{"report_id":"a03c77b1-f1a6-4549-a1e2-7c7e9b28d796","version":6,"status":"done","tags":[],"date":"2026-03-01T14:00:04Z","url":{"schema":"http","addr":"swinowz.appwrite.network","fqdn":"swinowz.appwrite.network","domain":"swinowz.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.195.52","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"swinowz.appwrite.network/","fqdn":"swinowz.appwrite.network","domain":"swinowz.appwrite.network","tld":"appwrite.network"},"title":"PENTEST CHEATSHEET","dom":{"size":22012,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21997), with no line terminators","md5":"4f83bab24e01ef8d5271a91f4651c2d9","sha1":"ff48c4993c054d6931a826b548a8f0a68e6918e1","sha256":"ba4b6097e4c81623b6104bef4431c7939ef152053c4d20dc46f00ae8bfd83838","sha512":"97c8f4d2d05c40ea8bfa69b433c525a2eb9308cf1f3a6e55b8db13f94b2e541c3493bb55824be94496ce636a94ce698c24b9d6e19802c0eba600511af56d82f6","ssdeep":"384:XKO8QkW8pTPquBR72C48aPSqg0scXkHCAX/ACJX+dCSbd:altW8pbnBd5WgQ8bs","tlshash":"74a2a0715098ae3f02c77bdb65679f1b70ecc20bc58a12557aacc7d84bdada9c837012","dom_hash":"domhash886d51fb562118a8975fefeeedbc9585","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"swinowz.appwrite.network","fqdn":"swinowz.appwrite.network","domain":"swinowz.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.195.52","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-05T14:00:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":13}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"php webshell having some kind of input and some kind of payload. restricted to small files or big ones inclusing suspicious strings","trigger":"www.revshells.com/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Arnim Rupp","date":"2021/01/14","description":"php webshell having some kind of input and some kind of payload. restricted to small files or big ones inclusing suspicious strings","hash":"bee1b76b1455105d4bfe2f45191071cf05e83a309ae9defcf759248ca9bceddd","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","modified":"2022-08-22","rule":"webshell_php_generic"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Generic PHP webshell which uses any eval/exec function in the same line with user input","trigger":"www.revshells.com/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Arnim Rupp","date":"2021/01/07","description":"Generic PHP webshell which uses any eval/exec function in the same line with user input","hash":"90c5cc724ec9cf838e4229e5e08955eec4d7bf95","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","modified":"2021-10-29","rule":"webshell_php_generic_eval"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"PHP webshell using $a($code) for kind of eval with encoded blob to decode, e.g. b374k","trigger":"www.revshells.com/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Arnim Rupp","date":"2021/02/07","description":"PHP webshell using $a($code) for kind of eval with encoded blob to decode, e.g. b374k","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","modified":"2022-08-19","rule":"webshell_php_dynamic_big","score":"50"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Generic JSP webshell","trigger":"www.revshells.com/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Arnim Rupp","date":"2021/01/07","description":"Generic JSP webshell","hash":"ee9408eb923f2d16f606a5aaac7e16b009797a07","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","rule":"webshell_jsp_generic"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Web Shell - from files jsp-reverse.jsp, jsp-reverse.jsp, jspbd.jsp","trigger":"www.revshells.com/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2014/01/28","description":"Web Shell - from files jsp-reverse.jsp, jsp-reverse.jsp, jspbd.jsp","hash0":"8b0e6779f25a17f0ffb3df14122ba594","hash1":"ea87f0c1f0535610becadf5a98aca2fc","hash2":"7d5e9732766cf5b8edca9b7ae2b6028f","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","rule":"webshell_jsp_reverse_jsp_reverse_jspbd","score":"50","super_rule":"1"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Certutil Decode","trigger":"swinowz.appwrite.network/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2017-08-29","description":"Certutil Decode","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","reference":"Internal Research","rule":"Certutil_Decode_OR_Download","score":"40"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Detects password dumper mimikatz in memory (False Positives: an service that could have copied a Mimikatz executable, AV signatures)","trigger":"swinowz.appwrite.network/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth","date":"2014-12-22","description":"Detects password dumper mimikatz in memory (False Positives: an service that could have copied a Mimikatz executable, AV signatures)","modified":"2023-02-10","nodeepdive":"1","rule":"Mimikatz_Memory_Rule_1","score":"70"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Detects a set of reconnaissance commands on Windows systems","trigger":"swinowz.appwrite.network/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2017-07-10","description":"Detects a set of reconnaissance commands on Windows systems","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","reference":"https://goo.gl/MSJCxP","rule":"Recon_Commands_Windows_Gen1","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Generic PHP webshell which uses any eval/exec function in the same line with user input","trigger":"swinowz.appwrite.network/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Arnim Rupp","date":"2021/01/07","description":"Generic PHP webshell which uses any eval/exec function in the same line with user input","hash":"90c5cc724ec9cf838e4229e5e08955eec4d7bf95","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","modified":"2021-10-29","rule":"webshell_php_generic_eval"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-01","alert":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","trigger":"swinowz.appwrite.network/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"iam-py-test","date":"2022-11-19","description":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","false_positives":"Files modifying Defender for legitimate purposes, files containing registry keys related to Defender (i.e. diagnostic tools)","rule":"Disable_Defender","yarahub_author_twitter":"@iam_py_test","yarahub_license":"CC0 1.0","yarahub_reference_md5":"799a7f1507e5e7328081a038987e9a6f","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"1fcd3702-cf5b-47b4-919d-6372c5412151"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-01","alert":"Detects Generic ShellScript Downloader","trigger":"swinowz.appwrite.network/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"NDA0E","date":"2024-07-14","description":"Detects Generic ShellScript Downloader","rule":"ShellScript_Downloader","yarahub_license":"CC0 1.0","yarahub_reference_md5":"95cde598a6595a248fdf56d674a5dc79","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"a41413f4-bbec-4952-8010-57d0e869dbf7"}},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"swinowz.appwrite.network","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"swinowz.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"swinowz.appwrite.network","ip":{"addr":"151.101.3.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2022-06-28","domain_rank":0,"first_seen":"2026-03-01T04:38:56.968033Z","last_seen":"2026-03-01T04:38:56.968033Z","alert_count":10,"request_count":2,"received_data":166334,"sent_data":948,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.revshells.com","ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2021-03-09","domain_rank":0,"first_seen":"2021-03-12T04:13:48Z","last_seen":"2026-03-01T12:12:36.421974Z","alert_count":0,"request_count":15,"received_data":520046,"sent_data":6688,"comment":"","tags":null,"fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-22T22:18:02.864626Z","alert_count":0,"request_count":2,"received_data":10295,"sent_data":995,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-22T22:14:59.650342Z","alert_count":0,"request_count":5,"received_data":95715,"sent_data":2724,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.revshells.com/index.f655dc8a.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c0407db54dd341e91769ffd90cda9a3","sha1":"d75bfb263ac50d0b00cd32dad82416c20e15dcbc","sha256":"f5be06ac243729fe35051f1443fb147c6c401ae5698749b29aa8baef97628e31","sha512":"4611ffb33d6fcca4430bcf25938c7a13b562d1ea9133cd718f17219561ff60fd57309eb27aef4cb9ef220d25bbcb61cc5b5f6e50f4f5b7a5b92933932d81c1dd","ssdeep":"1536:+BLi6aFGnw+v6Xc4bx60BWNvGtpAMCftnHzOvZWuCaDREqUazm9BZ08O+m+HgE4O:NmftnHzOvZWc+13OZkF","tlshash":"a9631addb2c6b06357ab707a00bf510bf2361899680d4410f159e8e9bc79e4a923bf7d","size":72312,"data":"","first_seen":"2025-08-02T11:04:14.20838Z","last_seen":"2026-03-17T17:33:12.612278Z","times_seen":517,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.588c7c4b.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"5adf8be2cf07260f025a9dd5b996ace7","sha1":"1c93a8be8d4536e970134673be2e1bf2cf4a0671","sha256":"685a3bbeddccbdc6fb3e92a39f02db7c25f535c1740289f96063285780e79e83","sha512":"cddaf16c7bde5f639013bc941f3f31fa46e780df4e7b0afbfbb57424452580cfd677ea8307a82992621eb38c61311572d520a54bfa80d0ca92e85bac916f4ae0","ssdeep":"384:mhijFaIv+kGKeBPhBkbs+LOsP03DQy6i6Bw2x2FvBYmB0YuMvR6HOsxEjxcwrJZx:LBzeBPhks+KIlc6q2x2FvBYm3uMvR6Hk","tlshash":"f692958c3684b0654797a267a07f8a0e72379914710e9400f29ce6e97c35efa61bfc7d","size":20785,"data":"","first_seen":"2025-08-02T11:04:14.202597Z","last_seen":"2026-03-17T17:33:12.594796Z","times_seen":517,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.f7a7f8c8.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"386e616bcfd098d883c1ed08e13712d0","sha1":"81bb55ef44c220db09a182b032ba28278ce60905","sha256":"751831fdb1a6af18e8525408fb7882ea3eea6c4a59af0247fe1a190cfa6f8170","sha512":"57773dd29d631b3312aa952acd16d13a30d3a3a6cdd0a501014beb91096586ec013ed1d94a3f3f772de1e765229fa0cd4d60f013d94f04f1086e5c7c4f7734d6","ssdeep":"768:wfyno1/IuHV10IE8rg76TOC48nbe1R6viTllv3zA76JV76Px23HHCGcv:wfCoVo+CU6JEx2tcv","tlshash":"db43954a7254b87206df747a817b060bb7367c99a40a816cb86998dd1f7cd483277f3c","size":59785,"data":"","first_seen":"2023-12-01T08:05:45Z","last_seen":"2026-03-17T17:33:12.595424Z","times_seen":542,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.048f21d5.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"959eb8cb85e355a086cc3e36dd64a42c","sha1":"1e38d252892f0c341e655205a0b62c0cd18af6e4","sha256":"75c61d7390fd78982f60b741d4963f0fff4db39bd69588d914c38a2ee1db14d1","sha512":"5b490c03b17d3818d734996010c0d8cc6a0fa81705d6b057c97727c3c8a7aa42882e3cd4051dfed320a11e0d8ff7f94b2886533ef1264b0bc1c62e4ac3f5bc55","ssdeep":"","tlshash":"9af09ea4a0f6c53a5e5a0099372441a4f19e0b087c4edbc5d1ac9c0e7619c1bc94bfa5","size":647,"data":"","first_seen":"2025-08-02T11:04:14.223509Z","last_seen":"2026-04-04T14:30:31.014351Z","times_seen":605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.eb7e4c77.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"0503b7ab98739070de1c2774dab9aab3","sha1":"4cb7d053d42fda04fff24487da5159fab672253e","sha256":"a29439728bb25f472b19d6522eb1f0877daee492f8e6df72809c9879c5db3903","sha512":"6ee00e557a96fb3657bf033edb318e57e711606fd7ba0f34bbb1e060c265b719c6df66b36ae71c1e6fb24a7f394b2d16233cbc0d9843773d313ec696b91c3764","ssdeep":"1536:1430bD5o5a+SmhVDTokwZeLuFJd7sP8kFA/VvqeQgbnitxoaxNqcVp9mWP/O5BPO:N8SmDvokMoMT75kxoyNpTNgK07E","tlshash":"c1c3198a9e2f3d49fb1036033cde59e7006ca78f2c625dcd520fe78685d9a1e51e11ae","size":127581,"data":"","first_seen":"2025-08-02T11:04:14.19298Z","last_seen":"2026-03-17T17:33:12.599265Z","times_seen":517,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"Function","is_inline":false,"md5":"eca15ae3f636c627eddd57bc49a7db1c","sha1":"44a4fb7d2e65157cb24a0acb283f3e0a94758b27","sha256":"0a51aaba8109845be4c1fee2ae366d6ae52845bbc9dca980b33c7e313478fc0d","sha512":"a1158d027faf09a2b538580585c8ad55225285c9b6a3e48848c86145950b2ebddba6b51ab4deaad7dc97351b2ccde718c55c8ecbb0a2f1946cf2adfde24c4a79","ssdeep":"1536:RE8dcC2CaP1CxJvuU2xe4U+nY1a4PEpNR/8DUjk15BGsg:PdcCqM7uU2xe4H4I78DAk15BGsg","tlshash":"d893e52ac86d3d360f06a17d5feed19121a631470a223c417f9cda0cdf9892e85b5bf9","size":95982,"data":"","first_seen":"2025-08-02T11:04:14.239981Z","last_seen":"2026-03-17T17:33:12.613799Z","times_seen":517,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"php webshell having some kind of input and some kind of payload. restricted to small files or big ones inclusing suspicious strings","trigger":"www.revshells.com/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Arnim Rupp","date":"2021/01/14","description":"php webshell having some kind of input and some kind of payload. restricted to small files or big ones inclusing suspicious strings","hash":"bee1b76b1455105d4bfe2f45191071cf05e83a309ae9defcf759248ca9bceddd","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","modified":"2022-08-22","rule":"webshell_php_generic"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Generic PHP webshell which uses any eval/exec function in the same line with user input","trigger":"www.revshells.com/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Arnim Rupp","date":"2021/01/07","description":"Generic PHP webshell which uses any eval/exec function in the same line with user input","hash":"90c5cc724ec9cf838e4229e5e08955eec4d7bf95","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","modified":"2021-10-29","rule":"webshell_php_generic_eval"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"PHP webshell using $a($code) for kind of eval with encoded blob to decode, e.g. b374k","trigger":"www.revshells.com/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Arnim Rupp","date":"2021/02/07","description":"PHP webshell using $a($code) for kind of eval with encoded blob to decode, e.g. b374k","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","modified":"2022-08-19","rule":"webshell_php_dynamic_big","score":"50"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Generic JSP webshell","trigger":"www.revshells.com/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Arnim Rupp","date":"2021/01/07","description":"Generic JSP webshell","hash":"ee9408eb923f2d16f606a5aaac7e16b009797a07","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","rule":"webshell_jsp_generic"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Web Shell - from files jsp-reverse.jsp, jsp-reverse.jsp, jspbd.jsp","trigger":"www.revshells.com/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2014/01/28","description":"Web Shell - from files jsp-reverse.jsp, jsp-reverse.jsp, jspbd.jsp","hash0":"8b0e6779f25a17f0ffb3df14122ba594","hash1":"ea87f0c1f0535610becadf5a98aca2fc","hash2":"7d5e9732766cf5b8edca9b7ae2b6028f","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","rule":"webshell_jsp_reverse_jsp_reverse_jspbd","score":"50","super_rule":"1"}}],"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.5c42474f.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"30f13731a63d89f123f05727a4e0d12e","sha1":"602a3198cd4b1ed54d17168d4b604738dd8cdb2a","sha256":"9cfd1d706b5954385f5ed2546957313b89a7fe1b2410d581d412b87b264eb35f","sha512":"331f1ea093e5596376ca85cb43d3eee28fd0a485d10d86dae70aee1cf12db491d59607089d0cc079f7906edbd0ab77ff0f5c4c1801b564da76796eca21b46c74","ssdeep":"192:0ba3HA5M1KNA7Lsy3NAUY82pRuWzO+Zxde8CdPT8B9MC8bBN7NhNH3WLI/n7hoyS:N3A5M1d7bNAUY8UzPxde8CdPT8Ban7AH","tlshash":"b342936817bd463b01ae82f731a8a3d8a8b51b5cb85c444b173cfd4c6426c925177fbb","size":12184,"data":"","first_seen":"2025-08-02T11:04:14.211063Z","last_seen":"2026-03-17T17:33:12.600875Z","times_seen":517,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"swinowz.appwrite.network/","fqdn":"swinowz.appwrite.network","domain":"swinowz.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.3.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"dbd7394f306a19486763e61200e73a16","sha1":"fb74e11e2cd1d901bb0faf11ef3bbcf932fc4bbc","sha256":"848154a3cf54c1434667950a9d58a254350f4f39f84401e193f9e73a1e38d35e","sha512":"40e45abb30e15b8761e6dd30bfabbc373ffd6de93cb75adad7fafff1ee7928d7a94c9f5a378570728827767283713c235ed8f677eee80aea0914cf839bf6fac8","ssdeep":"384:hpFz8CR8WeWrNMaA1pLrOSDTpfcexuMIJ0N6Ef3EE4wowUUJ47ETrDc58ire8FJl:ZzJ8LWrAOSRceE5ucyJ47ypi/1SQqSsc","tlshash":"8ce2b56731ba353245b731fb619bd794fa3910023442d1643a3c86482fe0da9e6b7dee","size":31449,"data":"","first_seen":"2026-03-01T13:36:10.869584Z","last_seen":"2026-03-01T14:00:06.850326Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.d907005d.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"b240266d539cdcd0f9625d5eebc84e21","sha1":"417f5586c3beb29bd9e87ad85efe2ad725a95927","sha256":"45e781b962c73982347f494f0fa9d887734ad9744650bb45485c067313b73a6f","sha512":"51696c43f98d1e8a45cdc870ec49fe190f4bb3775f36ce2baa24a23a742848113de5579a388261d798fac947314fff4f01dbcec2d5137eaedd7840922ae6cdc2","ssdeep":"384:3/v6fFQEXbUUFebYKzRFxV5m+WhKMpHFP2XV6qWUH2Z5sx2JSD+bNCKi:HmAUFekGRtOT56e4xEcL","tlshash":"6592e9c975a0b0a207e331f0809f590bf3baa539648d84a0f650e8e56c7950e9737f6d","size":20667,"data":"","first_seen":"2025-08-02T11:04:14.23699Z","last_seen":"2026-03-17T17:33:12.598031Z","times_seen":517,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.0696c4c0.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"2bc4a07ec97a4bc91c38a5bc4fa49fc2","sha1":"8612dd45ed69e37d0c70ac42833a356c2f61c23d","sha256":"79eaf326d5bf63ca5cb85d9eca662c7960875657d9ceffb76558d9eb93bba574","sha512":"04a585d4793ae68e866538687a7ba7234bcd4ac0b95aaa840190030e96fb1959c34d0479a65fa3352ea9df138e0252b090c5e5cf986406e584d6b835fbd432a5","ssdeep":"","tlshash":"2ff0463d2a014731c88f62fb188ea948af357390a3258418e10cbc885858d4d27b2f93","size":580,"data":"","first_seen":"2025-08-02T11:04:14.218296Z","last_seen":"2026-03-17T17:33:12.600421Z","times_seen":517,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"swinowz.appwrite.network/","fqdn":"swinowz.appwrite.network","domain":"swinowz.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.3.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-01T13:59:41.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Thu, 19 Feb 2026 09:02:04 GMT","end":"Sat, 21 Mar 2026 09:02:03 GMT"},"fingerprint":{"sha1":"BB:42:D6:8B:D9:B6:35:70:93:EB:1F:D3:7B:BD:55:20:7D:A8:6E:DC","sha256":"82:78:87:06:82:45:9B:50:3E:FA:94:CE:8A:0E:B3:8E:17:77:0D:A9:9D:C5:2E:4D:14:74:80:A8:5B:21:E3:DD"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: swinowz.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"d9babb8900b8f8ebf79b84723acec57c\"\r\nserver: Edge\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69a3bf1f00280a428db9\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.20584201812744\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: miss\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410023-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-appwrite-edge-server: 0bBHNYBByXcKOErbUf2l16--F_fra1\r\ncontent-length: 164771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":164771,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1175)","md5":"d9babb8900b8f8ebf79b84723acec57c","sha1":"6c07d4dd2d53d815ac74ada03ea4263152468cdc","sha256":"7ec818af8620153967890b56df290c2b3021768ae37bd0c6a015d0497f27d1ff","sha512":"503e8721e37b17bde62ae75ca372fe272599957a879498b14ab14b7821ba72d14ffab77cc7635bb64970d8ef1276f6d7d09a3d37157bc934cc10b95699b7a7c4","ssdeep":"1536:f/ZNLpbJlLb3/89zZuq+wBCnnnRcbwfVj6NOVnr0/TSEcb74XA970FS8LQe0pO:zb7wUnnRlN+NO8vcb7R970FS004","tlshash":"3ef3c67530b4b1b280e382f7b19b17abb9b9e406e54752107afc83c44fd6da5da1390b","first_seen":"2026-03-01T14:00:06.799454Z","last_seen":"2026-03-01T14:00:06.799454Z","times_seen":1,"resource_available":true,"data":null}},"time_used":486,"timings":{"blocked":38,"dns":1,"connect":13,"send":0,"wait":376,"receive":34,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Certutil Decode","trigger":"swinowz.appwrite.network/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2017-08-29","description":"Certutil Decode","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","reference":"Internal Research","rule":"Certutil_Decode_OR_Download","score":"40"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Detects password dumper mimikatz in memory (False Positives: an service that could have copied a Mimikatz executable, AV signatures)","trigger":"swinowz.appwrite.network/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth","date":"2014-12-22","description":"Detects password dumper mimikatz in memory (False Positives: an service that could have copied a Mimikatz executable, AV signatures)","modified":"2023-02-10","nodeepdive":"1","rule":"Mimikatz_Memory_Rule_1","score":"70"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Detects a set of reconnaissance commands on Windows systems","trigger":"swinowz.appwrite.network/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2017-07-10","description":"Detects a set of reconnaissance commands on Windows systems","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","reference":"https://goo.gl/MSJCxP","rule":"Recon_Commands_Windows_Gen1","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-01","alert":"Generic PHP webshell which uses any eval/exec function in the same line with user input","trigger":"swinowz.appwrite.network/","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Arnim Rupp","date":"2021/01/07","description":"Generic PHP webshell which uses any eval/exec function in the same line with user input","hash":"90c5cc724ec9cf838e4229e5e08955eec4d7bf95","license":"Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE","modified":"2021-10-29","rule":"webshell_php_generic_eval"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-01","alert":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","trigger":"swinowz.appwrite.network/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"iam-py-test","date":"2022-11-19","description":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","false_positives":"Files modifying Defender for legitimate purposes, files containing registry keys related to Defender (i.e. diagnostic tools)","rule":"Disable_Defender","yarahub_author_twitter":"@iam_py_test","yarahub_license":"CC0 1.0","yarahub_reference_md5":"799a7f1507e5e7328081a038987e9a6f","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"1fcd3702-cf5b-47b4-919d-6372c5412151"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-01","alert":"Detects Generic ShellScript Downloader","trigger":"swinowz.appwrite.network/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"NDA0E","date":"2024-07-14","description":"Detects Generic ShellScript Downloader","rule":"ShellScript_Downloader","yarahub_license":"CC0 1.0","yarahub_reference_md5":"95cde598a6595a248fdf56d674a5dc79","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"a41413f4-bbec-4952-8010-57d0e869dbf7"}},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"swinowz.appwrite.network","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"swinowz.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.f655dc8a.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /index.f655dc8a.js HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 11725\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"68ec8e8899804bb110224866f8733ac3-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJMV593HQ4Q8RV3CXE63MECA\r\ncontent-length: 24348\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":72312,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65243)","md5":"5c0407db54dd341e91769ffd90cda9a3","sha1":"d75bfb263ac50d0b00cd32dad82416c20e15dcbc","sha256":"f5be06ac243729fe35051f1443fb147c6c401ae5698749b29aa8baef97628e31","sha512":"4611ffb33d6fcca4430bcf25938c7a13b562d1ea9133cd718f17219561ff60fd57309eb27aef4cb9ef220d25bbcb61cc5b5f6e50f4f5b7a5b92933932d81c1dd","ssdeep":"1536:+BLi6aFGnw+v6Xc4bx60BWNvGtpAMCftnHzOvZWuCaDREqUazm9BZ08O+m+HgE4O:NmftnHzOvZWc+13OZkF","tlshash":"a9631addb2c6b06357ab707a00bf510bf2361899680d4410f159e8e9bc79e4a923bf7d","first_seen":"2025-08-02T11:04:14.20838Z","last_seen":"2026-03-17T17:33:12.612278Z","times_seen":517,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.0696c4c0.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /index.0696c4c0.js HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28861\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"a99767f340cbaf8f35323ee9b5e89341-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KJMV594622AKKH8SGS3YNE51\r\ncontent-length: 580\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":580,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (580), with no line terminators","md5":"2bc4a07ec97a4bc91c38a5bc4fa49fc2","sha1":"8612dd45ed69e37d0c70ac42833a356c2f61c23d","sha256":"79eaf326d5bf63ca5cb85d9eca662c7960875657d9ceffb76558d9eb93bba574","sha512":"04a585d4793ae68e866538687a7ba7234bcd4ac0b95aaa840190030e96fb1959c34d0479a65fa3352ea9df138e0252b090c5e5cf986406e584d6b835fbd432a5","ssdeep":"","tlshash":"2ff0463d2a014731c88f62fb188ea948af357390a3258418e10cbc885858d4d27b2f93","first_seen":"2025-08-02T11:04:14.218296Z","last_seen":"2026-03-17T17:33:12.600421Z","times_seen":517,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"swinowz.appwrite.network/favicon.ico","fqdn":"swinowz.appwrite.network","domain":"swinowz.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.3.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://swinowz.appwrite.network/","date":"2026-03-01T13:59:42.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Thu, 19 Feb 2026 09:02:04 GMT","end":"Sat, 21 Mar 2026 09:02:03 GMT"},"fingerprint":{"sha1":"BB:42:D6:8B:D9:B6:35:70:93:EB:1F:D3:7B:BD:55:20:7D:A8:6E:DC","sha256":"82:78:87:06:82:45:9B:50:3E:FA:94:CE:8A:0E:B3:8E:17:77:0D:A9:9D:C5:2E:4D:14:74:80:A8:5B:21:E3:DD"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: swinowz.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://swinowz.appwrite.network/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate\r\ncontent-type: application/json; charset=UTF-8\r\nexpires: 0\r\npragma: no-cache\r\nserver: Edge\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69a3bf1f00280a428db9\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.13355398178101\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 01 Mar 2026 13:59:43 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410023-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-appwrite-edge-server: 0bBHNYBByXcKOErbUf2l16--F_fra1\r\ncontent-length: 117\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":117,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"4bc1177a73cdfd3c24bf6eb5d369f55f","sha1":"7ee41c45c21a414ebc21c43f8cd4d4acdab2b707","sha256":"0ed54a53a88b9ac176defb595255f3c35079cbdebc5f4b12aff80decb83d8388","sha512":"144d659e04cfa65c1b63ce531739d2e3c96b66207844731bd8fb81ed0180a5b7a4bb7d491521f3099b1bf02fe8f47fa31a7c78fe4614e5f7db06fe722b8a1495","ssdeep":"","tlshash":"cbb012590144bc3caf733bed3cd599d2c6944285cf603c060f6dc075d31661520a235c","first_seen":"2026-02-27T13:57:39.476234Z","last_seen":"2026-03-01T21:07:17.078154Z","times_seen":135,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"swinowz.appwrite.network","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"swinowz.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:43.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Lato:ital,wght@0,400;0,700;1,400\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 01 Mar 2026 13:59:43 GMT\r\ndate: Sun, 01 Mar 2026 13:59:43 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2467,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2e0d135a4bce6b263b3aab1b52c6a77b","sha1":"50d9a660e8f7e9747086732896fd15470263fac1","sha256":"ceeadb12624a51f3306cffc92298cf6e5c6e58b847471af4537cfd8b890afc21","sha512":"9d49653c85f27f120de2d3de1fb45f1863a03b36e9443863afdea415c4e756c129f691bf29d6e01e99fdcc6ea3bbcd6a651c6fcab8eb83066e5dc20001629923","ssdeep":"","tlshash":"2751bc9208aba508db870dc212de7e32ff1f625064599935affe14c8bc97c699361b0d","first_seen":"2025-09-17T01:46:04.551165Z","last_seen":"2026-04-04T14:35:05.419773Z","times_seen":2545,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:43.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.revshells.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 09:06:23 GMT\r\nexpires: Thu, 25 Feb 2027 09:06:23 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 17:09:41 GMT\r\ncontent-type: font/woff2\r\nage: 363200\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23580, version 1.0","md5":"e1b3b5908c9cf23dfb2b9c52b9a023ab","sha1":"fcd4136085f2a03481d9958cc6793a5ed98e714c","sha256":"918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537","sha512":"b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828","ssdeep":"384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK","tlshash":"91b2e1ce5d546e3a8028213785c17b488273572e9edf42c6dd83a6263a7092cfd3d96e","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-04-04T14:50:24.924305Z","times_seen":184036,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/rajdhani/v17/LDI2apCSOBg7S-QT7pa8FvOreec.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://swinowz.appwrite.network/","date":"2026-03-01T13:59:42.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/rajdhani/v17/LDI2apCSOBg7S-QT7pa8FvOreec.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://swinowz.appwrite.network\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15688\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 20:16:39 GMT\r\nexpires: Wed, 24 Feb 2027 20:16:39 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 16 Sep 2025 03:40:35 GMT\r\ncontent-type: font/woff2\r\nage: 409383\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15688,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15688, version 1.0","md5":"d5448938a162ccb434b09f4572c0191f","sha1":"be9eae3d1d9f4fbd2208e0fd3c871b17b65b6516","sha256":"5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f","sha512":"df0245084768642738387f7a0daa11c4bd0109617c4120bfd88083c30d686ee2bd327e426ce0d9ee1f50839c5e2890f8a2a2d7acce3705fe8fa324fe623ad942","ssdeep":"384:Bktl5HsgImpL/2gZDAMAyNWE3pZrsjyb2mf+X:Bkl5MgDpT2g5AMtswpZZ2mf+X","tlshash":"7962c046a5a6b998f4d4ecfb0086542c19bb5ca11c6230f3c719356f5bd3e75cee4540","first_seen":"2023-04-14T01:29:53Z","last_seen":"2026-04-04T13:28:43.269459Z","times_seen":3441,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":62,"dns":1,"connect":21,"send":0,"wait":12,"receive":5,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://swinowz.appwrite.network/","date":"2026-03-01T13:59:42.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://swinowz.appwrite.network/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 20174\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"853693cafb0002576255d4d52dd7809b-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJMV58YP3JN6H53FNZ19VD8T\r\ncontent-length: 2946\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13533,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (13518), with no line terminators","md5":"7fa8fe75ea9d016a84c1568993907c6c","sha1":"a2af366bd02a14513b1deea7f6fd492368150609","sha256":"78f36e2bc44c4390f055eb110a7aa0b610fbd8e44a718c92ce41372efe6e83f3","sha512":"4ce7104c670d8bb47c502ab3102b856a9f6fb5e03b788ad76c3945b1ea0a1fd9fc7cb4690e00e7eb658760cf4e05f8df933e39479258522dd7fe5087bb9b7727","ssdeep":"384:Lb3AdZWCpTY4sd2C48aPnFmscVqtCAVnOCJVULCST/:LrkWCpE/5UAgZO","tlshash":"1d5287325520cd3b02839bd9e6b17b0ab299c34aca9b120973f4c7c59fd3ca9dc57156","first_seen":"2025-08-02T11:04:14.199762Z","last_seen":"2026-03-17T17:33:12.597313Z","times_seen":517,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.b2423a41.css","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /index.b2423a41.css HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 11725\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"1a3bcbc2f410a5c3085cc1e8b3edfa90-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJMV593GF1KY9KNQHZG06YPS\r\ncontent-length: 22032\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":162501,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65086)","md5":"fe8f3a12e6b28b63a2da66f0355164b9","sha1":"023f3ec4a0c1154652c4c4be64c1e2fd0de6822d","sha256":"3a28fa7cd8fa99ae8a6d79469119393dd003313ec6f2f7eccc815f0edf7584a0","sha512":"7301d66219ff1d0e5da2618c582c6b689998e06ff30fc9f1eb8d5122b66f5f6209bc270aa9d3aa4e0f07c0b61ad1af779000ec88605885616ac78ec617df8309","ssdeep":"1536:iSVSfM+U4AvnRQ0ESi80Nc2JEYDYX2+J5q3SYiLENM6HN26NlR:JVdXP3q3SYiLENM6HN26V","tlshash":"f6f385a6f6a0311de497c61964d0bafa152f8245d7224ffbf827376487892db0a73d0c","first_seen":"2025-08-02T11:04:14.234317Z","last_seen":"2026-04-04T14:35:05.422187Z","times_seen":540,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.d907005d.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /index.d907005d.js HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 11725\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"3b69a2a82de23f909514db68185d7ed0-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJMV593N446CFJE66AMD0XAA\r\ncontent-length: 7008\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20667,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (20667), with no line terminators","md5":"b240266d539cdcd0f9625d5eebc84e21","sha1":"417f5586c3beb29bd9e87ad85efe2ad725a95927","sha256":"45e781b962c73982347f494f0fa9d887734ad9744650bb45485c067313b73a6f","sha512":"51696c43f98d1e8a45cdc870ec49fe190f4bb3775f36ce2baa24a23a742848113de5579a388261d798fac947314fff4f01dbcec2d5137eaedd7840922ae6cdc2","ssdeep":"384:3/v6fFQEXbUUFebYKzRFxV5m+WhKMpHFP2XV6qWUH2Z5sx2JSD+bNCKi:HmAUFekGRtOT56e4xEcL","tlshash":"6592e9c975a0b0a207e331f0809f590bf3baa539648d84a0f650e8e56c7950e9737f6d","first_seen":"2025-08-02T11:04:14.23699Z","last_seen":"2026-03-17T17:33:12.598031Z","times_seen":517,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://swinowz.appwrite.network/","date":"2026-03-01T13:59:42.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://swinowz.appwrite.network/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 20174\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"853693cafb0002576255d4d52dd7809b-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJMV58SS6N9H73GA7ESRW5B4\r\ncontent-length: 2946\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13533,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (13518), with no line terminators","md5":"7fa8fe75ea9d016a84c1568993907c6c","sha1":"a2af366bd02a14513b1deea7f6fd492368150609","sha256":"78f36e2bc44c4390f055eb110a7aa0b610fbd8e44a718c92ce41372efe6e83f3","sha512":"4ce7104c670d8bb47c502ab3102b856a9f6fb5e03b788ad76c3945b1ea0a1fd9fc7cb4690e00e7eb658760cf4e05f8df933e39479258522dd7fe5087bb9b7727","ssdeep":"384:Lb3AdZWCpTY4sd2C48aPnFmscVqtCAVnOCJVULCST/:LrkWCpE/5UAgZO","tlshash":"1d5287325520cd3b02839bd9e6b17b0ab299c34aca9b120973f4c7c59fd3ca9dc57156","first_seen":"2025-08-02T11:04:14.199762Z","last_seen":"2026-03-17T17:33:12.597313Z","times_seen":517,"resource_available":true,"data":null}},"time_used":244,"timings":{"blocked":108,"dns":54,"connect":23,"send":0,"wait":24,"receive":1,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sharetechmono/v16/J7aHnp1uDWRBEqV98dVQztYldFcLowEF.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://swinowz.appwrite.network/","date":"2026-03-01T13:59:42.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/sharetechmono/v16/J7aHnp1uDWRBEqV98dVQztYldFcLowEF.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://swinowz.appwrite.network\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 13500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 20:02:12 GMT\r\nexpires: Wed, 24 Feb 2027 20:02:12 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 16:38:52 GMT\r\ncontent-type: font/woff2\r\nage: 410250\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13500,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13500, version 1.0","md5":"65d3eea7a186c2ff5f3ed8bf89642ea6","sha1":"ea30f8dd250111e82e53180de8ad09b6f23320c6","sha256":"41e6b9f297f7d9a2df2aaa274092f76d2f72711a15ca455f7f4f4f92caf16b72","sha512":"19ce13e7d94cfd2e9a56e128c29761d853adef646954014f2dea54bf6b8518143ed4404a9cdbd4c25d3fc04fec98520adc42d3bd357840db0b6cb2fa3c031c94","ssdeep":"384:JTOTPyx11kthS/no9Xuf8F+0pxVTS385wlKEC5FU:JTdxHchYo5uf0oM5wYp5FU","tlshash":"8b52c081d7ce258bf9b505dc14a1187c4ab3642864b75fe49881c540b1fbf2da9cec55","first_seen":"2023-05-08T12:42:22Z","last_seen":"2026-04-04T14:30:31.025456Z","times_seen":1223,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":63,"dns":1,"connect":8,"send":0,"wait":11,"receive":3,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/rajdhani/v17/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://swinowz.appwrite.network/","date":"2026-03-01T13:59:42.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/rajdhani/v17/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://swinowz.appwrite.network\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15732\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 18:46:04 GMT\r\nexpires: Thu, 25 Feb 2027 18:46:04 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 16 Sep 2025 03:40:27 GMT\r\ncontent-type: font/woff2\r\nage: 328418\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15732,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15732, version 1.0","md5":"ad9c55ecf03998391f7149c29543452a","sha1":"dcd4cf87ae721dd01a6ee29be033c7d70f9c198d","sha256":"433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601","sha512":"4ba4dd00ea6cfdc3510f0a8b20427e095661bc253ef17533618373ec361af2fe5b1d912e02369a2a33c523dae7068aa0d56a2a233413f1041a029c4cbdeee27f","ssdeep":"384:Fjf7x9pcxpE5/f4Px/hIzqNLXpivowtuhkDRKn24IJEE:pf3peE9qDIzmWowqkFC249E","tlshash":"7262d06ec41ec5c2e414e175d753f4684a679b392c042144a2ed9f93cf7a0b0fea81f2","first_seen":"2023-04-11T11:42:32Z","last_seen":"2026-04-04T13:28:43.32067Z","times_seen":2560,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":138,"dns":1,"connect":8,"send":0,"wait":9,"receive":1,"ssl":126},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.f7a7f8c8.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /index.f7a7f8c8.js HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 11725\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"e93fa4ce6605f5c41d911d9cc737de6d-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJMV593M5CJ2VJHVKN0F2VRS\r\ncontent-length: 14167\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59785,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (59548)","md5":"386e616bcfd098d883c1ed08e13712d0","sha1":"81bb55ef44c220db09a182b032ba28278ce60905","sha256":"751831fdb1a6af18e8525408fb7882ea3eea6c4a59af0247fe1a190cfa6f8170","sha512":"57773dd29d631b3312aa952acd16d13a30d3a3a6cdd0a501014beb91096586ec013ed1d94a3f3f772de1e765229fa0cd4d60f013d94f04f1086e5c7c4f7734d6","ssdeep":"768:wfyno1/IuHV10IE8rg76TOC48nbe1R6viTllv3zA76JV76Px23HHCGcv:wfCoVo+CU6JEx2tcv","tlshash":"db43954a7254b87206df747a817b060bb7367c99a40a816cb86998dd1f7cd483277f3c","first_seen":"2023-12-01T08:05:45Z","last_seen":"2026-03-17T17:33:12.595424Z","times_seen":542,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.b13101f1.css","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /index.b13101f1.css HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 11725\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"202893e1153fb0fe3112d87832b6dd62-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJMV593R92H245VEQDBZQR14\r\ncontent-length: 812\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":2967,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (2967), with no line terminators","md5":"ce8ac0618d7ce42b983e473efeb261fc","sha1":"253b61ec7c0ed58d35b9c4c028ef7587f03e173a","sha256":"3a9c3771803ea52e05476c420ed1e49c412a4eaea526a40dc77d26c8ef54c773","sha512":"6c065319c913467f1c49a2d0c4b4729a905c4a536a0406bba7e70d036f7852ff14244520747ea38216f4caa951027933a60686152b006738f457a7559424a5b6","ssdeep":"","tlshash":"83514736f89c402a703bcc6f1154e5a5a326b290d7050f66fdef72209e610da7633b0a","first_seen":"2025-08-02T11:04:14.220867Z","last_seen":"2026-04-04T14:35:05.417204Z","times_seen":562,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.57d9c464.css","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /index.57d9c464.css HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 11725\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"c90dd9a4ea4977017202215b9a6a766b-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJMV593SQE0017RZ3KJGCHC7\r\ncontent-length: 945\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3635,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (3635), with no line terminators","md5":"1535d49d128ea82b93cf9f2dc3658278","sha1":"9fe65c957597129642604f6d19af670204aee54e","sha256":"aac768034cdf120d7d2ac246076c2a1a1fef2827db58cae55476aeb0fd7baa2d","sha512":"de0373826be46552e14ac6366a0fd6d735fd88262aae7fa8790f277971e61072a5c6ec1787d352558bb69c79927c2f0e3386e8b9a86af9ef380fbe0e790cbab7","ssdeep":"","tlshash":"5b714517ec4e415bb297c8bd2116fb6b622672e1d6260776f42f79b1af4808a3473f04","first_seen":"2025-08-02T11:04:14.1902Z","last_seen":"2026-04-04T14:35:05.424691Z","times_seen":562,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/floppy-disk-solid.68837cd0.svg","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /floppy-disk-solid.68837cd0.svg HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28862\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/svg+xml\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"fd7590b600043b96586db0c3218a3a64-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KJMV593V2HVEYBN1VNNQPRR5\r\ncontent-length: 587\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":587,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4e88b9e787d56a785bfc43ba14484661","sha1":"427286f6f0bc0b1afc9842d19d1edd59b27bc858","sha256":"c9fa729e11dbe88994ec27cf4a7356aa47fdb77b255e8a35ae0780fdaa8d5f30","sha512":"634620d5a93077cec065ceeda005b7055949785425c9a6423fdb0544f2be713031b736d8309b4833730fe0b6189981b1e50a0ae63151e13c5f81c716d2fc3fb9","ssdeep":"","tlshash":"69f0eb46e629f1390b8092509cb8d13d789a3081bcd44bfae02ba6111297b9432e84ee","first_seen":"2025-08-02T11:04:14.21568Z","last_seen":"2026-04-04T14:30:31.021619Z","times_seen":605,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.eb7e4c77.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /index.eb7e4c77.js HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 11725\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"92c901c2d0cc87634625c27cb419e733-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJMV593X99VFFPXPGQQDGMWX\r\ncontent-length: 34784\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":127581,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0503b7ab98739070de1c2774dab9aab3","sha1":"4cb7d053d42fda04fff24487da5159fab672253e","sha256":"a29439728bb25f472b19d6522eb1f0877daee492f8e6df72809c9879c5db3903","sha512":"6ee00e557a96fb3657bf033edb318e57e711606fd7ba0f34bbb1e060c265b719c6df66b36ae71c1e6fb24a7f394b2d16233cbc0d9843773d313ec696b91c3764","ssdeep":"1536:1430bD5o5a+SmhVDTokwZeLuFJd7sP8kFA/VvqeQgbnitxoaxNqcVp9mWP/O5BPO:N8SmDvokMoMT75kxoyNpTNgK07E","tlshash":"c1c3198a9e2f3d49fb1036033cde59e7006ca78f2c625dcd520fe78685d9a1e51e11ae","first_seen":"2025-08-02T11:04:14.19298Z","last_seen":"2026-03-17T17:33:12.599265Z","times_seen":517,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Share+Tech+Mono\u0026family=Rajdhani:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://swinowz.appwrite.network/","date":"2026-03-01T13:59:42.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Share+Tech+Mono\u0026family=Rajdhani:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://swinowz.appwrite.network/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 01 Mar 2026 13:59:42 GMT\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6476,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"fc42da22e3019d38d0690ad8a6a6a214","sha1":"d0908edd914b3dfdef259b34df1b7581964b951d","sha256":"ca769001be8db557fb4abca8958e80f17d90ae34d4f0804d9d39b81a4d0318b3","sha512":"497a0b5633f54c89cfa75268fd2646cef21b12d1715117c824fdd3039e5a88e9f9b82a26372f1973d5c6eb9d2dbcaf885b768192ca3b47ac853f721ab3d85c53","ssdeep":"96:8O1aKO1aAJc+uqO1aSN/OEamOEacJc+uqOEaoN/OXaGOXaMJc+uqOXar6N/OxMao:yg0VRxoooi4vDOHSVeCBY9D","tlshash":"d4d1f191092bb950eb932cc113ce7e36ee0e23515814e9396ffe1cd8ac9ec665351b4e","first_seen":"2026-03-01T04:38:58.945996Z","last_seen":"2026-04-04T14:30:31.023578Z","times_seen":600,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":97,"dns":1,"connect":21,"send":0,"wait":34,"receive":0,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.588c7c4b.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /index.588c7c4b.js HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 11725\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"ab5508640475962aedb6e1c838ff72f0-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJMV593KG307F2FXK9EYJRCB\r\ncontent-length: 7102\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20785,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (20785), with no line terminators","md5":"5adf8be2cf07260f025a9dd5b996ace7","sha1":"1c93a8be8d4536e970134673be2e1bf2cf4a0671","sha256":"685a3bbeddccbdc6fb3e92a39f02db7c25f535c1740289f96063285780e79e83","sha512":"cddaf16c7bde5f639013bc941f3f31fa46e780df4e7b0afbfbb57424452580cfd677ea8307a82992621eb38c61311572d520a54bfa80d0ca92e85bac916f4ae0","ssdeep":"384:mhijFaIv+kGKeBPhBkbs+LOsP03DQy6i6Bw2x2FvBYmB0YuMvR6HOsxEjxcwrJZx:LBzeBPhks+KIlc6q2x2FvBYm3uMvR6Hk","tlshash":"f692958c3684b0654797a267a07f8a0e72379914710e9400f29ce6e97c35efa61bfc7d","first_seen":"2025-08-02T11:04:14.202597Z","last_seen":"2026-03-17T17:33:12.594796Z","times_seen":517,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.3ecd1cc6.css","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /index.3ecd1cc6.css HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 11725\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"ece7d5c0ffccc3414e8c784338092901-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJMV593PWMTWGF9ZV4RFYHMA\r\ncontent-length: 735\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":1981,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (1981), with no line terminators","md5":"88ae23ae77d658de80f12a26e43a53ea","sha1":"45a816f4ce40ca9915112c4ef0bd9ba53daf7e71","sha256":"2124cc7b3c6c8bb881d9f1a93ccd1ecf33fbcb9eba460a225d594accede9e78f","sha512":"e4d1f4fbe94793cdf3c3ce6171e06aa4bb492f74dff95eacf4ed031de34eb6e1a99a505875a559fda9fbbb0e70a95a5057dfad25eb4ed08b324b15bb7ca4a10d","ssdeep":"","tlshash":"294154b2f22a103ab11a483bd19876ec1136d662f7320927b37eb914d7c54fb4a33701","first_seen":"2025-08-02T11:04:14.187233Z","last_seen":"2026-04-04T14:35:05.415996Z","times_seen":562,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.048f21d5.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /index.048f21d5.js HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28861\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"e1159002e0bdb8d7043d7f7ef8d382b0-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KJMV5946B0QDRJDJ2F50SR5G\r\ncontent-length: 647\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":647,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (647), with no line terminators","md5":"959eb8cb85e355a086cc3e36dd64a42c","sha1":"1e38d252892f0c341e655205a0b62c0cd18af6e4","sha256":"75c61d7390fd78982f60b741d4963f0fff4db39bd69588d914c38a2ee1db14d1","sha512":"5b490c03b17d3818d734996010c0d8cc6a0fa81705d6b057c97727c3c8a7aa42882e3cd4051dfed320a11e0d8ff7f94b2886533ef1264b0bc1c62e4ac3f5bc55","ssdeep":"","tlshash":"9af09ea4a0f6c53a5e5a0099372441a4f19e0b087c4edbc5d1ac9c0e7619c1bc94bfa5","first_seen":"2025-08-02T11:04:14.223509Z","last_seen":"2026-04-04T14:30:31.014351Z","times_seen":605,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.revshells.com/index.5c42474f.js","fqdn":"www.revshells.com","domain":"revshells.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:42.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.revshells.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 22:44:08 GMT","end":"Mon, 11 May 2026 22:44:07 GMT"},"fingerprint":{"sha1":"08:6A:EA:AF:4A:96:0A:07:3F:1F:68:1D:C1:9B:A9:A2:97:57:93:0A","sha256":"95:80:C2:F5:43:7F:A9:4A:B6:14:45:33:B5:0B:35:14:A0:61:45:1F:D0:70:9C:65:09:03:CD:90:90:74:7C:8D"}}},"request":{"raw":"GET /index.5c42474f.js HTTP/1.1\r\nHost: www.revshells.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.revshells.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 11725\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 13:59:42 GMT\r\netag: \"eecb4595b784996b11b32c04bac7d537-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJMV5946TNKD313DJD9QP7VD\r\ncontent-length: 3154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12184,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (12184), with no line terminators","md5":"30f13731a63d89f123f05727a4e0d12e","sha1":"602a3198cd4b1ed54d17168d4b604738dd8cdb2a","sha256":"9cfd1d706b5954385f5ed2546957313b89a7fe1b2410d581d412b87b264eb35f","sha512":"331f1ea093e5596376ca85cb43d3eee28fd0a485d10d86dae70aee1cf12db491d59607089d0cc079f7906edbd0ab77ff0f5c4c1801b564da76796eca21b46c74","ssdeep":"192:0ba3HA5M1KNA7Lsy3NAUY82pRuWzO+Zxde8CdPT8B9MC8bBN7NhNH3WLI/n7hoyS:N3A5M1d7bNAUY8UzPxde8CdPT8Ban7AH","tlshash":"b342936817bd463b01ae82f731a8a3d8a8b51b5cb85c444b173cfd4c6426c925177fbb","first_seen":"2025-08-02T11:04:14.211063Z","last_seen":"2026-03-17T17:33:12.600875Z","times_seen":517,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.revshells.com/","date":"2026-03-01T13:59:43.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.revshells.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23040\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 09:06:23 GMT\r\nexpires: Thu, 25 Feb 2027 09:06:23 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 17:11:31 GMT\r\ncontent-type: font/woff2\r\nage: 363200\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23040,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23040, version 1.0","md5":"de69cf9e514df447d1b0bb16f49d2457","sha1":"2ac78601179c3a63ba3f3f3081556b12ddcaf655","sha256":"c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49","sha512":"4aebb7e54d88827d4a02808f04901c0d09b756c518202b056a6c0f664948f5585221d16967f546e064187c6545acef15d59b68d0a7a59897bd899d3e9dda37b1","ssdeep":"384:adpABC4a0HkBpR1HWtGu06B6lsoAKiwY0HcLKglV6Z+DVb35PJZDdiZeJ1vqYg:0AHa0Ezf2tZn6lsoABwTKK46ZQb3V7wD","tlshash":"fca2e1c05cc1e2d4ae02daf7fda5a4eab4e2f01123a8f65f8f114b75d505993640fe01","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-04-04T14:50:24.917874Z","times_seen":135150,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}