{"report_id":"ec37a2c9-b426-41c3-aae0-ec608f9b8492","version":6,"status":"done","tags":[],"date":"2026-03-29T13:03:47Z","url":{"schema":"https","addr":"rizveco.click/","fqdn":"rizveco.click","domain":"rizveco.click","tld":"click"},"ip":{"addr":"147.45.41.219","port":0,"asn":210644,"as":"Aeza International Ltd","country":"Austria","country_code":"AT"},"final":{"url":{"schema":"https","addr":"rizveco.click/","fqdn":"rizveco.click","domain":"rizveco.click","tld":"click"},"title":"Next Generation Script Exploits","dom":{"size":16723,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"b8d8d1f6be2390ab00827270c95e7bda","sha1":"8b6b70b3d147edf562e3478e17039a72e07c4abd","sha256":"c6cc09cad4853e46c4d5db06aa0f14b4024bc4fcee219dd7d6f78d499fbe2468","sha512":"7a877095c797524a4bee3bb91b59d2cb51682af8996c9c304d58b315ed6cb99fdb7aa9862d679d2624a1819c9223eda666f7e1a5d2fc59852c1bcb5c7fe306a4","ssdeep":"192:38HrmOOI5AlB/vfFskP8AAvmDz43JBel7ox+eh+/GvOunBn0ng1u4r31vi:MHrmOOr1w5bth+No0mA","tlshash":"6472d629e9f15173006340c2eae693676fbbd113c5120045f2ee17ac1fd2d8ea61bba9","dom_hash":"domhash7f94b26bb8996be9d92162986b79023f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"rizveco.click/","fqdn":"rizveco.click","domain":"rizveco.click","tld":"click"},"ip":{"addr":"147.45.41.219","port":0,"asn":210644,"as":"Aeza International Ltd","country":"Austria","country_code":"AT"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-03T13:03:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"rizveco.click","ip":{"addr":"147.45.41.219","port":443,"asn":210644,"as":"Aeza International Ltd","country":"Austria","country_code":"AT"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":4,"received_data":33236,"sent_data":1749,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rizveco.click/","fqdn":"rizveco.click","domain":"rizveco.click","tld":"click"},"ip":{"addr":"147.45.41.219","port":443,"asn":210644,"as":"Aeza International Ltd","country":"Austria","country_code":"AT"},"introduction_type":"scriptElement","is_inline":true,"md5":"04928fd9f5a2602f94749bac75ae1d61","sha1":"eb02fa4ce0f1b5acfb31db16cc7a6b9bee5cf267","sha256":"71abd8fc7ab826d9121e384063a66b191dcf45f4cea1596785952f15a3007dc2","sha512":"23499a1491715916fad0146ac74f689c18e94fd9d34359a4b1ada4c55cf5a8df75d8dad4139dc578ada7672147c1fdc5848d0693fa8b62d675ec6455c6f9dfe4","ssdeep":"","tlshash":"fde05e3d5773115081332569dabf8321d0a000332408c08af9dd851cef75a4aaea7a9a","size":319,"data":"","first_seen":"2026-03-29T13:03:51.297165Z","last_seen":"2026-03-29T13:06:03.444453Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rizveco.click/script.js","fqdn":"rizveco.click","domain":"rizveco.click","tld":"click"},"ip":{"addr":"147.45.41.219","port":443,"asn":210644,"as":"Aeza International Ltd","country":"Austria","country_code":"AT"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2174430e97194b6a42e4b42ec59831e","sha1":"68128d80b952dc8a22d7f526d97d432468bd8360","sha256":"95ff84ebd0e05d241d3c8e6bd21910976bbf380ad2dffe56bd585118d6c81b67","sha512":"75fa4a0ec418505221ef4ed7d833d94ab8b20fadee440a01669845db73a1df134afed5ba8e7a61b2958d372fb9bd24890ecc8e0b4eb60fbdfd680a1778bd8434","ssdeep":"","tlshash":"e051bd2b12b2203580a7716a93df8b887a3a104b7406cd563f5c4b4e1fe1da569f3ee5","size":2712,"data":"","first_seen":"2026-03-27T14:56:41.775218Z","last_seen":"2026-06-04T13:52:07.058627Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"rizveco.click/","fqdn":"rizveco.click","domain":"rizveco.click","tld":"click"},"ip":{"addr":"147.45.41.219","port":443,"asn":210644,"as":"Aeza International Ltd","country":"Austria","country_code":"AT"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-29T13:03:25.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rizveco.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:09:48 GMT","end":"Fri, 26 Jun 2026 15:09:47 GMT"},"fingerprint":{"sha1":"69:7C:7E:E4:1C:B9:96:70:63:23:8D:43:9E:54:29:58:DE:26:38:90","sha256":"C7:79:78:D0:E8:68:21:E2:24:5D:89:A3:A1:F1:A7:1D:E7:D2:14:42:5B:9F:AB:4E:A1:16:AE:B2:93:6A:B3:4D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rizveco.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 29 Mar 2026 13:03:26 GMT\r\nContent-Type: text/html\r\nContent-Length: 4222\r\nConnection: keep-alive\r\nLast-Modified: Sun, 29 Mar 2026 11:26:25 GMT\r\nETag: \"3b9b-64e28012a5a97-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15259,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"d05888f2409d373201703ee33c80f71d","sha1":"c948680a167fd62a84b0e07d11f2697d235a0c79","sha256":"3454121baf1cbaa2114c345e5ad81a1758768cc647d63616e14c849ffa0f7d93","sha512":"cb05a79e3320cb6dc8ecbc631baa6001497b52082a85e1af23f159ce7f7643e34910de50c2e34b7b96531c7114c4b7b52113b54c0d1f59975e4afbf8c1eaa7d1","ssdeep":"192:lyHrmOOI5AlBThfP8RmD41Bm7ox+eh+/GvOunBouXP1NM:4HrmOOrBc1lth+NookLM","tlshash":"d762936ae9f1a173016344d3daa693677fe6c417c1060000f0fc57ac1fd6e8aea2b69d","first_seen":"2026-03-29T13:03:51.29212Z","last_seen":"2026-03-29T13:06:03.440983Z","times_seen":2,"resource_available":false,"data":null}},"time_used":492,"timings":{"blocked":223,"dns":146,"connect":38,"send":0,"wait":42,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rizveco.click/style.css","fqdn":"rizveco.click","domain":"rizveco.click","tld":"click"},"ip":{"addr":"147.45.41.219","port":443,"asn":210644,"as":"Aeza International Ltd","country":"Austria","country_code":"AT"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rizveco.click/","date":"2026-03-29T13:03:26.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rizveco.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:09:48 GMT","end":"Fri, 26 Jun 2026 15:09:47 GMT"},"fingerprint":{"sha1":"69:7C:7E:E4:1C:B9:96:70:63:23:8D:43:9E:54:29:58:DE:26:38:90","sha256":"C7:79:78:D0:E8:68:21:E2:24:5D:89:A3:A1:F1:A7:1D:E7:D2:14:42:5B:9F:AB:4E:A1:16:AE:B2:93:6A:B3:4D"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: rizveco.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rizveco.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 29 Mar 2026 13:03:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sun, 29 Mar 2026 11:26:25 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69c90c61-350c\"\r\nExpires: Mon, 30 Mar 2026 13:03:26 GMT\r\nCache-Control: max-age=86400\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13580,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"7c16fa07fac41e7044e62de7f6cd9832","sha1":"84d48eded8476899cf72676b70eed6e5f36e1248","sha256":"f58f6bd1d36fb1fc489afead4f184ed12362615151b3624217f888b0482ebebf","sha512":"464f527a4a8136d7523ea780a1a79060e0d33f4aac928383060fa151b6ad5f8a5a776b304c2776492dc77910e167558ddc31acb6897c0d1655576e7c3c7c88dc","ssdeep":"192:dpEBj+eOKI3A3qFsxb0bWMDLs3ZCvB+h5h7LaLsp1qOehg4Il+O3xYA+MvzPULpX:d1Fsx9BEyAUA","tlshash":"4952345966a71999781f982517ff97c4739ca087cc0dce7e3acd21548f893b8a0a2f4c","first_seen":"2026-03-27T14:56:41.774198Z","last_seen":"2026-06-04T13:52:07.058137Z","times_seen":26,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rizveco.click/script.js","fqdn":"rizveco.click","domain":"rizveco.click","tld":"click"},"ip":{"addr":"147.45.41.219","port":443,"asn":210644,"as":"Aeza International Ltd","country":"Austria","country_code":"AT"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rizveco.click/","date":"2026-03-29T13:03:26.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rizveco.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:09:48 GMT","end":"Fri, 26 Jun 2026 15:09:47 GMT"},"fingerprint":{"sha1":"69:7C:7E:E4:1C:B9:96:70:63:23:8D:43:9E:54:29:58:DE:26:38:90","sha256":"C7:79:78:D0:E8:68:21:E2:24:5D:89:A3:A1:F1:A7:1D:E7:D2:14:42:5B:9F:AB:4E:A1:16:AE:B2:93:6A:B3:4D"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: rizveco.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rizveco.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 29 Mar 2026 13:03:26 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 29 Mar 2026 11:26:25 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69c90c61-a98\"\r\nExpires: Mon, 30 Mar 2026 13:03:26 GMT\r\nCache-Control: max-age=86400\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2712,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"b2174430e97194b6a42e4b42ec59831e","sha1":"68128d80b952dc8a22d7f526d97d432468bd8360","sha256":"95ff84ebd0e05d241d3c8e6bd21910976bbf380ad2dffe56bd585118d6c81b67","sha512":"75fa4a0ec418505221ef4ed7d833d94ab8b20fadee440a01669845db73a1df134afed5ba8e7a61b2958d372fb9bd24890ecc8e0b4eb60fbdfd680a1778bd8434","ssdeep":"","tlshash":"e051bd2b12b2203580a7716a93df8b887a3a104b7406cd563f5c4b4e1fe1da569f3ee5","first_seen":"2026-03-27T14:56:41.775218Z","last_seen":"2026-06-04T13:52:07.058627Z","times_seen":26,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":82,"dns":1,"connect":38,"send":0,"wait":40,"receive":1,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rizveco.click/favicon.svg","fqdn":"rizveco.click","domain":"rizveco.click","tld":"click"},"ip":{"addr":"147.45.41.219","port":443,"asn":210644,"as":"Aeza International Ltd","country":"Austria","country_code":"AT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rizveco.click/","date":"2026-03-29T13:03:26.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rizveco.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:09:48 GMT","end":"Fri, 26 Jun 2026 15:09:47 GMT"},"fingerprint":{"sha1":"69:7C:7E:E4:1C:B9:96:70:63:23:8D:43:9E:54:29:58:DE:26:38:90","sha256":"C7:79:78:D0:E8:68:21:E2:24:5D:89:A3:A1:F1:A7:1D:E7:D2:14:42:5B:9F:AB:4E:A1:16:AE:B2:93:6A:B3:4D"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: rizveco.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rizveco.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 29 Mar 2026 13:03:26 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Sun, 29 Mar 2026 11:26:25 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69c90c61-1ba\"\r\nExpires: Mon, 30 Mar 2026 13:03:26 GMT\r\nCache-Control: max-age=86400\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":442,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"81c76c10bc20d8f88ab20b542025265b","sha1":"75aa3470706f1f27f2c4775825d31663318df2d6","sha256":"077df9e4e5c60fa9c75edee478f0e587ba4efda7deac4657dad93302142e7d66","sha512":"ac80021077f48f209d97888cacee5f96543a75d122b975b1bba873f23e9ce89634c45b539f4f33ca9ac77d44913ee2b0bdd738dada718ab11f606ee383fae8b3","ssdeep":"","tlshash":"e8f0e525d4e98423c128a381db64a8fa271dc1e392a58214b5ee3f183f5c4f668477a8","first_seen":"2026-03-27T14:56:41.776159Z","last_seen":"2026-06-04T13:52:07.056697Z","times_seen":26,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}