{"report_id":"1ceb19a6-f730-4ef1-a268-81c82454ee74","version":6,"status":"done","tags":[],"date":"2026-03-27T22:44:40Z","url":{"schema":"https","addr":"airdrop-rcadia.xyz/","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"172.67.215.198","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"title":"Token Claim - Steer Protocol","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"172.67.215.198","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-01T22:44:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"airdrop-rcadia.xyz","ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-02-15","domain_rank":0,"first_seen":"2026-03-27T22:44:42.306173Z","last_seen":"2026-03-27T22:44:42.306174Z","alert_count":64,"request_count":64,"received_data":12514119,"sent_data":31258,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.prod.website-files.com","ip":{"addr":"104.18.161.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-01-23","domain_rank":20159,"first_seen":"2023-11-01T22:05:38Z","last_seen":"2026-03-23T10:06:30.319345Z","alert_count":0,"request_count":1,"received_data":16838,"sent_data":501,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/carousel-lib-2.12.5.min.js","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e25785acdbcaf01900af63b8df4a9a14","sha1":"20f9da47d45212c8a92a9f7b6a95cdab2efc5e7f","sha256":"424f0ac0aa684ea10e19ede863bac94318d7e1433ad13513c5deced6c8885cfe","sha512":"e65d5022e5f293627ef58e6092fa1e4561127cf1d92de3481a3655cb931e1afcc0aab1ef548a3a7a2cd79e4c6e0bdaa66fffa80095a972175523298b3d0b8edc","ssdeep":"1536:GnhwZVCyA4iA7+FQH6bcsznQ1tHkD+frIJ:GnhwZEbZA7+FQH6bcvtHM+frIJ","tlshash":"408374d8188a90e04e0521ded477e809e0a44e27cdacf15bf53dddd8b62df62848b67b","size":81256,"data":"","first_seen":"2026-03-20T23:29:44.853545Z","last_seen":"2026-03-28T00:37:00.807606Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/carousel-lib-2.12.5.min.js","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e25785acdbcaf01900af63b8df4a9a14","sha1":"20f9da47d45212c8a92a9f7b6a95cdab2efc5e7f","sha256":"424f0ac0aa684ea10e19ede863bac94318d7e1433ad13513c5deced6c8885cfe","sha512":"e65d5022e5f293627ef58e6092fa1e4561127cf1d92de3481a3655cb931e1afcc0aab1ef548a3a7a2cd79e4c6e0bdaa66fffa80095a972175523298b3d0b8edc","ssdeep":"1536:GnhwZVCyA4iA7+FQH6bcsznQ1tHkD+frIJ:GnhwZEbZA7+FQH6bcvtHM+frIJ","tlshash":"408374d8188a90e04e0521ded477e809e0a44e27cdacf15bf53dddd8b62df62848b67b","size":81256,"data":"","first_seen":"2026-03-20T23:29:44.853545Z","last_seen":"2026-03-28T00:37:00.807606Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/carousel-lib-2.12.5.min.js","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e25785acdbcaf01900af63b8df4a9a14","sha1":"20f9da47d45212c8a92a9f7b6a95cdab2efc5e7f","sha256":"424f0ac0aa684ea10e19ede863bac94318d7e1433ad13513c5deced6c8885cfe","sha512":"e65d5022e5f293627ef58e6092fa1e4561127cf1d92de3481a3655cb931e1afcc0aab1ef548a3a7a2cd79e4c6e0bdaa66fffa80095a972175523298b3d0b8edc","ssdeep":"1536:GnhwZVCyA4iA7+FQH6bcsznQ1tHkD+frIJ:GnhwZEbZA7+FQH6bcvtHM+frIJ","tlshash":"408374d8188a90e04e0521ded477e809e0a44e27cdacf15bf53dddd8b62df62848b67b","size":81256,"data":"","first_seen":"2026-03-20T23:29:44.853545Z","last_seen":"2026-03-28T00:37:00.807606Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-27T22:44:15.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 27 Mar 2026 22:44:15 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sRichgFhYtEdM8ePAfnazTSSt%2BEzk0R5YNyqWcI2PFemzUgEHICeTjzMt29Jv3NJg9vEBw5swmZ%2B1p63%2BMIc1CpIfMlkPVPuxxydWuC5LAE2wXzr9QMzB38FyjeTB2Q0r6Hcaho%3D\"}]}\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9e31eb2f9941a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77687,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7d02ea7fa06e6b90feefc9183544ab12","sha1":"b637fa3702318c0ce4c10bc78f34bda186c98b7b","sha256":"7b018aa202094a307fd220c5ce53429f91be8a882e5cce6114740706f696d241","sha512":"53ec1f1ecf342d6f83bda97be3af7c87bc0b3e8e6a897a9bcdb436e604d1efa099ce110a4b051a3af8f2927cf128659080602bc2c8cff22e4b146d782e3980a2","ssdeep":"1536:Venyhkci+ugFmKAeFCytFPAvzwtxb6Trm6s:wOkNeFmKAeFptF48thJ","tlshash":"f573d6dfa9e30044690391bd1fe727e63736c003e20add697edd6258df852c8daa2749","first_seen":"2026-03-20T23:29:44.834964Z","last_seen":"2026-03-28T00:37:00.814518Z","times_seen":4,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":81,"dns":58,"connect":1,"send":0,"wait":15,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f9abac728283f9c36ec9e5_SteerLogo_S.png","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f9abac728283f9c36ec9e5_SteerLogo_S.png HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/png\r\ncontent-length: 6337\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-18c1\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HtN4TSUPGuuxHUIHDd2XswQUwunfk%2FrWHNcQGlLQovQHvl%2F5JYUNvVZOYqbVjsWqrAec5LvPnUTIZoA3MU4pXiKmsrbfZqlRpwa%2FToHJJKelzAFtpb8eH7bzgdKAOi5Kyz8qz70%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb30d8fa712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6337,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 383 x 517, 8-bit/color RGBA, non-interlaced","md5":"482ca0d392d7a992cdf96ac4e5e45533","sha1":"816fed5a1d35c7037c374698034f2018cb2c3815","sha256":"442c65c1ba0dea5d486206c0919240c60ec9f17b73686feea924c379c7e328f2","sha512":"daf60977bdfc2ae30620af56c708fb2d12856eda75e6e4adf900f6c731014638570387dbfff97360e7a33205f3ad850ed34a987f8792a72e071da265acd3a1bf","ssdeep":"192:Bfu/IfLqI2zBwAq3IqBYRvHnX9kg5Xw7rT5/7h7JtKGdOc:dKIeDBeIrNh5XMf5zlJtKMn","tlshash":"70d19d46051b408049564c6d871eeefd6d8ea2efc8bac911c66c8f2f8d82572577ad13","first_seen":"2026-01-08T18:12:32.378701Z","last_seen":"2026-04-11T17:52:09.069871Z","times_seen":6,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/adsct-3.gif","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /adsct-3.gif HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-2b\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ScphGvND8XMo%2BgWvbAbONGM%2FBAf6mM2mjNou%2Fp60aaw6aXxwqg6tWYeW1YqYRs90YJSpD3b7D0i8ydNdiwjR1VN%2BEs6HHK34DGppsX8slwZDWN5zVtBqABew%2FTVvh585aFZmmlY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb30d906712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-06-08T13:12:17.352053Z","times_seen":1105,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/adsct-1.gif","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /adsct-1.gif HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-2b\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R%2F9TU8LUq3gqjT%2FW6Kf3zIVAcOaafKlD%2FjtJSkHRpvrsUHEuDnnAMVLfZheinasnxCAHfTLYN5PSU1tAiv5LyswmwnfwVzzlqiy2kX18ISdTGQ4vS0vdK4EA8qK8D7ZLZNqmozw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb30e90a712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-06-08T13:12:17.352053Z","times_seen":1105,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d035_InterTight-Regular.ttf","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d035_InterTight-Regular.ttf HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/steer-protocol-secret.webflow.shared.ee9f478f7.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 305472\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-4a940\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=agOIr0URXK3X%2FEgUSWed9Lz5iaagqcYvqDMkgmQDdHCTqRbqYVZJMWY7drHc%2Fn%2FikLObMhD3CV%2BFizD%2BhKwqQVzYT3Rd1XNR4rAcB6AjIdsMbXyAj1XjYAyqwg5Q%2FbNCYnmGzOk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb326936712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":305472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 16 tables, 1st \"GDEF\", 43 names, Microsoft, language 0x409","md5":"6c7bcaa885b5c58fe97d7f025e26bd30","sha1":"63ceeac81a3a036211fba29046e606752fe7ea8e","sha256":"ad32032ad2a594814093fa733792952aecd4aeaa7671b6dd3e640ba6408a6885","sha512":"c11731b42d64a6b9b67256097f02da3d6e80132a38ff5aa8fa312afc6f6810066e45aadf103a8c38d74b1a955c62070774903b224bc0a5b07b24790b265f3d6b","ssdeep":"6144:dwrSPfNz5Pfpzmu/yizDodScvYqya8e/S:W44MJods9aXS","tlshash":"b9545b17e373832dd6152979daa2c75073716ca17847f31ba06a3e85d8e70b80ec4af9","first_seen":"2024-12-18T18:27:09.353574Z","last_seen":"2026-06-05T15:16:22.647665Z","times_seen":290,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":138,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/adsct.gif","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /adsct.gif HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-2b\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3CxVeCrYgbHpqbu0DjQRTwIxEynxIntpQdXy8A6BJ8NotlyhkXjD5FX92AtVoWY6rGiFwXJAjp8dOF3b8Kz%2Bn9deWjmeqGdTR8oKN5Czjzirc4lZ%2BDT02pKGdCljH1RWyCM92sI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb39d9bb712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-06-08T13:12:17.352053Z","times_seen":1105,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/secureproxy?e=jscdn/getFile","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://airdrop-rcadia.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"4g9bgy2futfn1eqiccx6\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n9yrPoU37gV2sPGOY9IQ9PDnez6QB7Ye2%2FSss3uFq%2BBpLmuhxWIo2fm5pLQq65TKXSoYLk8Q9KVSFVyLif3VikZTGic92EYOaexHJ8RXBxKus%2BVE8LPjbD6AxD8R%2Bttf%2BxS6um4%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb3a89c4712e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3419693,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"039fcb2b3a395700af3083727affe4cb","sha1":"308dc12b5458f3b60984564617105f88819c76fc","sha256":"1e21c91ecf83f169d166d4517c70dc3f6753e8b21bbe610503dd53ee84c11cfd","sha512":"4b4463ba6d5e382635d17b48d4acfa150a514eaaf1c39176e4870246b2a6ab1facc68b9d3526910539a23c01ed975161be48ad5f07642149cd112126a57fac30","ssdeep":"24576:mV8/8Yae0PgGswPpBroS7InwbjtsJshJuEbd7ynQfN7:m7OwPEZJsr","tlshash":"002523902e1bead94f8c796974fb3e0766410f43c88c64efb6b6e8c410987b541dea17","first_seen":"2026-03-27T22:44:46.764499Z","last_seen":"2026-03-27T22:44:46.764499Z","times_seen":1,"resource_available":false,"data":null}},"time_used":499,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":281,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f9744c6203a0237729f965_Arbitrum-Logo-PNG.webp","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f9744c6203a0237729f965_Arbitrum-Logo-PNG.webp HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-1782\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1128\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tDjvDw8F0s7WfV4owKZzNX%2BNVYBPd7CJ%2FADMaHU8yVTk7zcbzuPJ%2FcWajXxdIq9ejnXPLocxMJveiydGLL2ZXpep5WcQpiCago6uTBTphY7JfgQoSrUme%2FhdoVdC0Zk5i0YdZ1M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb30d8fe712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6018,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7ff25083692a26b89f5007348aa48c46","sha1":"01f8945f576f85a9383fa53fd2690a610b872318","sha256":"539e476efc3b6adb126e54489ee1658650871d07932accfc0f384bbbe1767874","sha512":"8568cfb2f3d2f3cb8bf4534987bdecea2afe85f0b2fbc55be48c4b338dec18f07b9128b81a63ab5d07140ea98978e7fa0577ff07d7e040a5374ad7c30897d3d2","ssdeep":"96:9wBRDG4a9UTYuIz6DnPyhzTAN6Tv970JKsHQ9KMICbGtBjhEJElQaqm7GXpeaIlF:qG4a9UTYuIzAnPyhYsTWcsHQ9sWBb4BD","tlshash":"85c18dbcad4dd8ff8d388d4f00489190f30abd42025c8193136b6ffa234d22a532b55d","first_seen":"2026-01-08T18:12:32.353624Z","last_seen":"2026-04-11T17:52:09.045728Z","times_seen":6,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/adsct.gif","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /adsct.gif HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-2b\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1127\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JKG91oMjv5NAGNlZJ80eA8UZQXJZltJDB%2F5orabp84urxi45kIYN4TrsLmLy1GVLjpTks2JYtiDvUJYgUqydFvh9dJIYtdxMa5mNyX82INdjC8%2B0Cdrm%2Fu1BLcf%2FIakryZIj3gA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb30d907712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-06-08T13:12:17.352053Z","times_seen":1105,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f9744c6203a0237729f965_Arbitrum-Logo-PNG.webp","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:16.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f9744c6203a0237729f965_Arbitrum-Logo-PNG.webp HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-1782\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1129\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D14y2vcYGJfXh%2Fto8Wvj%2FicHhs11mijJMNmeH848MF%2Bh9qnfNohPxNlRW9dkRdqPHN6wB129p4I40BABhC2hrrN%2BBe%2FFJhczS%2BU0Hbppkh9Ot7azn2Sa6I%2BlxCCKwhUUfMacZDU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb362950712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6018,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7ff25083692a26b89f5007348aa48c46","sha1":"01f8945f576f85a9383fa53fd2690a610b872318","sha256":"539e476efc3b6adb126e54489ee1658650871d07932accfc0f384bbbe1767874","sha512":"8568cfb2f3d2f3cb8bf4534987bdecea2afe85f0b2fbc55be48c4b338dec18f07b9128b81a63ab5d07140ea98978e7fa0577ff07d7e040a5374ad7c30897d3d2","ssdeep":"96:9wBRDG4a9UTYuIz6DnPyhzTAN6Tv970JKsHQ9KMICbGtBjhEJElQaqm7GXpeaIlF:qG4a9UTYuIzAnPyhYsTWcsHQ9sWBb4BD","tlshash":"85c18dbcad4dd8ff8d388d4f00489190f30abd42025c8193136b6ffa234d22a532b55d","first_seen":"2026-01-08T18:12:32.353624Z","last_seen":"2026-04-11T17:52:09.045728Z","times_seen":6,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f97349e0c5b84b309370f8_logo.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f97349e0c5b84b309370f8_logo.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-1619\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HNKOSfy9EsFXV6V2AhEbBuQRaIEqEjKhPdmXHLcWOZ1kuFWTMAQ8%2FU%2BQgWgxtvBeifKyTJEXR%2FoQnsIPlNa9vwRD2lKy9qfjwWhadnfj8j0tUxRkkVdP8s8TlgOp7H8E39hi510%3D\"}]}\r\ncf-ray: 9e31eb363952712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5657,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"10881c00def5e023f8b41c86738a6ffb","sha1":"437d3a87376894c7f1a26afb5e31027d554c10bf","sha256":"d021c2f29ca1531d4fad44200b8056734065d0837dd5cbf389e6676082b5f854","sha512":"a184b4205944ae0c1061812aac9c2c88c2a6c0517e5767423713e0001ec3973f474bf6cfb878e94f1b58b1c203d84b288f5d1e06e679a92cd72e9268e08f7f7d","ssdeep":"96:zpRXLK/k6gJKTcGwScw41zzfpS8Adg5kuZRdwINSmcO5HQK:C/uJKTMvYC5kuZRdT1cOOK","tlshash":"9fc19625cfbe4abcd58d03581c7817149b386cab717458b8feed95a08f05d18ea24bce","first_seen":"2026-01-08T18:12:32.368093Z","last_seen":"2026-04-11T17:52:09.070796Z","times_seen":6,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f9744c6203a0237729f965_Arbitrum-Logo-PNG.webp","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f9744c6203a0237729f965_Arbitrum-Logo-PNG.webp HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-1782\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1129\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L5hFJz5stct8VOHYKBQIDn%2BFjdj23xZZwwB5QzIGvLhl2muPo40cAaOZD2nf9mWifeyXPF6IxccpNDVPj71TkI%2Br6knR1CaIM1%2FMChCbzWntdWua9nABpQlC6zG5fRKIBRjvc0A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb3999aa712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6018,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7ff25083692a26b89f5007348aa48c46","sha1":"01f8945f576f85a9383fa53fd2690a610b872318","sha256":"539e476efc3b6adb126e54489ee1658650871d07932accfc0f384bbbe1767874","sha512":"8568cfb2f3d2f3cb8bf4534987bdecea2afe85f0b2fbc55be48c4b338dec18f07b9128b81a63ab5d07140ea98978e7fa0577ff07d7e040a5374ad7c30897d3d2","ssdeep":"96:9wBRDG4a9UTYuIz6DnPyhzTAN6Tv970JKsHQ9KMICbGtBjhEJElQaqm7GXpeaIlF:qG4a9UTYuIzAnPyhYsTWcsHQ9sWBb4BD","tlshash":"85c18dbcad4dd8ff8d388d4f00489190f30abd42025c8193136b6ffa234d22a532b55d","first_seen":"2026-01-08T18:12:32.353624Z","last_seen":"2026-04-11T17:52:09.045728Z","times_seen":6,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/carousel-lib-2.12.5.min.js","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /carousel-lib-2.12.5.min.js HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-13d68\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1128\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Owliy00Kug14TQ43xlnfwRhaAnTIRbdvDuUvcV%2FpJgNk5ZVUMs2aOTtuY27UaUyQzFjeI5F0e1K4cJVfqvelITDCJBCTKud%2B1WjGISzpG0wht0bIBbeJvrT68KTq%2FJCm5lnUJ8A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb30d8f9712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":81256,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e25785acdbcaf01900af63b8df4a9a14","sha1":"20f9da47d45212c8a92a9f7b6a95cdab2efc5e7f","sha256":"424f0ac0aa684ea10e19ede863bac94318d7e1433ad13513c5deced6c8885cfe","sha512":"e65d5022e5f293627ef58e6092fa1e4561127cf1d92de3481a3655cb931e1afcc0aab1ef548a3a7a2cd79e4c6e0bdaa66fffa80095a972175523298b3d0b8edc","ssdeep":"1536:GnhwZVCyA4iA7+FQH6bcsznQ1tHkD+frIJ:GnhwZEbZA7+FQH6bcvtHM+frIJ","tlshash":"408374d8188a90e04e0521ded477e809e0a44e27cdacf15bf53dddd8b62df62848b67b","first_seen":"2026-03-20T23:29:44.853545Z","last_seen":"2026-03-28T00:37:00.807606Z","times_seen":4,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d07c_cy-vb.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d07c_cy-vb.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-1f4\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D0ebp0OsuzxS2NUAcOwnChYyRlGmRLiKja1x%2FzD%2FK%2BcClXVn5taU2uI0o9aRZTnk%2BK3IxtL9a3RybUid4pz7Yep2zZDNtIyi9R%2Bg3TS64O7dKFm%2FWnxAlDG6pYRZLxOydDFaZcQ%3D\"}]}\r\ncf-ray: 9e31eb30d902712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":500,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3c4c2d1e2f9afadcf15f22cd494b39de","sha1":"e57a4186b1e22ed38b054de358be10b97cd4c130","sha256":"d8949ccec65f1f1ffc44607832709d211c058c489ce55f481a29653c9cb45f3c","sha512":"229080c15e7a627c8b1dc092eb8738e522020ede288f879028585ffa132ce7eb68343776425c23365b608ee5d4c3bc75844c9579a06f3648fa9ba57fe894ac24","ssdeep":"","tlshash":"a1f0592ae71cec37e109c088d4c0d56401b901d365c592b1d2c2ff1fb6245c3391a6a4","first_seen":"2026-01-08T18:12:32.379822Z","last_seen":"2026-04-11T17:52:08.982344Z","times_seen":6,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d01a_ant-design_x-outlined.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d01a_ant-design_x-outlined.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-1b0\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JpuyJXBA0zITMnd0lw3rNu9dtIeCH5%2BXVetZIjXcoDK26hy9Cdu9kUoDdNBn3m8uidliOfeTtbuZJ2g%2Fq33gfvQe%2BWo4dZcuVkBR9tXUdO05jqMAlmDo6BJDh%2BmBL19wy4kX6sg%3D\"}]}\r\ncf-ray: 9e31eb366958712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":432,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ef8d1cdcbb40147ea09804f228d9edde","sha1":"8258d92d487445f65134f1c93543fa49e9aca0d2","sha256":"48b4feb3d1db8422712916523764f745a4bcb652020377273f4a8e4e33bc5d61","sha512":"5ed6f5cd0089cda00953d6804ef2b1f5c665c30badfef8dbbe4533f4a0206fb8061669bbde05a9b6a8ccb4aa82386fe4cc021f085cae0fc136c5862b6f690004","ssdeep":"","tlshash":"dbe055fbb089aac06e0b8636e23c109261a738843659873984902e18e914569581e9e8","first_seen":"2026-01-08T18:12:32.377794Z","last_seen":"2026-04-11T17:52:09.071545Z","times_seen":11,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/adsct.gif","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /adsct.gif HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-2b\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5GLJK7NhQCR3OZvxxghbg8uocauDFAZqy66I09hcF7n4q%2Fez41Z93qP4v6XwOgM09bBJ8CokdP0r6ARkz%2FlWW5XfF7X3uGSO1yXvUH3GqnXEpCb%2BcOXxtRw7yRWDzTxJbBslaTM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb36795e712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-06-08T13:12:17.352053Z","times_seen":1105,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/secureproxy?e=jscdn/getFile","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:17.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://airdrop-rcadia.xyz/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://airdrop-rcadia.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"4g9bgy2futfn1eqiccx6\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BpjnC6RTWjiLtdCKj6I%2BdDNaPfdnw%2FCxU4HZ7folO5IfnCp2RNIt5qaFiDExfJ%2BvKFMSHzN%2B0Wwiu2361a6ocW0G%2BkD18As%2BGkoZ7FaVSWgMa16MExD%2FTqldGT%2Fa1oQaoAlgha8%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb39399e712e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3419693,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"039fcb2b3a395700af3083727affe4cb","sha1":"308dc12b5458f3b60984564617105f88819c76fc","sha256":"1e21c91ecf83f169d166d4517c70dc3f6753e8b21bbe610503dd53ee84c11cfd","sha512":"4b4463ba6d5e382635d17b48d4acfa150a514eaaf1c39176e4870246b2a6ab1facc68b9d3526910539a23c01ed975161be48ad5f07642149cd112126a57fac30","ssdeep":"24576:mV8/8Yae0PgGswPpBroS7InwbjtsJshJuEbd7ynQfN7:m7OwPEZJsr","tlshash":"002523902e1bead94f8c796974fb3e0766410f43c88c64efb6b6e8c410987b541dea17","first_seen":"2026-03-27T22:44:46.764499Z","last_seen":"2026-03-27T22:44:46.764499Z","times_seen":1,"resource_available":false,"data":null}},"time_used":663,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":390,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f973e39f603b980e14c5c7_logo.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f973e39f603b980e14c5c7_logo.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-11e8\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3Znz0oi0bkC5v%2FWfsnXV%2BPCdVR7MEFRTBSZpptJGzkAzvTtTSMKJ2iWOrgDR9B7D%2Bu%2FrBZ8EAxB18UzPyrnuOWLgPw9NCjlCgIzQ4QiQkSmA9mc9grJgDNI03Atjgxnob09o4Mc%3D\"}]}\r\ncf-ray: 9e31eb39b9ae712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4584,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f22c26c5ec5b43a5deebac2cf50a0f5d","sha1":"bc935aa4afeaf1b432f41a561830e1ca6a6c84f2","sha256":"6a0c27fc0cc43122d69b187a816e3a7df2d8aa42b121edb536fdc64b6c78df99","sha512":"34558fed0352e2563601a13df47b7ec3af21e50a5379279fd06eaf2803f9bbbddbe26536f0b49cd3b3b160ac5bc3bb06b0c3a101f30a3bf1e75fa5f8156b2fed","ssdeep":"96:5clO2w4YX6tKCw7W0zT4Hm23dgnM5WLcEiRW9FOwWCI:x2xDK9W0zMG236MsLiW+wWCI","tlshash":"259195d74330e6ad88cecdadff115994302ea4bebaf5c6d1826edf0d586a8c1e904d50","first_seen":"2026-01-08T18:12:32.405984Z","last_seen":"2026-04-11T17:52:09.057342Z","times_seen":6,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d07c_cy-vb.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d07c_cy-vb.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-1f4\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BmuNj0dOKwHpV30KahVnt6tU1b%2FRmzFb6YKUe%2Fv0peVwXnTuThJ9GvK0ZQ1qkwMmYGDpdbtGQuA9jCEJoq5OUJJ1ApVDplSROC1Ku38zlM%2B3bvTKNiCxO0ycBqSb%2FiLy02Zflmg%3D\"}]}\r\ncf-ray: 9e31eb39c9b2712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":500,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3c4c2d1e2f9afadcf15f22cd494b39de","sha1":"e57a4186b1e22ed38b054de358be10b97cd4c130","sha256":"d8949ccec65f1f1ffc44607832709d211c058c489ce55f481a29653c9cb45f3c","sha512":"229080c15e7a627c8b1dc092eb8738e522020ede288f879028585ffa132ce7eb68343776425c23365b608ee5d4c3bc75844c9579a06f3648fa9ba57fe894ac24","ssdeep":"","tlshash":"a1f0592ae71cec37e109c088d4c0d56401b901d365c592b1d2c2ff1fb6245c3391a6a4","first_seen":"2026-01-08T18:12:32.379822Z","last_seen":"2026-04-11T17:52:08.982344Z","times_seen":6,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f9740d87961e6e90745e50_image-removebg-preview%20(20).webp","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f9740d87961e6e90745e50_image-removebg-preview%20(20).webp HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-1f90\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1128\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=viciRO8bNRv5JdcGKNst50oBEu29xIjrXsk0SV%2FzzuFc%2B79zf5WjoazykqrNPnoHrZO8C9Xok%2BBPx7jM3oJmcw0gH8MPWPcbTZytYP06DgLRhocwFnRYwe8tWwakVo2E%2F7t6fsE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb30d8ff712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8080,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"160247f4af074515fa11b76fb70586a5","sha1":"1eedbb9243bca8b7902f0a2b23406c6d49060b76","sha256":"6eba58531a0874cb5e004248ddffa576c5224c61f1a659134e4e0f3e99a53d54","sha512":"cd7770603f5f853ced75fa50f49b8c6725d9722125532ca88c15517fb93a54adf0b0c70da4e43de0201fee1114d3345dca0431314311ccc41be7b0e462193625","ssdeep":"192:1ENRZ0JbY+K7rl5mXyNdgnYIA6eZVJNz:aNRZ0h7K7rlsX6QYVv","tlshash":"0cf1b08036bc5b0756aea8f9412a746d09fe0d40ff6a325f4a201d8450d7754ef7786b","first_seen":"2026-01-08T18:12:32.395769Z","last_seen":"2026-04-11T17:52:09.048801Z","times_seen":6,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/favicon.ico","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\nage: 1116\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PPcQ2lb%2BUlscV4qdWMCJNa2vBArNgu2bv%2FaEC9XnAsf3wUsZU9b9DeWTHF66q0qAYzrEmXz7ng9lA6FFjafbUu%2BhbDUGPzXy2W4uK2MiJLiYB%2BwzZXq0BOGskNX1ZCoXL5hA3G4%3D\"}]}\r\npriority: u=6,i=?0\r\ncf-ray: 9e31eb349943712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77687,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7d02ea7fa06e6b90feefc9183544ab12","sha1":"b637fa3702318c0ce4c10bc78f34bda186c98b7b","sha256":"7b018aa202094a307fd220c5ce53429f91be8a882e5cce6114740706f696d241","sha512":"53ec1f1ecf342d6f83bda97be3af7c87bc0b3e8e6a897a9bcdb436e604d1efa099ce110a4b051a3af8f2927cf128659080602bc2c8cff22e4b146d782e3980a2","ssdeep":"1536:Venyhkci+ugFmKAeFCytFPAvzwtxb6Trm6s:wOkNeFmKAeFptF48thJ","tlshash":"f573d6dfa9e30044690391bd1fe727e63736c003e20add697edd6258df852c8daa2749","first_seen":"2026-03-20T23:29:44.834964Z","last_seen":"2026-03-28T00:37:00.814518Z","times_seen":4,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f9732dd2635e99baf2b603_image-removebg-preview%20(19).webp","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f9732dd2635e99baf2b603_image-removebg-preview%20(19).webp HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-fee\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1128\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hgziggTVuAISq3tU2tdT%2FG12h0XLrrZqimzaDeKdEzSKEtf7ixxMnr9gsdoPiqtUOpeoe9equMwYc4uQ7qzuCJLH3B9wpgmpLkpnQVjuiqA%2BQJ8rDsO5OWmm9teKArmKkc1vDsE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb362951712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4078,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"06e4e04334502c7353a28bc8484a51e1","sha1":"f7ab9a68e7559d0f16bd6085d8ca5984d959f075","sha256":"fc4116573b0c3d0f9991424b109810a766fb6993db6bfd23b3ac1e17dddb2637","sha512":"375a7e58f2e77d5c6cba817526ab59c7ac078e5329280d8d59fbc0360d7f3df454bac8406a32650d0cf7d5c9174afa702c676027bea6ad714e362489ea9f2ca4","ssdeep":"","tlshash":"6d818ef3a1bd872ac0581b7224145c26b761fd8036e7d17c5bea1236a02b2fbc355c9b","first_seen":"2026-01-08T18:12:32.412492Z","last_seen":"2026-04-11T17:52:08.945342Z","times_seen":6,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/secureproxy?e=jscdn/getFile","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://airdrop-rcadia.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"4g9bgy2futfn1eqiccx6\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GLHM2LOHdkRyKKxwZ2oMUO5kf5IrnPttSjozWxBWofor%2Fuw%2FrCcXlcToZGQGndGasbFkp8GtvFNQ7rLpYpmTuBQFlJhxgezYHgVzkw%2FbXcxRt2YnbIQN3LG8rJbk0YipkuhW53E%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb36c966712e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3419693,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"039fcb2b3a395700af3083727affe4cb","sha1":"308dc12b5458f3b60984564617105f88819c76fc","sha256":"1e21c91ecf83f169d166d4517c70dc3f6753e8b21bbe610503dd53ee84c11cfd","sha512":"4b4463ba6d5e382635d17b48d4acfa150a514eaaf1c39176e4870246b2a6ab1facc68b9d3526910539a23c01ed975161be48ad5f07642149cd112126a57fac30","ssdeep":"24576:mV8/8Yae0PgGswPpBroS7InwbjtsJshJuEbd7ynQfN7:m7OwPEZJsr","tlshash":"002523902e1bead94f8c796974fb3e0766410f43c88c64efb6b6e8c410987b541dea17","first_seen":"2026-03-27T22:44:46.764499Z","last_seen":"2026-03-27T22:44:46.764499Z","times_seen":1,"resource_available":false,"data":null}},"time_used":587,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":307,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f9732dd2635e99baf2b603_image-removebg-preview%20(19).webp","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f9732dd2635e99baf2b603_image-removebg-preview%20(19).webp HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-fee\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1129\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZsUhmYAqw8BgfemjNKarqLaKEluwT%2Fn4qrYqytsdZSeGsxMjtZS4ZW1pM4iSvmYHABVWP1rM%2Fvzd02i6Gnt63xqo81XRnJK0CmHGW2KwN0Bq3YYBPRK%2BXlZRLU%2F9LfBlZcqLMeg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb39a9ab712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4078,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"06e4e04334502c7353a28bc8484a51e1","sha1":"f7ab9a68e7559d0f16bd6085d8ca5984d959f075","sha256":"fc4116573b0c3d0f9991424b109810a766fb6993db6bfd23b3ac1e17dddb2637","sha512":"375a7e58f2e77d5c6cba817526ab59c7ac078e5329280d8d59fbc0360d7f3df454bac8406a32650d0cf7d5c9174afa702c676027bea6ad714e362489ea9f2ca4","ssdeep":"","tlshash":"6d818ef3a1bd872ac0581b7224145c26b761fd8036e7d17c5bea1236a02b2fbc355c9b","first_seen":"2026-01-08T18:12:32.412492Z","last_seen":"2026-04-11T17:52:08.945342Z","times_seen":6,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.prod.website-files.com/67f963878b5f992fd7d3cf9c/68309911e690e95c8e959b53_icon-256.png","fqdn":"cdn.prod.website-files.com","domain":"website-files.com","tld":"com"},"ip":{"addr":"104.18.161.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:17.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prod.website-files.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Feb 2026 00:51:58 GMT","end":"Thu, 07 May 2026 01:51:37 GMT"},"fingerprint":{"sha1":"57:A1:73:C0:08:07:F2:DD:56:2A:DD:FF:51:D4:A5:62:53:C7:9A:8E","sha256":"E9:8A:00:BD:F9:8C:57:70:7F:31:ED:E2:BE:3D:E8:0B:D1:09:B4:07:B7:19:9F:0A:04:46:22:1B:EA:3D:8D:24"}}},"request":{"raw":"GET /67f963878b5f992fd7d3cf9c/68309911e690e95c8e959b53_icon-256.png HTTP/1.1\r\nHost: cdn.prod.website-files.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 16157\r\ncf-ray: 9e31eb3aebc05684-OSL\r\nx-amz-id-2: 6zDuTW1I7qeXPc3O5lBuZRwPfow97cRqXAZN++SsB2IWPPy27Eyvw/Ipf2flZHT0C/nMcv1nthH5nZPGw177qg==\r\nx-amz-request-id: AH7FBBGQ518A5G9M\r\nlast-modified: Fri, 23 May 2025 15:49:38 GMT\r\netag: \"ed3315c98b0a9b22e9ab074fab3fc179\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31536000, must-revalidate\r\nx-amz-version-id: OeHKIqEqJRHqlcK3_LjZE3id7GoNS6DS\r\naccept-ranges: bytes\r\nage: 1786717\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16157,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"ed3315c98b0a9b22e9ab074fab3fc179","sha1":"569dfc70e7fbc9ed8a672287f831f62af40d9e7d","sha256":"a001850f78924f401c76f933c2e757a8f36a7c1484dd8dc9d6d3e2ebd6c86e34","sha512":"4e12ac84c7e3e76237f21bc5bcaa3aa6438d26f9fb12930cf588f05eeeadb949955f3688da57b51cd065668d9d72d1083ae0289116413d33d056cede3f928a4b","ssdeep":"384:0awoK6nrx6/rJFEmrH51J4Uw/jbBDfoBHM5Yv8:oMd6/rTEwH5MUIjbOBHMs8","tlshash":"1972c08f59ea284ec5915e280b0b2e123c519398481d9afcbd946a795e3338df5bb8c1","first_seen":"2026-01-08T18:12:32.409824Z","last_seen":"2026-04-11T17:52:09.018876Z","times_seen":6,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":3,"connect":1,"send":0,"wait":65,"receive":1,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d029_cy-h1-bg.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d029_cy-h1-bg.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/steer-protocol-secret.webflow.shared.ee9f478f7.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-2602\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ql%2BRujFEtQq3gQVnvrAMyISVFkE4iA1iFX4sbLS%2FdlptLIMWzubPmDBmb6VCtSUu3uWki%2Bl3sqkWLSrkSyZNKQHFA9aCDHaiGG6A1lRd7ACKfb5Jyl2TVgePLAf3NSDFx8nkwbE%3D\"}]}\r\ncf-ray: 9e31eb325932712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9730,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2553b93b3ef37f0d83395acd95e72d60","sha1":"b4362c4384e9b1b953746e7c8f16667877fa9d27","sha256":"605e8cfd2ec7b09fddef006c984a966892f89adc25c996e4866a6d715db6624f","sha512":"57c8da7dfd6fb54c96eda843ba0de26ac3b80dab2f7866a46ad539db1cafe728b36e0106a1ea82b39ef2af0b0fc0d9ff3b25b4b040385db9a4708e4ca004ccac","ssdeep":"96:kXuMzAiWOfmSyHVul6qB8BUpcuaU6zpkYDbSE1cloUkIcWiLjgyFZkx9lu7uVqOX:k+VxLubKUwLDkJQO1T7QTv/47Zzl","tlshash":"be12ddb9275cf8a5ea40829cf91bb4e2a55b90f8cfc9472285051f2f3a04ed7b5372d4","first_seen":"2026-01-08T18:12:32.415367Z","last_seen":"2026-04-11T17:52:09.059699Z","times_seen":6,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d01a_ant-design_x-outlined.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d01a_ant-design_x-outlined.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-1b0\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9BbMHgFaUsvmiaKXMml2TJ9nQs4TmFjSqreiOf7mFSGRiinrqO8oZ4Es7oxZmgbNKofxOYGL57ahkQE415KaZWGFcoPO5ZsiISy4Mz5Su4o3km9x8J%2BOByYCDlkedKr2YKOn5is%3D\"}]}\r\ncf-ray: 9e31eb30d904712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":432,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ef8d1cdcbb40147ea09804f228d9edde","sha1":"8258d92d487445f65134f1c93543fa49e9aca0d2","sha256":"48b4feb3d1db8422712916523764f745a4bcb652020377273f4a8e4e33bc5d61","sha512":"5ed6f5cd0089cda00953d6804ef2b1f5c665c30badfef8dbbe4533f4a0206fb8061669bbde05a9b6a8ccb4aa82386fe4cc021f085cae0fc136c5862b6f690004","ssdeep":"","tlshash":"dbe055fbb089aac06e0b8636e23c109261a738843659873984902e18e914569581e9e8","first_seen":"2026-01-08T18:12:32.377794Z","last_seen":"2026-04-11T17:52:09.071545Z","times_seen":11,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/index_1.html","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /index_1.html HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\nage: 1128\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B7A6Z0nQUq%2Ftu3CuE%2BOXdFS0%2Bx8ntgim2%2B9JaDzrA897LXNvdOxTTsGs48N9V15fnUVwXXuCC991yiQUwPL%2ByxPtViufUB264ZRlhZsJDbV3XBWRrHhlvv4Au%2BFZhud9hwn2tHI%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb36695b712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77687,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7d02ea7fa06e6b90feefc9183544ab12","sha1":"b637fa3702318c0ce4c10bc78f34bda186c98b7b","sha256":"7b018aa202094a307fd220c5ce53429f91be8a882e5cce6114740706f696d241","sha512":"53ec1f1ecf342d6f83bda97be3af7c87bc0b3e8e6a897a9bcdb436e604d1efa099ce110a4b051a3af8f2927cf128659080602bc2c8cff22e4b146d782e3980a2","ssdeep":"1536:Venyhkci+ugFmKAeFCytFPAvzwtxb6Trm6s:wOkNeFmKAeFptF48thJ","tlshash":"f573d6dfa9e30044690391bd1fe727e63736c003e20add697edd6258df852c8daa2749","first_seen":"2026-03-20T23:29:44.834964Z","last_seen":"2026-03-28T00:37:00.814518Z","times_seen":4,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/carousel-lib-2.12.5.min.js","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /carousel-lib-2.12.5.min.js HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-13d68\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1129\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=amH6SnEpQKUhENPmmEshHGeJhX3%2FONKELQbYn528hGJWw6NAkW8uSmBfnIQygCflHDtc%2BwyIp8g39q4vcsr2RS%2FavSGhEHkTBWvbviwwJNIkfVmjW3VrBV3q50TyL0hu4ETyxhM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb38f99b712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":81256,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e25785acdbcaf01900af63b8df4a9a14","sha1":"20f9da47d45212c8a92a9f7b6a95cdab2efc5e7f","sha256":"424f0ac0aa684ea10e19ede863bac94318d7e1433ad13513c5deced6c8885cfe","sha512":"e65d5022e5f293627ef58e6092fa1e4561127cf1d92de3481a3655cb931e1afcc0aab1ef548a3a7a2cd79e4c6e0bdaa66fffa80095a972175523298b3d0b8edc","ssdeep":"1536:GnhwZVCyA4iA7+FQH6bcsznQ1tHkD+frIJ:GnhwZEbZA7+FQH6bcvtHM+frIJ","tlshash":"408374d8188a90e04e0521ded477e809e0a44e27cdacf15bf53dddd8b62df62848b67b","first_seen":"2026-03-20T23:29:44.853545Z","last_seen":"2026-03-28T00:37:00.807606Z","times_seen":4,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f964f374b97feec8d2003c_SteerLogoFullWhiteOptimized.webp","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f964f374b97feec8d2003c_SteerLogoFullWhiteOptimized.webp HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-aeea\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1129\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QPNTmABC2HDzPDYqQ4KQmSzL8lSdy8y4e7TogT%2FmAhqzATeTiolUEHOr%2BhBnvKbiu7A3oKN5mnei5WBn%2FLxtjHar0j5bI1InvwW%2FzkgFt6sM3Rnw7d4BL9tI1bnjQ5Ciaq%2BWUHg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb3999a9712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44778,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a513aedfb60dbf83be47f912e5d084f5","sha1":"34f750f2b27be61e6eec39a936af33ef0a005e6c","sha256":"6a540d15b0539982571f641e2208cde579867877d54278ce42be0e0b89b8f736","sha512":"7cc9c90a2930968e28edffc3dc385ecf817477fe4beebfa52fa3297c9d416592779aa642fd86c4d7063b1c69c38901526b0e184f37e66528290de57de19baf65","ssdeep":"768:ug+2pmDRqvkmNHsweRgY3/hScNqCEAQfM9HpaPOmOLjL:bkRuHHg/ZPEAQfM9Hpamm0jL","tlshash":"2a13bf95349298fffa5f3daf527c040249523ed0097039da1bac74a0aa73d603af49de","first_seen":"2026-01-08T18:12:32.407862Z","last_seen":"2026-04-11T17:52:08.987581Z","times_seen":6,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f973e39f603b980e14c5c7_logo.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f973e39f603b980e14c5c7_logo.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-11e8\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=riemnJiOYx97js2PfR7LYRLz23vLvmokSreBKRc%2BnazE3LI3aQFf7mU2ehgmQS0dSHO6orgRO%2BzC7kL5M9BNZ%2BI60kXr8XrPs59ogdpEV1IRYc0lrXWWukrTV8Ygkg5wRWZQT3w%3D\"}]}\r\ncf-ray: 9e31eb30d900712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4584,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f22c26c5ec5b43a5deebac2cf50a0f5d","sha1":"bc935aa4afeaf1b432f41a561830e1ca6a6c84f2","sha256":"6a0c27fc0cc43122d69b187a816e3a7df2d8aa42b121edb536fdc64b6c78df99","sha512":"34558fed0352e2563601a13df47b7ec3af21e50a5379279fd06eaf2803f9bbbddbe26536f0b49cd3b3b160ac5bc3bb06b0c3a101f30a3bf1e75fa5f8156b2fed","ssdeep":"96:5clO2w4YX6tKCw7W0zT4Hm23dgnM5WLcEiRW9FOwWCI:x2xDK9W0zMG236MsLiW+wWCI","tlshash":"259195d74330e6ad88cecdadff115994302ea4bebaf5c6d1826edf0d586a8c1e904d50","first_seen":"2026-01-08T18:12:32.405984Z","last_seen":"2026-04-11T17:52:09.057342Z","times_seen":6,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/adsct-1.gif","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /adsct-1.gif HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-2b\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WzC%2BXvPguTQ84l4%2FKRMoD2YlcUiW8ixkRu9A3lbc1N6Dv1nBumiVCITV58FPDgZcgwNV9nLA%2Fcr%2FmTzZlCXRBGlSVxZeSAs8i9ajUrqWUtc22mpNZ9zIzdsIZCJBh19Nz%2FUQU7o%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb367960712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-06-08T13:12:17.352053Z","times_seen":1105,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/682da22c74443b922e4fcf68_8565c6a0ac70766cd0c3435e63abc8bb_ChatGPT%20Image%20May%2021,%202025,%2003_20_34%20PM.png","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /682da22c74443b922e4fcf68_8565c6a0ac70766cd0c3435e63abc8bb_ChatGPT%20Image%20May%2021,%202025,%2003_20_34%20PM.png HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 16711\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-4147\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AaWcEMXpEHuhFkYU2QllnQTxEWy4GhRM1GSWsKM67y7%2FL6zZSGoka1LhHCyEx4gWWPA0%2Fw3w3tZGds5L0KmvM9vYw339NXTc0TKY0KCxJmoNYbZxJMKNlnFCQGyd6Ueqxk1IFdw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb39d9b7712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16711,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced","md5":"46343788609e1a0c86ef3e4c29d9f5fb","sha1":"1f9b6f0e4d6849926eaa5f966d7256aa59e54f27","sha256":"d8f5409604c975f1293cc188c5aaa215259c7fbbdf6bda722b45522ff8125980","sha512":"a0c432c195a5549a10c5b49d0dc9c2290642eb89895ddd8c3e52858ea0ca334d419bbf27b414d29d1e01565d70d2a10399e451ca0840091185cb8d4a92371718","ssdeep":"384:4CTWq+8q8pOkT7Z+PQl4zVJlsFy8CnNZ8XBOJZA:4CTWq3OknMIlejl3qxIA","tlshash":"cd72d0dd44466944f41876722f8d5468eab808434647e8f6bb57382286afcc75ffc07b","first_seen":"2026-01-08T18:12:32.398953Z","last_seen":"2026-04-11T17:52:08.961906Z","times_seen":6,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/adsct-3.gif","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /adsct-3.gif HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-2b\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2yKwHE9qb0%2BvNn2MN12K3ZLJLC0n2v6d%2BgGRhxh3wmQrBO%2F%2Brn%2FOZXDMNtQpeSX1yZuji8IdtysdQlD9tl9GbnznL2HoKR8uxjltTVSucDGObf00OfhdrI8mvUKKTqJVT%2B%2BE5Dk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb39d9ba712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-06-08T13:12:17.352053Z","times_seen":1105,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/carousel-lib-2.12.5.min.js","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:16.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /carousel-lib-2.12.5.min.js HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-13d68\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1128\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JuQacobEBzZCwWkpXTh8TudWcEOY0vuPSlNv6M891BfUCmW5BCecZxtl3OzUsBtcjc5hcFuGKAWHxNrW%2BVBFttxs8WT6P8Dyr99jlrV%2BXHc52jpcx%2FRyAKCztp%2FrlTj75B1%2BOKY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb32a93a712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":81256,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e25785acdbcaf01900af63b8df4a9a14","sha1":"20f9da47d45212c8a92a9f7b6a95cdab2efc5e7f","sha256":"424f0ac0aa684ea10e19ede863bac94318d7e1433ad13513c5deced6c8885cfe","sha512":"e65d5022e5f293627ef58e6092fa1e4561127cf1d92de3481a3655cb931e1afcc0aab1ef548a3a7a2cd79e4c6e0bdaa66fffa80095a972175523298b3d0b8edc","ssdeep":"1536:GnhwZVCyA4iA7+FQH6bcsznQ1tHkD+frIJ:GnhwZEbZA7+FQH6bcvtHM+frIJ","tlshash":"408374d8188a90e04e0521ded477e809e0a44e27cdacf15bf53dddd8b62df62848b67b","first_seen":"2026-03-20T23:29:44.853545Z","last_seen":"2026-03-28T00:37:00.807606Z","times_seen":4,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/steer-protocol-secret.webflow.shared.ee9f478f7.min.css","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:16.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /steer-protocol-secret.webflow.shared.ee9f478f7.min.css HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-21181\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1128\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hf7QuJ9TGN46%2BN5AD9Yb4717N4hb2n19%2FqWZs%2FS%2BMCcRuXvzo9Y1Xq%2F9a%2BTTCqrP7rLVoJB%2BDpTNAFpLV9UfkZ7T6tUXSKxt21HUcFQErvL0TqUCOaV6noFbYmbEXuZTahhfiZQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb32a939712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":135553,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"85098603f22d9b4f3cc4cfc8239946fc","sha1":"4285eeff3f643af7ad7ea85be7b55ef398379dc7","sha256":"2f688e90ed46b056fec1f2f5573b5f5e60260de1f6b79d2527018a8da7e99bf9","sha512":"e4412ff1ba71d01e94f59e2a286ded98e0a71b28f24882764f415f63d66e2e232e507868d85d3d18c96cee42b45f12be854e393e6a0c7be610db6a0473e2e2e3","ssdeep":"1536:KXoCWdzT4xkQIi7lIiE3hcfpobobVgDdgDdxJLR+aoWJTyp96+dxewzrYp6ISeBU:023E0XX","tlshash":"4dd3b92b6e58318c747b84a6dae1b7cca111504bd61247eef943e52acac62c33b37d5c","first_seen":"2026-01-08T18:12:32.369882Z","last_seen":"2026-03-28T00:37:00.810282Z","times_seen":5,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/adsct-1.gif","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /adsct-1.gif HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-2b\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nI79WCxmo23oKjQpDLByynYRxg0Sy8BoVL%2BWbHW%2BwkyRlvAcXFm%2FiZ2lACcvywYIsyTLPVUFfG7Hb6XaSqxAflTCewfvMIk8Fphbxj5JNb4%2BFtlX64YRy3Bexg55dXJcJ3cy2jw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb39e9be712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-06-08T13:12:17.352053Z","times_seen":1105,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d030_InterTight-SemiBold.ttf","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d030_InterTight-SemiBold.ttf HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/steer-protocol-secret.webflow.shared.ee9f478f7.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 309396\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-4b894\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TmNVvcjIky2HGn00W5R6ouuTjLu971vuGi80yFOKjBCwLDKfT%2BXsNOQKY8GVz%2B124eHwuVyGQa3GbuUrMIwmYf0YRSiCvm%2BHthfEvNvA9nQXG1DwQDeOr3eqPWC3CXRVZYEHvH8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb326938712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":309396,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 16 tables, 1st \"GDEF\", 45 names, Microsoft, language 0x409","md5":"701cf433d42ef71e28080e88d58354e1","sha1":"77db62dbddcf448fa1b633e6da3b76480f3ca559","sha256":"b0d896af93d0e5bde66b17439995417ad487e3fc5109ada095b4408924ebf4c9","sha512":"fd493381ff7505f2a7f0bb2ae27772d2b8d8117f547ede30b2b4a52717ac8b3899c74f5d020bf1f9084b2ab051ab6c335ebe830d515af8a3f4865c7045fd56f2","ssdeep":"6144:TrSPfNz5PfpLA/H1J12xO/q+dRF09s5CT4FIGmdhY8kEBYP1:T4R+V3FjdYs8CT3bP1","tlshash":"8d646b17e336875dda1139799ba1c35073716ca2791bf21f706a3e81d8ab1f80dc4ae8","first_seen":"2025-04-02T12:35:51.591244Z","last_seen":"2026-06-06T09:42:36.58648Z","times_seen":77,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":135,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d07c_cy-vb.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d07c_cy-vb.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-1f4\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FS06MPC4dkz7otQbDreEl4n%2Fddx78I7IBKqGmKHCQK8Y8wmQxbjTsdgea0xP6MFETnd93SdU9TTrbaQDrq%2BY7TS5j2P1x0n77mZS4uiKNJ3%2BOcRA5x0Q594yG6b7Q1JWDTfchDo%3D\"}]}\r\ncf-ray: 9e31eb364955712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":500,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3c4c2d1e2f9afadcf15f22cd494b39de","sha1":"e57a4186b1e22ed38b054de358be10b97cd4c130","sha256":"d8949ccec65f1f1ffc44607832709d211c058c489ce55f481a29653c9cb45f3c","sha512":"229080c15e7a627c8b1dc092eb8738e522020ede288f879028585ffa132ce7eb68343776425c23365b608ee5d4c3bc75844c9579a06f3648fa9ba57fe894ac24","ssdeep":"","tlshash":"a1f0592ae71cec37e109c088d4c0d56401b901d365c592b1d2c2ff1fb6245c3391a6a4","first_seen":"2026-01-08T18:12:32.379822Z","last_seen":"2026-04-11T17:52:08.982344Z","times_seen":6,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/adsct-3.gif","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /adsct-3.gif HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-2b\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mgKy7vOoxAZ67m3S1hjsASjonvcBZLlGPVyK6PmgbSrKR4Iddeje0nLSzL7hA8dFUW92GzqGJLpCNyioJEzMzkP7OtN5sVGrUi4qKlC95l0%2FFtO5%2B6jayKvsCbWS5V5vqy0aOYk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb36695c712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-06-08T13:12:17.352053Z","times_seen":1105,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/adsct-2.gif","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /adsct-2.gif HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-2b\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rpcytNwOGfAg7MTvkTQB9B7VWsCngFv3Yu%2BhyGOTUHoLX8Cou45MmQNPh0%2Fclg87ExJ4LHywG6Gg4TYSo7f5d1WlJgNRbPSBLmY5Flr2Q3pPR9ZS8%2FI%2FZk1Oeo%2FvzVAV%2B0CZ72Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb39d9bc712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-06-08T13:12:17.352053Z","times_seen":1105,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f97349e0c5b84b309370f8_logo.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f97349e0c5b84b309370f8_logo.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-1619\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lCtwoNOKngqlc0zWVhND89WlvUzinjteoEe6e7xI49CrFqb70K%2BKLvRquiePDH5sGPTfA%2BMs0R%2BdZQ5VAiyZk30CPhOeJzmDpnwy1ME6SF%2ByGLgS9x39yjUMzB31XLvPoFbOtrA%3D\"}]}\r\ncf-ray: 9e31eb30d901712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5657,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"10881c00def5e023f8b41c86738a6ffb","sha1":"437d3a87376894c7f1a26afb5e31027d554c10bf","sha256":"d021c2f29ca1531d4fad44200b8056734065d0837dd5cbf389e6676082b5f854","sha512":"a184b4205944ae0c1061812aac9c2c88c2a6c0517e5767423713e0001ec3973f474bf6cfb878e94f1b58b1c203d84b288f5d1e06e679a92cd72e9268e08f7f7d","ssdeep":"96:zpRXLK/k6gJKTcGwScw41zzfpS8Adg5kuZRdwINSmcO5HQK:C/uJKTMvYC5kuZRdT1cOOK","tlshash":"9fc19625cfbe4abcd58d03581c7817149b386cab717458b8feed95a08f05d18ea24bce","first_seen":"2026-01-08T18:12:32.368093Z","last_seen":"2026-04-11T17:52:09.070796Z","times_seen":6,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f9abac728283f9c36ec9e5_SteerLogo_S.png","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:16.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f9abac728283f9c36ec9e5_SteerLogo_S.png HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/png\r\ncontent-length: 6337\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-18c1\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yp5gFiSHz4boPlmyp%2Fd5Nq98Un7ozkZyWvgnskCk9jqLqNaz%2F%2BdOe37LEN%2Bw8FwO9dvgm%2FjnknBjcFnzEEn8heVq8IoKDa3xsuz2W8YW1Ix1kBVBEU9IWnPzcH3DQIWaQiPbViY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb36294e712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6337,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 383 x 517, 8-bit/color RGBA, non-interlaced","md5":"482ca0d392d7a992cdf96ac4e5e45533","sha1":"816fed5a1d35c7037c374698034f2018cb2c3815","sha256":"442c65c1ba0dea5d486206c0919240c60ec9f17b73686feea924c379c7e328f2","sha512":"daf60977bdfc2ae30620af56c708fb2d12856eda75e6e4adf900f6c731014638570387dbfff97360e7a33205f3ad850ed34a987f8792a72e071da265acd3a1bf","ssdeep":"192:Bfu/IfLqI2zBwAq3IqBYRvHnX9kg5Xw7rT5/7h7JtKGdOc:dKIeDBeIrNh5XMf5zlJtKMn","tlshash":"70d19d46051b408049564c6d871eeefd6d8ea2efc8bac911c66c8f2f8d82572577ad13","first_seen":"2026-01-08T18:12:32.378701Z","last_seen":"2026-04-11T17:52:09.069871Z","times_seen":6,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f9740d87961e6e90745e50_image-removebg-preview%20(20).webp","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f9740d87961e6e90745e50_image-removebg-preview%20(20).webp HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-1f90\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1128\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1NJ%2F475w2G4uo5fyiCLnSH2GVXMtNJe%2B4yAJQyI2cZZzWFhCvmfGrBaCRwfSt9AqDszgk%2BWrg9lqIni9dXDzsfNzbI%2BjvEps1DzOOMcJgnuvPPfXb8I7SeI%2BmYSR88pTALXBxEY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb364954712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8080,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"160247f4af074515fa11b76fb70586a5","sha1":"1eedbb9243bca8b7902f0a2b23406c6d49060b76","sha256":"6eba58531a0874cb5e004248ddffa576c5224c61f1a659134e4e0f3e99a53d54","sha512":"cd7770603f5f853ced75fa50f49b8c6725d9722125532ca88c15517fb93a54adf0b0c70da4e43de0201fee1114d3345dca0431314311ccc41be7b0e462193625","ssdeep":"192:1ENRZ0JbY+K7rl5mXyNdgnYIA6eZVJNz:aNRZ0h7K7rlsX6QYVv","tlshash":"0cf1b08036bc5b0756aea8f9412a746d09fe0d40ff6a325f4a201d8450d7754ef7786b","first_seen":"2026-01-08T18:12:32.395769Z","last_seen":"2026-04-11T17:52:09.048801Z","times_seen":6,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f9732dd2635e99baf2b603_image-removebg-preview%20(19).webp","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f9732dd2635e99baf2b603_image-removebg-preview%20(19).webp HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-fee\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1128\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KQp1EsIGAgGceIQVTqKQ4G2IU%2FAFZgoQRnXeHfStu%2BkayJh3qNB9OeIrnD%2B8MCJKsnh5oW84wNP9VrFtQJmTk33UZsSkMBTuS5ll%2BmmWfdE721HzICP02ncFtvL%2FYk3CiRVFA8g%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb30d8fd712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4078,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"06e4e04334502c7353a28bc8484a51e1","sha1":"f7ab9a68e7559d0f16bd6085d8ca5984d959f075","sha256":"fc4116573b0c3d0f9991424b109810a766fb6993db6bfd23b3ac1e17dddb2637","sha512":"375a7e58f2e77d5c6cba817526ab59c7ac078e5329280d8d59fbc0360d7f3df454bac8406a32650d0cf7d5c9174afa702c676027bea6ad714e362489ea9f2ca4","ssdeep":"","tlshash":"6d818ef3a1bd872ac0581b7224145c26b761fd8036e7d17c5bea1236a02b2fbc355c9b","first_seen":"2026-01-08T18:12:32.412492Z","last_seen":"2026-04-11T17:52:08.945342Z","times_seen":6,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/index_1.html","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /index_1.html HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\nage: 1128\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EFH8%2BZ1qiuf1GqMadZ9otRJI9EE6QAd7%2F%2FGx6kXPUGtIwow5gZgVTjJAGauAn%2FPBNE5hbA%2BLn3VN4n33SyKtFXg8ju%2B%2BfSU1D3wKwvfKqxR4um1Jnn0daNMn%2FQS9QYhaChLaRXs%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb324930712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77687,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7d02ea7fa06e6b90feefc9183544ab12","sha1":"b637fa3702318c0ce4c10bc78f34bda186c98b7b","sha256":"7b018aa202094a307fd220c5ce53429f91be8a882e5cce6114740706f696d241","sha512":"53ec1f1ecf342d6f83bda97be3af7c87bc0b3e8e6a897a9bcdb436e604d1efa099ce110a4b051a3af8f2927cf128659080602bc2c8cff22e4b146d782e3980a2","ssdeep":"1536:Venyhkci+ugFmKAeFCytFPAvzwtxb6Trm6s:wOkNeFmKAeFptF48thJ","tlshash":"f573d6dfa9e30044690391bd1fe727e63736c003e20add697edd6258df852c8daa2749","first_seen":"2026-03-20T23:29:44.834964Z","last_seen":"2026-03-28T00:37:00.814518Z","times_seen":4,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d019_cy-border.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d019_cy-border.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/steer-protocol-secret.webflow.shared.ee9f478f7.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-1d2\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fVIEhmXEwMqE5Z%2FHrlVOQ1iGNjkgM73sXcKJyMupKrygAa5WBmfsE46fkO8RVREAFp31wmChlajoJdXer%2F%2BFRMEl0dopiYLjbckY7BlyobDTwBhLQ27KTRWky%2Bk%2FTP1ovutviP0%3D\"}]}\r\ncf-ray: 9e31eb325933712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":466,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"119ffba85c88f7ff3e7b028a4baba894","sha1":"9e4afd90e7b6c961dc26ba3575a5df8f3eddbef4","sha256":"997bc5d5be3bfc7fbedaf0d25f68568adec688d3194ad6cfe9348f5e421a6a66","sha512":"ec7830fd0ca92b42dadfe87cfa22d7df9b04d5b4e39e3e3101b86cb124adcf5d285d6de15b6f2b53571f5a924d0ad678902170d25385f09252d235eed2a829e2","ssdeep":"","tlshash":"65f02e3ab71c9c7bd614c45cd954c41511e943e3a4c5c16181d3bf6f31298c33c1a2f5","first_seen":"2026-01-08T18:12:32.397439Z","last_seen":"2026-04-11T17:52:08.995211Z","times_seen":6,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/adsct-2.gif","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /adsct-2.gif HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-2b\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GJbZegChfJ7M8ZtKWwVmvlmWCyXz5sPWYohEKWsqsidNttjQjmdIIAE6RTpLoFJ%2BbE5KwnEs3806Un16G594KToEMt8opXyb%2BXU8aB%2BVohks7lDYImzD3A7ck6oRSClmDEKPkfA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb36795f712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-06-08T13:12:17.352053Z","times_seen":1105,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d01a_ant-design_x-outlined.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d01a_ant-design_x-outlined.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-1b0\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=66HCOSGKF7FtK4mZWnU%2FGh5ioJe7g5FhNGT7v7JuaYaupE9XH3Mr4XafpKA7cXhMtL3z5jUti9PS0drXuN8d%2FgQxBOImcnPPJfZqgSOCCgAyqrEDh%2FGGu73mEUXxmu44vxsWEB0%3D\"}]}\r\ncf-ray: 9e31eb39d9b6712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":432,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ef8d1cdcbb40147ea09804f228d9edde","sha1":"8258d92d487445f65134f1c93543fa49e9aca0d2","sha256":"48b4feb3d1db8422712916523764f745a4bcb652020377273f4a8e4e33bc5d61","sha512":"5ed6f5cd0089cda00953d6804ef2b1f5c665c30badfef8dbbe4533f4a0206fb8061669bbde05a9b6a8ccb4aa82386fe4cc021f085cae0fc136c5862b6f690004","ssdeep":"","tlshash":"dbe055fbb089aac06e0b8636e23c109261a738843659873984902e18e914569581e9e8","first_seen":"2026-01-08T18:12:32.377794Z","last_seen":"2026-04-11T17:52:09.071545Z","times_seen":11,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/682da22c74443b922e4fcf68_8565c6a0ac70766cd0c3435e63abc8bb_ChatGPT%20Image%20May%2021,%202025,%2003_20_34%20PM.png","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /682da22c74443b922e4fcf68_8565c6a0ac70766cd0c3435e63abc8bb_ChatGPT%20Image%20May%2021,%202025,%2003_20_34%20PM.png HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 16711\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-4147\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L6%2BJHy0amq1vRb62QSSKQvoNM%2B%2FkAH0KAZ8dUMjC6C9WzQcpyMtnutS2SBgK8hoTYF7mIFlTR108F5yiOGmz1MKO6e7OYuM3Wi4Cx4ZJD1HbKpgWNOacjKcE2AP5g%2B1sj7mcqj0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb365957712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16711,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced","md5":"46343788609e1a0c86ef3e4c29d9f5fb","sha1":"1f9b6f0e4d6849926eaa5f966d7256aa59e54f27","sha256":"d8f5409604c975f1293cc188c5aaa215259c7fbbdf6bda722b45522ff8125980","sha512":"a0c432c195a5549a10c5b49d0dc9c2290642eb89895ddd8c3e52858ea0ca334d419bbf27b414d29d1e01565d70d2a10399e451ca0840091185cb8d4a92371718","ssdeep":"384:4CTWq+8q8pOkT7Z+PQl4zVJlsFy8CnNZ8XBOJZA:4CTWq3OknMIlejl3qxIA","tlshash":"cd72d0dd44466944f41876722f8d5468eab808434647e8f6bb57382286afcc75ffc07b","first_seen":"2026-01-08T18:12:32.398953Z","last_seen":"2026-04-11T17:52:08.961906Z","times_seen":6,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d0b5_linkedin%20(1).svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d0b5_linkedin%20(1).svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-74c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F9rCcOQQ%2BQHg5x%2B0PCXMd5BHbqzhTunoS2II6Crzv5Ucp9N3duRGWAtZaq9UPzaauZFUzTGmpeQHXgzXInXG5XptGuYN4s1XzGcRIbS6BX2KkiRd3ruZSPTclRZgpm3qUsIZ6jY%3D\"}]}\r\ncf-ray: 9e31eb36695a712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1868,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"250e2c4843371b81ead7d3291fcd961d","sha1":"dcf2bb8da2a510347dccf0667035da2275bd81c0","sha256":"786f4675cff61fb9fb353c1450c6dce07217247e146ad7a39712fdb2c142f58f","sha512":"42322fe51730a3dad23d5d14ee15887f3510a4db46cb68b2137101ad1882b5be150fd5d515b05ec8f4bbfa932dc2d66dbea1d8281b8590d479c2fafc03138ded","ssdeep":"","tlshash":"a93143daebccd7b054c683f0c22390b3e6df26755302d79081b59f75f9060ad9485984","first_seen":"2026-01-08T18:12:32.381771Z","last_seen":"2026-04-11T17:52:09.001864Z","times_seen":6,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f97349e0c5b84b309370f8_logo.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f97349e0c5b84b309370f8_logo.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-1619\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bMCFZd5jq1yHbc2DZbw0QHelFwNL639hHbU30qf4844GCSft58I5vAGy%2Bk8vkrCop3wTees43LBZj3xg4j7DAhvQLeWNcQR7BAJSJ%2FRnnoEiRVJBKCSNVmNY%2FI7VoDDIiG9Vn2g%3D\"}]}\r\ncf-ray: 9e31eb39a9ad712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5657,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"10881c00def5e023f8b41c86738a6ffb","sha1":"437d3a87376894c7f1a26afb5e31027d554c10bf","sha256":"d021c2f29ca1531d4fad44200b8056734065d0837dd5cbf389e6676082b5f854","sha512":"a184b4205944ae0c1061812aac9c2c88c2a6c0517e5767423713e0001ec3973f474bf6cfb878e94f1b58b1c203d84b288f5d1e06e679a92cd72e9268e08f7f7d","ssdeep":"96:zpRXLK/k6gJKTcGwScw41zzfpS8Adg5kuZRdwINSmcO5HQK:C/uJKTMvYC5kuZRdT1cOOK","tlshash":"9fc19625cfbe4abcd58d03581c7817149b386cab717458b8feed95a08f05d18ea24bce","first_seen":"2026-01-08T18:12:32.368093Z","last_seen":"2026-04-11T17:52:09.070796Z","times_seen":6,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d0b5_linkedin%20(1).svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d0b5_linkedin%20(1).svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-74c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j1Pvi18Lm4%2BU06FUvM8NeBFVMmorPBB0WMLMo3a9O4zD4WRaReT%2FUcd0PFrwZ6TvcGFj%2B8rpEXvBcb%2BpMVws03GvQXMp%2BOvBoB00WvboP%2Fiw%2BuKa%2FbJ%2FT3YCmQSbWGo0JWvZQ0s%3D\"}]}\r\ncf-ray: 9e31eb39d9b9712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1868,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"250e2c4843371b81ead7d3291fcd961d","sha1":"dcf2bb8da2a510347dccf0667035da2275bd81c0","sha256":"786f4675cff61fb9fb353c1450c6dce07217247e146ad7a39712fdb2c142f58f","sha512":"42322fe51730a3dad23d5d14ee15887f3510a4db46cb68b2137101ad1882b5be150fd5d515b05ec8f4bbfa932dc2d66dbea1d8281b8590d479c2fafc03138ded","ssdeep":"","tlshash":"a93143daebccd7b054c683f0c22390b3e6df26755302d79081b59f75f9060ad9485984","first_seen":"2026-01-08T18:12:32.381771Z","last_seen":"2026-04-11T17:52:09.001864Z","times_seen":6,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f964f374b97feec8d2003c_SteerLogoFullWhiteOptimized.webp","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f964f374b97feec8d2003c_SteerLogoFullWhiteOptimized.webp HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-aeea\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1128\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z28ArmdAmVo14rMawNcHaBbmNOrTfTDg8Zont9%2B2F6WhL8LYc7lhcy4yNqo81itowIXE6WRlJoWJsyydhqQrQSZVXuNefiPkz%2BQBSzn44bLhEpYn%2FBkqU4f10gxgTJjO5OxzPe4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb30d8fc712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44778,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a513aedfb60dbf83be47f912e5d084f5","sha1":"34f750f2b27be61e6eec39a936af33ef0a005e6c","sha256":"6a540d15b0539982571f641e2208cde579867877d54278ce42be0e0b89b8f736","sha512":"7cc9c90a2930968e28edffc3dc385ecf817477fe4beebfa52fa3297c9d416592779aa642fd86c4d7063b1c69c38901526b0e184f37e66528290de57de19baf65","ssdeep":"768:ug+2pmDRqvkmNHsweRgY3/hScNqCEAQfM9HpaPOmOLjL:bkRuHHg/ZPEAQfM9Hpamm0jL","tlshash":"2a13bf95349298fffa5f3daf527c040249523ed0097039da1bac74a0aa73d603af49de","first_seen":"2026-01-08T18:12:32.407862Z","last_seen":"2026-04-11T17:52:08.987581Z","times_seen":6,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/adsct-2.gif","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /adsct-2.gif HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-2b\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=79WlUHoCqArNF9AfENS8AvMx%2Fn%2BiEEXqsqq4Ds9A0bYzc6RUgH06Ium8kRDBqr6e255%2FW%2Fe7BkzRB7B2zcyUp7WexgqDSeLRuIpDwVs05toDAZJ%2Ff5UQ9pcjF0Ccmio%2FE82I5Mo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb30d909712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-06-08T13:12:17.352053Z","times_seen":1105,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d07e_InterTight-Medium.ttf","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d07e_InterTight-Medium.ttf HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/steer-protocol-secret.webflow.shared.ee9f478f7.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 308660\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-4b5b4\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tq0iG%2B%2FNE1biTr2btkt9ddeG8igadtEaHd2pqxTAGTA39E%2FWIGDnXvYUJmth8Th74Q9rGEJpzZ007jqR0JHuA7R%2FSKbSh%2B1swBR0aMgTUjzSUoNaBkFTMyGMs8KoYN4tzDybvh8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb325934712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":308660,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 16 tables, 1st \"GDEF\", 45 names, Microsoft, language 0x409","md5":"b4ab32bca9dae366fa7193b1b7bb1b4c","sha1":"07cf5cdb9b660146a0935a5cc166ec2a0717a151","sha256":"fdad824e8ae91097dde263d3aeed6f6c2e9054d076965babf938620a9f2bbaf5","sha512":"73c5fa04238919ebf77bd8c984e606ea5a7fc4511a2041574205e0f343d430051854bc24aa8da115474b474c7570834ec1f91c6140cb99c1522c1cf3f61d475a","ssdeep":"6144:+/prSPfNz5Pfpaw/K6Lnbt/Cyew34jawQJGTk:+/p4jrn6nqGTk","tlshash":"6b646d27e337972dd61579749aa1c36473756ca27a0be31b706a3e81c8d70b80dc1af8","first_seen":"2025-01-29T20:53:19.450988Z","last_seen":"2026-06-05T15:16:22.580598Z","times_seen":149,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":110,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/steer-protocol-secret.webflow.shared.ee9f478f7.min.css","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /steer-protocol-secret.webflow.shared.ee9f478f7.min.css HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-21181\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1128\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wAw9Qf8XGtUYc8XXM%2BGF73xbeeKRalwmXSdwot7kTcdTrJHY3cxCusM3%2Fy961BL%2FB076epgHnArtLI71qTL%2FosJ2gH9MZ1VpxFlWy2gG8jSPfS2%2BzNxaeGulRtOw1kR%2FKqxy%2F%2Bc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb30d8f8712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":135553,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"85098603f22d9b4f3cc4cfc8239946fc","sha1":"4285eeff3f643af7ad7ea85be7b55ef398379dc7","sha256":"2f688e90ed46b056fec1f2f5573b5f5e60260de1f6b79d2527018a8da7e99bf9","sha512":"e4412ff1ba71d01e94f59e2a286ded98e0a71b28f24882764f415f63d66e2e232e507868d85d3d18c96cee42b45f12be854e393e6a0c7be610db6a0473e2e2e3","ssdeep":"1536:KXoCWdzT4xkQIi7lIiE3hcfpobobVgDdgDdxJLR+aoWJTyp96+dxewzrYp6ISeBU:023E0XX","tlshash":"4dd3b92b6e58318c747b84a6dae1b7cca111504bd61247eef943e52acac62c33b37d5c","first_seen":"2026-01-08T18:12:32.369882Z","last_seen":"2026-03-28T00:37:00.810282Z","times_seen":5,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/682da22c74443b922e4fcf68_8565c6a0ac70766cd0c3435e63abc8bb_ChatGPT%20Image%20May%2021,%202025,%2003_20_34%20PM.png","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /682da22c74443b922e4fcf68_8565c6a0ac70766cd0c3435e63abc8bb_ChatGPT%20Image%20May%2021,%202025,%2003_20_34%20PM.png HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/png\r\ncontent-length: 16711\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-4147\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m3qn0JEpUt7sFd51RMAQ6wi5Bq%2BjUeYiyVTnfhVTONdYF2Qfc35fedQiPgSCuSILRU9khvRAjXOljEk3o4cLN0Z4KKcFfnE9fHLtiAvvpOWg1cto0A9NeFf%2B4QS3DXDZ0sbyfoQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb30d903712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16711,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced","md5":"46343788609e1a0c86ef3e4c29d9f5fb","sha1":"1f9b6f0e4d6849926eaa5f966d7256aa59e54f27","sha256":"d8f5409604c975f1293cc188c5aaa215259c7fbbdf6bda722b45522ff8125980","sha512":"a0c432c195a5549a10c5b49d0dc9c2290642eb89895ddd8c3e52858ea0ca334d419bbf27b414d29d1e01565d70d2a10399e451ca0840091185cb8d4a92371718","ssdeep":"384:4CTWq+8q8pOkT7Z+PQl4zVJlsFy8CnNZ8XBOJZA:4CTWq3OknMIlejl3qxIA","tlshash":"cd72d0dd44466944f41876722f8d5468eab808434647e8f6bb57382286afcc75ffc07b","first_seen":"2026-01-08T18:12:32.398953Z","last_seen":"2026-04-11T17:52:08.961906Z","times_seen":6,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f964f374b97feec8d2003c_SteerLogoFullWhiteOptimized.webp","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:16.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f964f374b97feec8d2003c_SteerLogoFullWhiteOptimized.webp HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-aeea\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1128\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i2%2FIEZdh3IMgjCAafIOllRJN%2F9uCtd5zVQ9khQsz0Sc9pbNDTRSXodm7YT3ESggVxGtuVKcK1ht9zlA%2B%2FsHD7IYT0OcYn7S8swgmJ3DCttJ3%2BCWgOI9o4Piee%2FE5px%2B7SX1jnJg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb36294f712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44778,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a513aedfb60dbf83be47f912e5d084f5","sha1":"34f750f2b27be61e6eec39a936af33ef0a005e6c","sha256":"6a540d15b0539982571f641e2208cde579867877d54278ce42be0e0b89b8f736","sha512":"7cc9c90a2930968e28edffc3dc385ecf817477fe4beebfa52fa3297c9d416592779aa642fd86c4d7063b1c69c38901526b0e184f37e66528290de57de19baf65","ssdeep":"768:ug+2pmDRqvkmNHsweRgY3/hScNqCEAQfM9HpaPOmOLjL:bkRuHHg/ZPEAQfM9Hpamm0jL","tlshash":"2a13bf95349298fffa5f3daf527c040249523ed0097039da1bac74a0aa73d603af49de","first_seen":"2026-01-08T18:12:32.407862Z","last_seen":"2026-04-11T17:52:08.987581Z","times_seen":6,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f963888b5f992fd7d3d0b5_linkedin%20(1).svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:16.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f963888b5f992fd7d3d0b5_linkedin%20(1).svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:16 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1128\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-74c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U0kApn7dl03uwWZXeJS2o%2F%2FXfmUDXBVgOzOsefkv9taIU4mESafHo0IPsPrrOb%2FgXuVF2fehENiAeur4hXlhQVMo38C6Z3Mn4FXlR8j0%2BW5cWav2AiiC8KU82HuWeZ7cWbcPN74%3D\"}]}\r\ncf-ray: 9e31eb30d905712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1868,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"250e2c4843371b81ead7d3291fcd961d","sha1":"dcf2bb8da2a510347dccf0667035da2275bd81c0","sha256":"786f4675cff61fb9fb353c1450c6dce07217247e146ad7a39712fdb2c142f58f","sha512":"42322fe51730a3dad23d5d14ee15887f3510a4db46cb68b2137101ad1882b5be150fd5d515b05ec8f4bbfa932dc2d66dbea1d8281b8590d479c2fafc03138ded","ssdeep":"","tlshash":"a93143daebccd7b054c683f0c22390b3e6df26755302d79081b59f75f9060ad9485984","first_seen":"2026-01-08T18:12:32.381771Z","last_seen":"2026-04-11T17:52:09.001864Z","times_seen":6,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f973e39f603b980e14c5c7_logo.svg","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f973e39f603b980e14c5c7_logo.svg HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69b9c013-11e8\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MSGac3K6goYqmeymHYTxOjq5hMBWjbHxFaL4%2FmgDkV3LXUzsUu8L2gsF6FEJmTnDYCNJTa0xlZxiAFvdMr8OImlC8YoW0Qu98SJtdZNz1wW%2BAmzoqY3De7m5atv8KkJWT606T80%3D\"}]}\r\ncf-ray: 9e31eb363953712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4584,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f22c26c5ec5b43a5deebac2cf50a0f5d","sha1":"bc935aa4afeaf1b432f41a561830e1ca6a6c84f2","sha256":"6a0c27fc0cc43122d69b187a816e3a7df2d8aa42b121edb536fdc64b6c78df99","sha512":"34558fed0352e2563601a13df47b7ec3af21e50a5379279fd06eaf2803f9bbbddbe26536f0b49cd3b3b160ac5bc3bb06b0c3a101f30a3bf1e75fa5f8156b2fed","ssdeep":"96:5clO2w4YX6tKCw7W0zT4Hm23dgnM5WLcEiRW9FOwWCI:x2xDK9W0zMG236MsLiW+wWCI","tlshash":"259195d74330e6ad88cecdadff115994302ea4bebaf5c6d1826edf0d586a8c1e904d50","first_seen":"2026-01-08T18:12:32.405984Z","last_seen":"2026-04-11T17:52:09.057342Z","times_seen":6,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f9740d87961e6e90745e50_image-removebg-preview%20(20).webp","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f9740d87961e6e90745e50_image-removebg-preview%20(20).webp HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-1f90\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1129\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vIqHHHmMOHlB4bfBG54rt%2B5PkeYjZ48NQEEhmRob%2BkVaAdH1GFuYCxqpWTabzS77fZKSx%2Fz6dfj3%2BZ5ffnqggZUemL71BT23ynnZA1RjlyaKD4IgXJDaxI4iMIOp8iFKxz2Jklo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb39c9b0712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8080,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"160247f4af074515fa11b76fb70586a5","sha1":"1eedbb9243bca8b7902f0a2b23406c6d49060b76","sha256":"6eba58531a0874cb5e004248ddffa576c5224c61f1a659134e4e0f3e99a53d54","sha512":"cd7770603f5f853ced75fa50f49b8c6725d9722125532ca88c15517fb93a54adf0b0c70da4e43de0201fee1114d3345dca0431314311ccc41be7b0e462193625","ssdeep":"192:1ENRZ0JbY+K7rl5mXyNdgnYIA6eZVJNz:aNRZ0h7K7rlsX6QYVv","tlshash":"0cf1b08036bc5b0756aea8f9412a746d09fe0d40ff6a325f4a201d8450d7754ef7786b","first_seen":"2026-01-08T18:12:32.395769Z","last_seen":"2026-04-11T17:52:09.048801Z","times_seen":6,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/6830990d30dda31e148e501c_icon-32.png","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/","date":"2026-03-27T22:44:17.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /6830990d30dda31e148e501c_icon-32.png HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 1374\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-55e\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZdQD6GjXXyE%2BnwxYxRz0Ab22ISc%2BuuHFqCmRnrwRdC3SCJBzBHuiFGKOskoGdK1SuzGoJhzXmDZQ%2B7xWXPldpwSSdiLiDEnp%2Bj%2BhdVwernxHnhFhgAU%2FvXoIJlFlvy9Cjeb7nSw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9e31eb3ab9c9712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1374,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"9cfe087c797c9a843f8d64bea27fa0ca","sha1":"39abfde2967a15a469bdaf4c606796dbf829be52","sha256":"25a23207bd5e3e25172ea07018f839409eb2ccf4b81d513b6cbe8280e9d0e58c","sha512":"55758863134c97467864ee03510b3744eaeb34f1def199b8446c951e24c150879feab40ee546fc814921c37b1cf3b9b0932bcb95f212e5d277b567c25d9b3084","ssdeep":"","tlshash":"33212b5586f90bbfc2126248c33649c57fa543f269e6c842a3ee0717db39c2884c93ed","first_seen":"2026-01-08T18:12:32.401089Z","last_seen":"2026-04-11T17:52:09.07504Z","times_seen":6,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/steer-protocol-secret.webflow.shared.ee9f478f7.min.css","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /steer-protocol-secret.webflow.shared.ee9f478f7.min.css HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: W/\"69b9c013-21181\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 1129\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iF7ppubPXq%2FZyzi74rqAQv8zPXNcRw94RQ2DASxP%2FFAlBW7aBvW7NuT4F5RgFNwojKVU5STAqCO9MIk7ZiUF3uY%2BsLhYJOK0NDVFdkdjrA316EU998jKWTdP03wM7qaVbaBfcgM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e31eb38f99a712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":135553,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"85098603f22d9b4f3cc4cfc8239946fc","sha1":"4285eeff3f643af7ad7ea85be7b55ef398379dc7","sha256":"2f688e90ed46b056fec1f2f5573b5f5e60260de1f6b79d2527018a8da7e99bf9","sha512":"e4412ff1ba71d01e94f59e2a286ded98e0a71b28f24882764f415f63d66e2e232e507868d85d3d18c96cee42b45f12be854e393e6a0c7be610db6a0473e2e2e3","ssdeep":"1536:KXoCWdzT4xkQIi7lIiE3hcfpobobVgDdgDdxJLR+aoWJTyp96+dxewzrYp6ISeBU:023E0XX","tlshash":"4dd3b92b6e58318c747b84a6dae1b7cca111504bd61247eef943e52acac62c33b37d5c","first_seen":"2026-01-08T18:12:32.369882Z","last_seen":"2026-03-28T00:37:00.810282Z","times_seen":5,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airdrop-rcadia.xyz/67f9abac728283f9c36ec9e5_SteerLogo_S.png","fqdn":"airdrop-rcadia.xyz","domain":"airdrop-rcadia.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airdrop-rcadia.xyz/index_1.html","date":"2026-03-27T22:44:17.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"airdrop-rcadia.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 23:00:00 GMT","end":"Sat, 16 May 2026 23:58:40 GMT"},"fingerprint":{"sha1":"1F:DD:4D:83:92:17:BA:AD:8F:62:8C:D0:EB:6A:68:70:87:56:81:A4","sha256":"AF:3F:FB:CC:6B:F5:21:6A:EF:51:AF:30:D8:A1:40:B7:A9:25:A3:18:72:33:7B:4D:32:83:0D:09:47:97:B4:AC"}}},"request":{"raw":"GET /67f9abac728283f9c36ec9e5_SteerLogo_S.png HTTP/1.1\r\nHost: airdrop-rcadia.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airdrop-rcadia.xyz/index_1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 27 Mar 2026 22:44:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 6337\r\ncast-mode: default\r\nlast-modified: Tue, 17 Mar 2026 20:56:51 GMT\r\netag: \"69b9c013-18c1\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1129\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fCywRsqrcERPO5UM%2BepwEdyhPJ2qeoxjFo8kwXPFVw%2FLdttEiFD8HhMKBZ22HY3nosbgfY2MX%2BD4b72c3POElmYuhKfhIJpnvByhkjjfJF2DuQFdkX6IlHNFN4%2FkbjTCl9cvByI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e31eb3999a7712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6337,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 383 x 517, 8-bit/color RGBA, non-interlaced","md5":"482ca0d392d7a992cdf96ac4e5e45533","sha1":"816fed5a1d35c7037c374698034f2018cb2c3815","sha256":"442c65c1ba0dea5d486206c0919240c60ec9f17b73686feea924c379c7e328f2","sha512":"daf60977bdfc2ae30620af56c708fb2d12856eda75e6e4adf900f6c731014638570387dbfff97360e7a33205f3ad850ed34a987f8792a72e071da265acd3a1bf","ssdeep":"192:Bfu/IfLqI2zBwAq3IqBYRvHnX9kg5Xw7rT5/7h7JtKGdOc:dKIeDBeIrNh5XMf5zlJtKMn","tlshash":"70d19d46051b408049564c6d871eeefd6d8ea2efc8bac911c66c8f2f8d82572577ad13","first_seen":"2026-01-08T18:12:32.378701Z","last_seen":"2026-04-11T17:52:09.069871Z","times_seen":6,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"airdrop-rcadia.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}