{"report_id":"b3fff6d9-fb10-4cd1-aa71-d755092b488f","version":6,"status":"done","tags":[],"date":"2025-11-08T09:22:14Z","url":{"schema":"http","addr":"ww88.misav123.com/","fqdn":"ww88.misav123.com","domain":"misav123.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"ww88.misav123.com/","fqdn":"ww88.misav123.com","domain":"misav123.com","tld":"com"},"title":"misav123.com","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ww88.misav123.com/","fqdn":"ww88.misav123.com","domain":"misav123.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-13T09:22:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"ww88.misav123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"ww88.misav123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.google.com","ip":{"addr":"172.217.21.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-11-02T22:13:19.243005Z","alert_count":0,"request_count":1,"received_data":159129,"sent_data":443,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ep1.adtrafficquality.google","ip":{"addr":"216.58.211.2","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3093,"first_seen":"2024-07-24T04:17:49Z","last_seen":"2025-11-02T22:37:17.936891Z","alert_count":0,"request_count":1,"received_data":11271,"sent_data":533,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ep2.adtrafficquality.google","ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3229,"first_seen":"2024-08-13T12:56:28Z","last_seen":"2025-11-02T22:54:26.54834Z","alert_count":0,"request_count":2,"received_data":34546,"sent_data":990,"comment":"","tags":null,"fingerprints":null},{"fqdn":"syndicatedsearch.goog","ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-04-14","domain_rank":5365,"first_seen":"2023-09-25T09:30:59Z","last_seen":"2025-11-02T22:19:52.144609Z","alert_count":0,"request_count":5,"received_data":175629,"sent_data":3794,"comment":"","tags":null,"fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}]},{"fqdn":"ww88.misav123.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-05-30","domain_rank":0,"first_seen":"2025-11-08T09:22:15.351295Z","last_seen":"2025-11-08T09:22:15.351295Z","alert_count":10,"request_count":5,"received_data":46334,"sent_data":2271,"comment":"","tags":null,"fingerprints":null},{"fqdn":"afs.googleusercontent.com","ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":65181,"first_seen":"2013-05-06T19:11:00Z","last_seen":"2025-11-02T22:19:52.158228Z","alert_count":0,"request_count":2,"received_data":2046,"sent_data":1006,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026bodis=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"172.217.21.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"824284d1587c986c2245eb8d685cc457","sha1":"c8fea99e8a64893243b2e98aea3674a9478387b9","sha256":"ee3b635c59f5af7cb5a1e9d0910d68d6c4c7ae437db283ba90a85f336ab9d7be","sha512":"b32047ffd93da4540d52495a05ef1283a3bbde5ff9dfda4f6ded94819bbff019e5fed68d9d949965c4eaa63948d931083fe0f0486756e306d2a542b62da88046","ssdeep":"1536:DVT5OK1kLABINAwj54H9LwtHae79WvUNInaEWk03dp+i/Pqng84A2ag2g2inGXRw:hTRQy2ws+yk03uinJAPtOVw8WTItbqyR","tlshash":"f9f34bdd72a1302253a3a4b4607f018fb139f865e84c88a4f199d9e47cb4da94277fbd","size":158413,"data":"","first_seen":"2025-11-06T23:47:31.63534Z","last_seen":"2025-11-10T21:03:52.459656Z","times_seen":2081,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","size":19990,"data":"","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?sjk=xDVobzF7RNG3ZxSGBKsOTg%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol437%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww88.misav123.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2657970493003823\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108%2C73110182%2C17301559\u0026format=r3\u0026nocache=1651762593712901\u0026num=0\u0026output=afd_ads\u0026domain_name=ww88.misav123.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1762593712902\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=827603366\u0026rurl=http%3A%2F%2Fww88.misav123.com%2F","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"03da6e074e9ffeec390a2e526fb548d8","sha1":"db5d62ea3e0447d1e245c2dc31d803bedf47b406","sha256":"2393b99b06cba3b08ca6b271771ca0ac999520dc06f697df82856715f99c8b01","sha512":"417da53b442c0b80a94471ea29c560a44485b12487f2960d78121626dbfb58404eab7cabd59f1a8f626309bba42ca364dbee5193a3202b2efeba57a0dbbaa190","ssdeep":"","tlshash":"9cf0c0d51c750132d56700364d0f3fd0285918b0728b3994945eb48e25bcbde621c0eb","size":532,"data":"","first_seen":"2025-11-08T09:22:18.38602Z","last_seen":"2025-11-08T09:22:18.38602Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8274b97e6385936c02d57673af8fe0ed","sha1":"300abef3d101016d993be18c6eadb51cdaf5f982","sha256":"977028fbefad733f0db2ac02bb7c284911baa4ced8cb9a7c565827b80bc25d40","sha512":"17d3e6c0d1eea6d419eb0d50c630d50df3c9123434f1b6e01ee89f0c2790181bea65da1af6a58e1952b97a91aa0ccd89288f539a65be57e085cf83ccae8cfb52","ssdeep":"1536:XVT5OK1kLABINAwj54H9LwtHae79WvUNInaEWk03dp+i/Pqng84A2ag2g2inGXRw:lTRQy2ws+yk03uinJAPtOVw8WTItbqyR","tlshash":"e6f34bdd72a1302253a3a4b4607f018fb139f865e84c88a4f199d9e47cb4da94277fbd","size":158429,"data":"","first_seen":"2025-11-07T00:18:26.936785Z","last_seen":"2025-11-10T21:04:53.738996Z","times_seen":787,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww88.misav123.com/","fqdn":"ww88.misav123.com","domain":"misav123.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"809170f2252aab02ad279ee21775ba04","sha1":"67d7ca1b608b6c0bc9a230bacf4948ffbe81763f","sha256":"c8c21aac87fafab60567f09e6176dfc74b5b18b9cb77b4eb6194b4827570a501","sha512":"61d39e5559c8d1e3021323e4d997313e6cf741e6fa541bebae9115bec38288480bfc87c4e0907da4023ae8c30e7380054860585d3d2c9aad3d7c8772d89203e8","ssdeep":"","tlshash":"40e07d3a0437180c603321120b3baffc33ca54a16874bb55f2d10c93be104c90c51fc8","size":301,"data":"","first_seen":"2025-11-08T09:22:18.38679Z","last_seen":"2025-11-08T09:22:18.38679Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww88.misav123.com/bJLEnMWPJ.js","fqdn":"ww88.misav123.com","domain":"misav123.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"24f5185348934cd1b9e0e77d3081bb83","sha1":"28f1c593df5cc42096407974c24e63db2841e660","sha256":"2baa0175acda4d43b39e9d694120289607041a6c7ac2d5abb27360de88f03362","sha512":"0cad846892881d8ddddb301ca6eb732e219dfe2541be2b3e0b13095fb8e597f4f7b2d186444ac256810aa900c54777b71bd7f135f76fb72dbe6eb955afb0a2c5","ssdeep":"768:TP2y1v5VcJ7n85NdxBB5gPzGIPNMalnEE0xNE2X0Ddem+euROgvMzLXWI+6l8XOD:kualnEE0xNEGR+4M","tlshash":"d1033ab23ab7e07046e2c5dae8779215f338214a3405c068f96cc8de3a5e947d73ab75","size":38577,"data":"","first_seen":"2025-11-01T01:06:20.028106Z","last_seen":"2025-12-04T16:54:59.807882Z","times_seen":23694,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww88.misav123.com/","date":"2025-11-08T09:21:53.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:41:05 GMT","end":"Mon, 05 Jan 2026 08:41:04 GMT"},"fingerprint":{"sha1":"F2:85:79:CF:58:76:DD:F7:08:5A:A2:24:02:7B:82:26:D0:F2:86:5B","sha256":"26:07:9E:75:ED:C9:B1:59:A3:79:59:A2:C9:47:6F:A4:09:76:83:58:54:CE:D7:86:C4:5D:3A:A5:B5:F8:A5:9F"}}},"request":{"raw":"GET /sodar/sodar2.js HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww88.misav123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 7188\r\ndate: Sat, 08 Nov 2025 09:21:53 GMT\r\nexpires: Sat, 08 Nov 2025 09:21:53 GMT\r\ncache-control: private, max-age=3000\r\netag: \"1747411493688989\"\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19990,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1398)","md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"resource_available":true,"data":null}},"time_used":275,"timings":{"blocked":121,"dns":1,"connect":15,"send":0,"wait":27,"receive":1,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://ww88.misav123.com/","date":"2025-11-08T09:21:53.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:41:05 GMT","end":"Mon, 05 Jan 2026 08:41:04 GMT"},"fingerprint":{"sha1":"F2:85:79:CF:58:76:DD:F7:08:5A:A2:24:02:7B:82:26:D0:F2:86:5B","sha256":"26:07:9E:75:ED:C9:B1:59:A3:79:59:A2:C9:47:6F:A4:09:76:83:58:54:CE:D7:86:C4:5D:3A:A5:B5:F8:A5:9F"}}},"request":{"raw":"GET /sodar/sodar2/237/runner.html HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww88.misav123.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 5044\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 08 Nov 2025 09:11:09 GMT\r\nexpires: Sat, 08 Nov 2025 10:01:09 GMT\r\ncache-control: public, max-age=3000\r\nage: 644\r\nlast-modified: Tue, 13 May 2025 23:17:50 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13159,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2024)","md5":"0120a1d624ff8fc3ec792d93a7133947","sha1":"1e3bd23df78ff2c60b187b40a0c6505be9ab889f","sha256":"14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966","sha512":"84286e299ebc6690ee904b5581cd6aaf6b59d06200b61156923301484d1b75fa517894167c4f4777553ba09c840a2d74a723e3ff112448f00514d910dfd172c5","ssdeep":"192:pl/6xS2OASROqI3wgh5MXDc9EAOaK3qzfaGDCiMgIcTa1mx:rz2NQJIVsTiMH3qzfcOIr1mx","tlshash":"4842a7ccbad2b0210353b4f1a13f400ff13ea8aae44c9954b181e8e17cb56a94667f7d","first_seen":"2025-05-19T23:59:48.478548Z","last_seen":"2026-02-26T18:27:55.136579Z","times_seen":169945,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=bzf1vb8uuu8\u0026cd_fexp=72717108%2C73110182%2C17301559\u0026aqid=sQsPaZm3BKyijuwPnrbioAw\u0026psid=3113057640\u0026pbt=bs\u0026adbx=290\u0026adby=145\u0026adbh=364\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis31_3ph\u0026errv=827603366\u0026csala=6%7C0%7C352%7C101%7C17\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww88.misav123.com/","date":"2025-11-08T09:21:54.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:41:09 GMT","end":"Mon, 05 Jan 2026 08:41:08 GMT"},"fingerprint":{"sha1":"23:EA:07:08:10:42:94:82:DC:4D:7F:B6:68:4D:7D:85:E5:4E:3A:40","sha256":"FF:B7:89:EA:9A:C6:8D:86:37:B5:39:32:63:07:DC:3E:08:A6:8D:DE:17:A4:C9:6C:94:25:BF:29:70:11:06:86"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=bzf1vb8uuu8\u0026cd_fexp=72717108%2C73110182%2C17301559\u0026aqid=sQsPaZm3BKyijuwPnrbioAw\u0026psid=3113057640\u0026pbt=bs\u0026adbx=290\u0026adby=145\u0026adbh=364\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis31_3ph\u0026errv=827603366\u0026csala=6%7C0%7C352%7C101%7C17\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww88.misav123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ij4R0vL2bnJf-hdj7IXAag' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Sat, 08 Nov 2025 09:21:54 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=rg42yw70uvn6\u0026cd_fexp=72717108%2C73110182%2C17301559\u0026aqid=sQsPaZm3BKyijuwPnrbioAw\u0026psid=3113057640\u0026pbt=bv\u0026adbx=290\u0026adby=145\u0026adbh=364\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis31_3ph\u0026errv=827603366\u0026csala=6%7C0%7C352%7C101%7C17\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww88.misav123.com/","date":"2025-11-08T09:21:54.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:41:09 GMT","end":"Mon, 05 Jan 2026 08:41:08 GMT"},"fingerprint":{"sha1":"23:EA:07:08:10:42:94:82:DC:4D:7F:B6:68:4D:7D:85:E5:4E:3A:40","sha256":"FF:B7:89:EA:9A:C6:8D:86:37:B5:39:32:63:07:DC:3E:08:A6:8D:DE:17:A4:C9:6C:94:25:BF:29:70:11:06:86"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=rg42yw70uvn6\u0026cd_fexp=72717108%2C73110182%2C17301559\u0026aqid=sQsPaZm3BKyijuwPnrbioAw\u0026psid=3113057640\u0026pbt=bv\u0026adbx=290\u0026adby=145\u0026adbh=364\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis31_3ph\u0026errv=827603366\u0026csala=6%7C0%7C352%7C101%7C17\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww88.misav123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-VbB7IL6j74AnjC6cr8wlUw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Sat, 08 Nov 2025 09:21:54 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww88.misav123.com/","fqdn":"ww88.misav123.com","domain":"misav123.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-08T09:21:52.021Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ww88.misav123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":217,"timings":{"blocked":217,"dns":0,"connect":2,"send":0,"wait":0,"receive":0,"ssl":78},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"ww88.misav123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"ww88.misav123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ww88.misav123.com/","fqdn":"ww88.misav123.com","domain":"misav123.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-08T09:21:52.329Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ww88.misav123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Sat, 08 Nov 2025 09:21:52 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 1050\r\nx-request-id: 4c7e219f-692c-4ac3-9a31-0af89bdb8153\r\ncache-control: no-store, max-age=0\r\naccept-ch: sec-ch-prefers-color-scheme\r\ncritical-ch: sec-ch-prefers-color-scheme\r\nvary: sec-ch-prefers-color-scheme\r\nx-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_scYO9psyiEmABIBwDNVQAbtgtgta+bZMA8vlZWng2ewTK5c1JJl47bN6e1lfVKNhtRkuEIRFtrNCOYkogMJxOA==\r\nset-cookie: parking_session=4c7e219f-692c-4ac3-9a31-0af89bdb8153; expires=Sat, 08 Nov 2025 09:36:52 GMT; path=/\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1050,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (318)","md5":"23bea9f77a467de2fd653d225db1625f","sha1":"6068970d9af7815cc7b8b2aaf2c82b9faea7e8f8","sha256":"693bdc4e2df952b9c8717836ce623468269e830777e72a8e7df847877e0a25a1","sha512":"d3ff6aa38b3e044e62eab1b244e71f7043bc7b0a64db3824153c228af733a74833ad8959e7e21b5d575284654df18408da93321ae8fc05919cdf5f7439565770","ssdeep":"","tlshash":"7e11753604635c0920f202904db5e72c4d4a779aa165ad81baedd473bcc06e29c267c8","first_seen":"2025-11-08T09:22:18.378188Z","last_seen":"2025-11-08T09:22:18.378188Z","times_seen":1,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":1,"dns":1,"connect":1,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"ww88.misav123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"ww88.misav123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ww88.misav123.com/_fd","fqdn":"ww88.misav123.com","domain":"misav123.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://ww88.misav123.com/","date":"2025-11-08T09:21:52.539Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /_fd HTTP/1.1\r\nHost: ww88.misav123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ww88.misav123.com/\r\nContent-Type: application/json\r\nOrigin: http://ww88.misav123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: parking_session=4c7e219f-692c-4ac3-9a31-0af89bdb8153\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Sat, 08 Nov 2025 09:21:52 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 5185\r\nx-request-id: 57107325-665b-4363-9761-e80c646970c2\r\nset-cookie: parking_session=4c7e219f-692c-4ac3-9a31-0af89bdb8153; expires=Sat, 08 Nov 2025 09:36:52 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5185,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with very long lines (5185), with no line terminators","md5":"da95bf623440cee6b6445ab28e496a2e","sha1":"ad379b57bc133a39f2f5bcf47adf7811f6f0896b","sha256":"55487662c919c14745e9f13dd25426338a0297e6d37a3b833853f0db04a3202c","sha512":"17bb68e707c30b523d772b92cdc18b7175ad47b03329d1269310808870720d4b09457457f62ed7889880754e5a3fec689df6f90a685037113fe893977f215ad4","ssdeep":"96:N9SJ8+KMmYLOQOUzPULGQQGJ2ITTAwSY755oojL:CJ8s9LOQdzS/vNnqG5oojL","tlshash":"38b172f68a98399bdb43561370cf03ea134f97be2276622d595fda4c4a0960fb4d012f","first_seen":"2025-11-08T09:22:18.37944Z","last_seen":"2025-11-08T09:22:18.37944Z","times_seen":1,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"ww88.misav123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"ww88.misav123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?sjk=xDVobzF7RNG3ZxSGBKsOTg%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol437%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww88.misav123.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2657970493003823\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108%2C73110182%2C17301559\u0026format=r3\u0026nocache=1651762593712901\u0026num=0\u0026output=afd_ads\u0026domain_name=ww88.misav123.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1762593712902\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=827603366\u0026rurl=http%3A%2F%2Fww88.misav123.com%2F","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://ww88.misav123.com/","date":"2025-11-08T09:21:52.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:41:09 GMT","end":"Mon, 05 Jan 2026 08:41:08 GMT"},"fingerprint":{"sha1":"23:EA:07:08:10:42:94:82:DC:4D:7F:B6:68:4D:7D:85:E5:4E:3A:40","sha256":"FF:B7:89:EA:9A:C6:8D:86:37:B5:39:32:63:07:DC:3E:08:A6:8D:DE:17:A4:C9:6C:94:25:BF:29:70:11:06:86"}}},"request":{"raw":"GET /afs/ads?sjk=xDVobzF7RNG3ZxSGBKsOTg%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol437%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww88.misav123.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2657970493003823\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108%2C73110182%2C17301559\u0026format=r3\u0026nocache=1651762593712901\u0026num=0\u0026output=afd_ads\u0026domain_name=ww88.misav123.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1762593712902\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=827603366\u0026rurl=http%3A%2F%2Fww88.misav123.com%2F HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww88.misav123.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-disposition: inline\r\ndate: Sat, 08 Nov 2025 09:21:53 GMT\r\nexpires: Sat, 08 Nov 2025 09:21:53 GMT\r\ncache-control: private, max-age=3600\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-tqkClbBWyz81nsTfGOIi9w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 2818\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":13719,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (13242)","md5":"5707f9adae99b026a407b9d87aa0df2c","sha1":"1322dfbb48d132eecc4388836ef7abecc77a0701","sha256":"bbce1909f0fb9ad5f69b0e65da564a337c16529730a5dce2f41288f1fd31f50c","sha512":"eb0b78f6c956f587e5f527dc19c71ad897327479a249893ef8dac1004a8660e07d0892191f6c1b1e100e15011fd108d93def60a7da1a0d5cc2f9f1ef2074b4f2","ssdeep":"192:GE12iMpgbogm0yEMcfWrTUEIj376Im6kk:Gni0dHEJurW37Hlkk","tlshash":"ad52433770a227291503dc541b296f5dd181d43ac46f36e848b35b26c7ebf828be628e","first_seen":"2025-11-08T09:22:18.380449Z","last_seen":"2025-11-08T09:22:18.380449Z","times_seen":1,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":87,"dns":0,"connect":16,"send":0,"wait":155,"receive":1,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=xDVobzF7RNG3ZxSGBKsOTg%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol437%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww88.misav123.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2657970493003823\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108%2C73110182%2C17301559\u0026format=r3\u0026nocache=1651762593712901\u0026num=0\u0026output=afd_ads\u0026domain_name=ww88.misav123.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1762593712902\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=827603366\u0026rurl=http%3A%2F%2Fww88.misav123.com%2F","date":"2025-11-08T09:21:53.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:55 GMT","end":"Mon, 05 Jan 2026 08:38:54 GMT"},"fingerprint":{"sha1":"72:DA:2F:6F:BA:BF:00:FD:73:E0:7D:E7:F8:05:F3:83:6C:72:DF:FA","sha256":"F0:DB:53:82:D9:34:CD:9A:A0:33:68:84:C4:04:F1:B5:13:E7:CC:53:8B:5D:59:57:9A:06:E5:7A:47:7D:02:C7"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 08 Nov 2025 02:53:42 GMT\r\nexpires: Sun, 09 Nov 2025 01:53:42 GMT\r\ncache-control: public, max-age=82800\r\nage: 23291\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"11b3089d616633ca6b73b57aa877eeb4","sha1":"07632f63e06b30d9b63c97177d3a8122629bda9b","sha256":"809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1","sha512":"079b0e35b479dfdbe64a987661000f4a034b10688e26f2a5fe6aaa807e81ccc5593d40609b731ab3340e687d83dd08de4b8b1e01cdac9d4523a9f6bb3acfcba0","ssdeep":"","tlshash":"d9d02291c2182d28441e82e0c37c312600fab0a2634c00dcfa80e300b20c9abb861669","first_seen":"2023-04-06T23:53:06Z","last_seen":"2026-05-03T22:11:49.614123Z","times_seen":412187,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":117,"dns":0,"connect":15,"send":0,"wait":27,"receive":0,"ssl":96},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=xDVobzF7RNG3ZxSGBKsOTg%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol437%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww88.misav123.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2657970493003823\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108%2C73110182%2C17301559\u0026format=r3\u0026nocache=1651762593712901\u0026num=0\u0026output=afd_ads\u0026domain_name=ww88.misav123.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1762593712902\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=827603366\u0026rurl=http%3A%2F%2Fww88.misav123.com%2F","date":"2025-11-08T09:21:53.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:55 GMT","end":"Mon, 05 Jan 2026 08:38:54 GMT"},"fingerprint":{"sha1":"72:DA:2F:6F:BA:BF:00:FD:73:E0:7D:E7:F8:05:F3:83:6C:72:DF:FA","sha256":"F0:DB:53:82:D9:34:CD:9A:A0:33:68:84:C4:04:F1:B5:13:E7:CC:53:8B:5D:59:57:9A:06:E5:7A:47:7D:02:C7"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 08 Nov 2025 04:40:49 GMT\r\nexpires: Sun, 09 Nov 2025 03:40:49 GMT\r\ncache-control: public, max-age=82800\r\nage: 16864\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d47125b2ba92be53dcff07ba322ce1de","sha1":"e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28","sha256":"5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6","sha512":"78a1bf7547b1c28f600163689161955bc56a621ace3228c9169143be933ccf789fc6106bbf729f2e9483bcaa03271529d3913088094c7fb906b44673e13f1f92","ssdeep":"","tlshash":"72d02291d2286d38441e82e0c37c712200ee70a2230c10ccfa81a700720c8abb8a1668","first_seen":"2023-04-07T07:55:51Z","last_seen":"2026-02-01T02:48:24.72202Z","times_seen":175105,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":110,"dns":2,"connect":27,"send":0,"wait":28,"receive":0,"ssl":70},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww88.misav123.com/_tr","fqdn":"ww88.misav123.com","domain":"misav123.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://ww88.misav123.com/","date":"2025-11-08T09:21:53.436Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /_tr HTTP/1.1\r\nHost: ww88.misav123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ww88.misav123.com/\r\nContent-Type: application/json\r\nContent-Length: 1893\r\nOrigin: http://ww88.misav123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: parking_session=4c7e219f-692c-4ac3-9a31-0af89bdb8153\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Sat, 08 Nov 2025 09:21:52 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 2\r\nx-request-id: 91398e59-6d12-4fca-ad38-0a854d56b7a3\r\nset-cookie: parking_session=4c7e219f-692c-4ac3-9a31-0af89bdb8153; expires=Sat, 08 Nov 2025 09:36:53 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-05-14T14:57:28.446339Z","times_seen":411296,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"ww88.misav123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"ww88.misav123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ww88.misav123.com/bJLEnMWPJ.js","fqdn":"ww88.misav123.com","domain":"misav123.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww88.misav123.com/","date":"2025-11-08T09:21:52.489Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /bJLEnMWPJ.js HTTP/1.1\r\nHost: ww88.misav123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww88.misav123.com/\r\nCookie: parking_session=4c7e219f-692c-4ac3-9a31-0af89bdb8153\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Sat, 08 Nov 2025 09:21:52 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 38577\r\nx-request-id: e5625442-32b1-43d6-b856-580bd92ba515\r\nset-cookie: parking_session=4c7e219f-692c-4ac3-9a31-0af89bdb8153; expires=Sat, 08 Nov 2025 09:36:52 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38577,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (38574)","md5":"24f5185348934cd1b9e0e77d3081bb83","sha1":"28f1c593df5cc42096407974c24e63db2841e660","sha256":"2baa0175acda4d43b39e9d694120289607041a6c7ac2d5abb27360de88f03362","sha512":"0cad846892881d8ddddb301ca6eb732e219dfe2541be2b3e0b13095fb8e597f4f7b2d186444ac256810aa900c54777b71bd7f135f76fb72dbe6eb955afb0a2c5","ssdeep":"768:TP2y1v5VcJ7n85NdxBB5gPzGIPNMalnEE0xNE2X0Ddem+euROgvMzLXWI+6l8XOD:kualnEE0xNEGR+4M","tlshash":"d1033ab23ab7e07046e2c5dae8779215f338214a3405c068f96cc8de3a5e947d73ab75","first_seen":"2025-11-01T01:06:20.028106Z","last_seen":"2025-12-04T16:54:59.807882Z","times_seen":23694,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"ww88.misav123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"ww88.misav123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=sfhw0ji1s7i2\u0026cd_fexp=72717108%2C73110182%2C17301559\u0026psid=3113057640\u0026pbt=ri\u0026emsg=sodar_latency\u0026rt=176\u0026ea=9","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww88.misav123.com/","date":"2025-11-08T09:21:53.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:41:09 GMT","end":"Mon, 05 Jan 2026 08:41:08 GMT"},"fingerprint":{"sha1":"23:EA:07:08:10:42:94:82:DC:4D:7F:B6:68:4D:7D:85:E5:4E:3A:40","sha256":"FF:B7:89:EA:9A:C6:8D:86:37:B5:39:32:63:07:DC:3E:08:A6:8D:DE:17:A4:C9:6C:94:25:BF:29:70:11:06:86"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=sfhw0ji1s7i2\u0026cd_fexp=72717108%2C73110182%2C17301559\u0026psid=3113057640\u0026pbt=ri\u0026emsg=sodar_latency\u0026rt=176\u0026ea=9 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww88.misav123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-iDNyORA0E92YF1KmuO_FPA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Sat, 08 Nov 2025 09:21:53 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=xDVobzF7RNG3ZxSGBKsOTg%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol437%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww88.misav123.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2657970493003823\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108%2C73110182%2C17301559\u0026format=r3\u0026nocache=1651762593712901\u0026num=0\u0026output=afd_ads\u0026domain_name=ww88.misav123.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1762593712902\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=827603366\u0026rurl=http%3A%2F%2Fww88.misav123.com%2F","date":"2025-11-08T09:21:53.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:41:09 GMT","end":"Mon, 05 Jan 2026 08:41:08 GMT"},"fingerprint":{"sha1":"23:EA:07:08:10:42:94:82:DC:4D:7F:B6:68:4D:7D:85:E5:4E:3A:40","sha256":"FF:B7:89:EA:9A:C6:8D:86:37:B5:39:32:63:07:DC:3E:08:A6:8D:DE:17:A4:C9:6C:94:25:BF:29:70:11:06:86"}}},"request":{"raw":"GET /adsense/domains/caf.js HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Sat, 08 Nov 2025 09:21:53 GMT\r\nexpires: Sat, 08 Nov 2025 09:21:53 GMT\r\ncache-control: private, max-age=3600\r\netag: \"25102947073677943\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":158429,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2841)","md5":"8274b97e6385936c02d57673af8fe0ed","sha1":"300abef3d101016d993be18c6eadb51cdaf5f982","sha256":"977028fbefad733f0db2ac02bb7c284911baa4ced8cb9a7c565827b80bc25d40","sha512":"17d3e6c0d1eea6d419eb0d50c630d50df3c9123434f1b6e01ee89f0c2790181bea65da1af6a58e1952b97a91aa0ccd89288f539a65be57e085cf83ccae8cfb52","ssdeep":"1536:XVT5OK1kLABINAwj54H9LwtHae79WvUNInaEWk03dp+i/Pqng84A2ag2g2inGXRw:lTRQy2ws+yk03uinJAPtOVw8WTItbqyR","tlshash":"e6f34bdd72a1302253a3a4b4607f018fb139f865e84c88a4f199d9e47cb4da94277fbd","first_seen":"2025-11-07T00:18:26.936785Z","last_seen":"2025-11-10T21:04:53.738996Z","times_seen":787,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":28,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026bodis=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"172.217.21.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww88.misav123.com/","date":"2025-11-08T09:21:52.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:39:42 GMT","end":"Mon, 05 Jan 2026 08:39:41 GMT"},"fingerprint":{"sha1":"21:9C:5C:29:E1:79:B5:ED:56:03:5A:DB:A7:59:E9:CD:8C:F7:7B:84","sha256":"B7:D9:C5:14:9E:24:2A:E0:DE:23:41:E5:B0:F0:10:5E:EB:C3:66:B3:4F:D9:14:ED:52:6C:5D:D0:7D:FC:9F:A1"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026bodis=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww88.misav123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Sat, 08 Nov 2025 09:21:52 GMT\r\nexpires: Sat, 08 Nov 2025 09:21:52 GMT\r\ncache-control: private, max-age=3600\r\netag: \"9724190837648545846\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":158413,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2841)","md5":"824284d1587c986c2245eb8d685cc457","sha1":"c8fea99e8a64893243b2e98aea3674a9478387b9","sha256":"ee3b635c59f5af7cb5a1e9d0910d68d6c4c7ae437db283ba90a85f336ab9d7be","sha512":"b32047ffd93da4540d52495a05ef1283a3bbde5ff9dfda4f6ded94819bbff019e5fed68d9d949965c4eaa63948d931083fe0f0486756e306d2a542b62da88046","ssdeep":"1536:DVT5OK1kLABINAwj54H9LwtHae79WvUNInaEWk03dp+i/Pqng84A2ag2g2inGXRw:hTRQy2ws+yk03uinJAPtOVw8WTItbqyR","tlshash":"f9f34bdd72a1302253a3a4b4607f018fb139f865e84c88a4f199d9e47cb4da94277fbd","first_seen":"2025-11-06T23:47:31.63534Z","last_seen":"2025-11-10T21:03:52.459656Z","times_seen":2081,"resource_available":true,"data":null}},"time_used":275,"timings":{"blocked":125,"dns":1,"connect":8,"send":0,"wait":23,"receive":0,"ssl":115},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep1.adtrafficquality.google/getconfig/sodar?sv=200\u0026tid=afs\u0026tv=1234567890\u0026st=env\u0026sjk=xDVobzF7RNG3ZxSGBKsOTg==\u0026sde=1","fqdn":"ep1.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"216.58.211.2","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww88.misav123.com/","date":"2025-11-08T09:21:52.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:40:59 GMT","end":"Mon, 05 Jan 2026 08:40:58 GMT"},"fingerprint":{"sha1":"61:9E:BC:76:51:B3:48:4A:4A:AE:D5:F4:D2:DF:27:F9:49:60:1B:FA","sha256":"F1:85:93:2B:45:BD:7D:32:7C:C6:E1:51:87:A0:FB:C2:41:83:26:64:33:82:75:A6:CF:6D:D8:CB:27:07:6D:65"}}},"request":{"raw":"GET /getconfig/sodar?sv=200\u0026tid=afs\u0026tv=1234567890\u0026st=env\u0026sjk=xDVobzF7RNG3ZxSGBKsOTg==\u0026sde=1 HTTP/1.1\r\nHost: ep1.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://ww88.misav123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww88.misav123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\ncontent-type: application/json; charset=UTF-8\r\nx-content-type-options: nosniff\r\ncontent-disposition: attachment; filename=\"f.txt\"\r\ncontent-encoding: br\r\ndate: Sat, 08 Nov 2025 09:21:53 GMT\r\nserver: cafe\r\ncontent-length: 8093\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10714,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"ada6d4ca260eb62dc93c335705ef38bd","sha1":"7b993e6fc3efa1565c2cb99ff8679aa9a668d334","sha256":"2fb95890e8814d49fc7fc2e01a7c03bb8c7df5ef9cc365c4ea120f6b179207bc","sha512":"6421b15af7805b5e33ea8d46c7bd3c9d9123e05384d16363568013dd1f620a265799c1b882e6020a194d86c921333f257547939a4a5aeb30660d7290fda9831c","ssdeep":"192:aZ3fMoeB3fEw80AH/K7EVzvLkhTa7mvi7OuTzRnbAhlKJ68hBoLBqhgKK/VpFS:YZIcj0kCsKvYOuTzFbgly688LBQgBXS","tlshash":"8422cf4d8f6e72c461cb4a8faf90574c07d92092b076c73c94b523b86072ab21673688","first_seen":"2025-11-08T09:22:18.385163Z","last_seen":"2025-11-08T09:22:18.385163Z","times_seen":1,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":99,"dns":1,"connect":20,"send":0,"wait":38,"receive":1,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}