deb1a4393e0cf0055385b08b2b81b46c","sha256":"8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde","sha512":"e502484faa0dc2a1f23c7f715879db654f29d0af1d6f616467d3d1fc578c2d16fccaacd76c4a5ecae8451dc912323473559d29edbd322fe85b8f1e83a7cdf2f3","ssdeep":"","tlshash":"53900447f1401103d135403007075340070c5030145403050071507ddc1d7553d07410","first_seen":"2025-03-07T21:51:05.009549Z","last_seen":"2026-06-13T01:51:44.851745Z","times_seen":197147,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":28,"dns":7,"connect":1,"send":0,"wait":138,"receive":1,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"globalresultshub.com/sr/754870121/SAFEFRAME.html?ule=754\u0026%29L2WCCWEgo=\u0026%29PMo~=\u0026%29ovo=\u00262Xj=\u00262lE~~=a\u00266KP=k\u00266MoE2D=_\u00267XXoM=a\u0026C72l5=h%2ASfJrYUk\u0026C72lY=zMjk\u0026CC=OS\u0026CPj=SahaY\u0026CXoeP=\u0026CeP=iGdha-Gix\u0026C~eP=iccJkYJ55\u0026EC~eP=\u0026FM7o=_\u0026FvMXo=_\u0026KPo~=a\u0026KPo~C2MX=\u0026LE=_\u0026LP~NP=\u0026LRE=\u0026LeP=\u0026MC=_5\u0026MLP~NP=\u0026MMvP=%7B%22MMCC%22%3A%22OS%22%2C%22MMCX%29%22%3A%22zMvz%22%2C%22MMeo%22%3A%22%22%2C%22MMMC%22%3A%22_5%22%7D\u0026MeAE=aackgJih\u0026PEClll=\u0026Pl~D=a\u0026RCX=%2AwNEDK~~Rw6O5mkD3m5KKEO~k65K~O5KwA%2F\u0026RPXY=\u0026RPXa=\u0026RPj=\u0026RPzlRe2=\u0026RoG6=\u0026XMCE=fhaa\u0026XoeP=\u0026eMeP=_\u0026htmlsrc=1\u0026je=a4caYc_5_iih_ac5_45\u0026kkdd=u%2A%7C3%7CH9n%2AA\u0026lMoR=_\u0026nF~D=7XXo%3A%2F%2FEjevQCzl%2F\u0026nP=\u0026oeP=\u0026uLeP=\u0026vYX%29oE=PlzvR\u0026zeP=CiiLa4CLsYciEskP4_sRCiYsaPka5_ChRkhJ\u0026zvRD=z2E\u0026~Em6~v=7XXo%3A%2F%2FEjevQCzl\u0026eobd=\u0026eoac=RvYbkNvbY\u0026eoch=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001751250308390015326356488263\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222249879590831904031%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026tchkpts=%7B%22prel2%22%3A1751250308848%7D\u0026stime=1751250308848\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Fglobalresultshub.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252529Gqf%253D%2526%252529Ju-%253Dgxpp%2526%25252AG2G%253D%2526%25252AHUruur-aG%253D%2526%25252AfJG4%253D%2526-u4qf%253D%2526.%252529%252529GJ%253Dp%25262E%252529%25252AG-%253DfWy2Y%25264-ji42%253D.%252529%252529G%25253A%25252F%25252F-nq2_uyW%2526Gqf%253D%2526H-%253DO%2526HY-%253D%2526Hf4%252528f%253D%2526Hqf%253D%2526JHf4%252528f%253D%2526JJ2f%253D%25257B%252522JJuu%252522%25253A%252522Zs%252522%25252C%252522JJu%252529%25252A%252522%25253A%252522yJ2y%252522%25252C%252522JJqG%252522%25253A%252522%252522%25252C%252522JJJu%252522%25253A%252522Oz%252522%25257D%2526Jq0-%253Dpp3mab7x%2526Ju%253DOz%2526LHqf%253D%2526Mf%253D%2526Mk4T%253D.%252529%252529G%25253A%25252F%25252F-nq2_uyW%25252F%2526U%252529n%253D%2526UW-44%253Dp%2526WJGY%253DO%2526YGRi%253D%2526Yf%252529E%253D%2526Yf%252529p%253D%2526Yfn%253D%2526YfyWYqU%253D%2526Yu%252529%253DFA%252528-Tc44YAiZzjmTljzcc-Z4mizc4ZzcA0%25252F%2526cfG4%253Dp%2526cfG4uUJ%252529%253D%2526f-uWWW%253D%2526htmlsrc%253D1%2526iJG-UT%253DO%2526icf%253Dm%2526k2J%252529G%253DO%2526kJ.G%253DO%2526kkdd%253D%25252A9%25257C%252521%25257CuAW%25252AH39nh%2526nq%253DpB3pE3OzO77xOp3zOBz%2526qJqf%253DO%2526u%252529Gqf%253D%2526u.UWE%253DyJnm%2526u.UWz%253DxFsgboEVm%2526u4qf%253D733bmEbzz%2526ufn%253DspxpE%2526uqf%253D7RDxpQR78%2526uu%253DZs%2526y2YT%253DyU-%2526yqf%253Du77HpBuH1E37-1mfBO1Yu7E1pfmpzOuxYmxb%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","fqdn":"globalresultshub.com","domain":"globalresultshub.com","tld":"com"},"ip":{"addr":"208.91.196.22","port":443,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"","requested_by":"http://www.searchvity.com/?dn=evil.com\u0026pid=9POL6F2H4","date":"2025-06-30T02:25:08.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_256_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"globalresultshub.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Jun 2025 09:27:22 GMT","end":"Thu, 11 Sep 2025 09:27:21 GMT"},"fingerprint":{"sha1":"0C:E7:D6:83:D9:EC:CC:2C:77:D3:0D:DC:F9:CE:06:E2:B8:1B:4E:2A","sha256":"F1:82:B7:86:8F:B9:49:F5:00:F5:BF:DF:09:EA:9F:6E:EA:21:09:2D:60:58:4A:63:5A:38:37:BC:5D:D3:E8:D3"}}},"request":{"raw":"GET /sr/754870121/SAFEFRAME.html?ule=754\u0026%29L2WCCWEgo=\u0026%29PMo~=\u0026%29ovo=\u00262Xj=\u00262lE~~=a\u00266KP=k\u00266MoE2D=_\u00267XXoM=a\u0026C72l5=h%2ASfJrYUk\u0026C72lY=zMjk\u0026CC=OS\u0026CPj=SahaY\u0026CXoeP=\u0026CeP=iGdha-Gix\u0026C~eP=iccJkYJ55\u0026EC~eP=\u0026FM7o=_\u0026FvMXo=_\u0026KPo~=a\u0026KPo~C2MX=\u0026LE=_\u0026LP~NP=\u0026LRE=\u0026LeP=\u0026MC=_5\u0026MLP~NP=\u0026MMvP=%7B%22MMCC%22%3A%22OS%22%2C%22MMCX%29%22%3A%22zMvz%22%2C%22MMeo%22%3A%22%22%2C%22MMMC%22%3A%22_5%22%7D\u0026MeAE=aackgJih\u0026PEClll=\u0026Pl~D=a\u0026RCX=%2AwNEDK~~Rw6O5mkD3m5KKEO~k65K~O5KwA%2F\u0026RPXY=\u0026RPXa=\u0026RPj=\u0026RPzlRe2=\u0026RoG6=\u0026XMCE=fhaa\u0026XoeP=\u0026eMeP=_\u0026htmlsrc=1\u0026je=a4caYc_5_iih_ac5_45\u0026kkdd=u%2A%7C3%7CH9n%2AA\u0026lMoR=_\u0026nF~D=7XXo%3A%2F%2FEjevQCzl%2F\u0026nP=\u0026oeP=\u0026uLeP=\u0026vYX%29oE=PlzvR\u0026zeP=CiiLa4CLsYciEskP4_sRCiYsaPka5_ChRkhJ\u0026zvRD=z2E\u0026~Em6~v=7XXo%3A%2F%2FEjevQCzl\u0026eobd=\u0026eoac=RvYbkNvbY\u0026eoch=RvYbkNvbY\u0026ure=1 HTTP/1.1\r\nHost: globalresultshub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.searchvity.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 30 Jun 2025 02:24:59 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncache-control: no-store, max-age=0\r\ncontent-encoding: gzip\r\nx-sc-h: 21-wsj6\r\nvia: 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":473,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"d6e70abc6f2a870218ed32477412ce58","sha1":"d041705f1eb2d303fdb41498361f7492cf978ef1","sha256":"8534b368f152ac6ccbda4e90bcd54f4f7a3833117e0d99174acd7f61b725dcc1","sha512":"c70544c3814dcc3e0e724a04c8d159dc10f03a2ada21ee745900a907ca9b772c5b6d1b02c37c9f0aec32bf6db95bb3682e1148089c7b4b337e9e8c2aa285670c","ssdeep":"","tlshash":"baf05c86fc17c85cec1a17c0d8b2fd16ec108130e302dec496d8d4b9d349bc10816794","first_seen":"2025-06-30T02:25:29.097712Z","last_seen":"2025-06-30T02:25:29.097712Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1331,"timings":{"blocked":570,"dns":190,"connect":123,"send":0,"wait":189,"receive":1,"ssl":253},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"evil.com/shell.txt?","fqdn":"evil.com","domain":"evil.com","tld":"com"},"ip":{"addr":"66.96.146.129","port":443,"asn":29873,"as":"BIZLAND-SD","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-30T02:25:06.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.evil.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Jun 2025 05:00:30 GMT","end":"Mon, 01 Sep 2025 05:00:29 GMT"},"fingerprint":{"sha1":"AE:A2:C1:D1:38:F2:A5:48:9B:51:95:E8:DF:3D:5C:D1:38:06:04:59","sha256":"9C:48:7E:EB:19:47:65:B0:DB:54:73:B1:87:73:A4:DE:4E:3C:CC:5A:C4:17:DE:4D:AE:9A:7F:5A:93:9F:83:DD"}}},"request":{"raw":"GET /shell.txt? HTTP/1.1\r\nHost: evil.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 30 Jun 2025 02:25:06 GMT\r\ncontent-type: text/html\r\nset-cookie: request_id=677f24f5-f646-4a2d-afe6-b19d8cc2490d; Max-Age=3600; Path=/; HttpOnly\r\nlast-modified: Fri, 10 Jan 2020 16:05:10 GMT\r\nage: 0\r\nx-request-id: 677f24f5-f646-4a2d-afe6-b19d8cc2490d\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":867,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"51627b75044cd829ffa17961bdd92314","sha1":"1d67b6bfb031475ffc7c7fdc079f6d686c32a95c","sha256":"dc4ca971c4c7df50c5aaee10082c75563151e4cabff67b0890156b4ea90379e0","sha512":"a835b44a126cb34c11f786b43eecd36f15f2fbb4e46f94430a730125a56194d958766797375e3e9d6a29b145de44037d00a1b03476fc93755d3f0bf65567a19e","ssdeep":"","tlshash":"5311906f6dc9994414318050b6b1e299ef6520237340dae935ec15736f74589481765c","first_seen":"2023-04-05T08:56:30Z","last_seen":"2026-06-12T16:09:24.442254Z","times_seen":1373,"resource_available":true,"data":null}},"time_used":751,"timings":{"blocked":313,"dns":93,"connect":99,"send":0,"wait":124,"receive":0,"ssl":119},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"evil.com/shell.txt?","fqdn":"evil.com","domain":"evil.com","tld":"com"},"ip":{"addr":"66.96.146.129","port":80,"asn":29873,"as":"BIZLAND-SD","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-30T02:25:07.144Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /shell.txt? HTTP/1.1\r\nHost: evil.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: request_id=677f24f5-f646-4a2d-afe6-b19d8cc2490d\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Mon, 30 Jun 2025 02:25:07 GMT\r\nContent-Type: text/html\r\nContent-Length: 867\r\nConnection: keep-alive\r\nLast-Modified: Fri, 10 Jan 2020 16:05:10 GMT\r\nAccept-Ranges: bytes\r\nAge: 0\r\nX-Request-ID: 677f24f5-f646-4a2d-afe6-b19d8cc2490d\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":867,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"51627b75044cd829ffa17961bdd92314","sha1":"1d67b6bfb031475ffc7c7fdc079f6d686c32a95c","sha256":"dc4ca971c4c7df50c5aaee10082c75563151e4cabff67b0890156b4ea90379e0","sha512":"a835b44a126cb34c11f786b43eecd36f15f2fbb4e46f94430a730125a56194d958766797375e3e9d6a29b145de44037d00a1b03476fc93755d3f0bf65567a19e","ssdeep":"","tlshash":"5311906f6dc9994414318050b6b1e299ef6520237340dae935ec15736f74589481765c","first_seen":"2023-04-05T08:56:30Z","last_seen":"2026-06-12T16:09:24.442254Z","times_seen":1373,"resource_available":true,"data":null}},"time_used":322,"timings":{"blocked":101,"dns":1,"connect":103,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}