{"report_id":"6b76f029-b158-43ec-8155-56366ffb3ace","version":6,"status":"done","tags":["suspicious"],"date":"2026-02-25T21:58:38Z","url":{"schema":"http","addr":"rugsol.info","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":0,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"title":"RugSol - Solana Token Scanner","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rugsol.info","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":0,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-01T21:58:38Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":23,"urlquery":2,"analyzer":9}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:12Z","timestamp":1772056692,"ip_dst":{"addr":"8.8.8.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46600,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Google DNS over HTTPS Domain (dns .google in TLS SNI)","source":"{\"timestamp\":\"2026-02-25T21:58:12.377189+0000\",\"flow_id\":1978407704615530,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":46600,\"dest_ip\":\"8.8.8.8\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047866,\"rev\":4,\"signature\":\"ET INFO Observed Google DNS over HTTPS Domain (dns .google in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"8.8.8.8\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":46600},\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_02_07\"],\"deployment\":[\"Perimeter\"],\"former_sid\":[\"2851058\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_05\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"DoH\"],\"updated_at\":[\"2023_10_05\"]}},\"tls\":{\"sni\":\"dns.google\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":4646,\"start\":\"2026-02-25T21:58:12.350826+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:12Z","timestamp":1772056692,"ip_dst":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":58870,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)","source":"{\"timestamp\":\"2026-02-25T21:58:12.656513+0000\",\"flow_id\":85143170897651,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":58870,\"dest_ip\":\"209.94.90.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036874,\"rev\":2,\"signature\":\"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_06_06\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_02_27\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_28\"]}},\"tls\":{\"sni\":\"ipfs.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":909,\"bytes_toclient\":3505,\"start\":\"2026-02-25T21:58:12.644851+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:12Z","timestamp":1772056692,"ip_dst":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":58876,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)","source":"{\"timestamp\":\"2026-02-25T21:58:12.658574+0000\",\"flow_id\":502622582004921,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":58876,\"dest_ip\":\"209.94.90.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036874,\"rev\":2,\"signature\":\"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_06_06\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_02_27\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_28\"]}},\"tls\":{\"sni\":\"ipfs.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":909,\"bytes_toclient\":3505,\"start\":\"2026-02-25T21:58:12.646329+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:12Z","timestamp":1772056692,"ip_dst":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":58890,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)","source":"{\"timestamp\":\"2026-02-25T21:58:12.681034+0000\",\"flow_id\":1704914924613813,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":58890,\"dest_ip\":\"209.94.90.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036874,\"rev\":2,\"signature\":\"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_06_06\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_02_27\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_28\"]}},\"tls\":{\"sni\":\"ipfs.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3432,\"start\":\"2026-02-25T21:58:12.667829+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:12Z","timestamp":1772056692,"ip_dst":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":58898,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)","source":"{\"timestamp\":\"2026-02-25T21:58:12.687383+0000\",\"flow_id\":884698577645844,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":58898,\"dest_ip\":\"209.94.90.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036874,\"rev\":2,\"signature\":\"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_06_06\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_02_27\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_28\"]}},\"tls\":{\"sni\":\"ipfs.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":909,\"bytes_toclient\":3505,\"start\":\"2026-02-25T21:58:12.667924+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:12Z","timestamp":1772056692,"ip_dst":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":58918,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)","source":"{\"timestamp\":\"2026-02-25T21:58:12.703661+0000\",\"flow_id\":1967998851363891,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":58918,\"dest_ip\":\"209.94.90.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036874,\"rev\":2,\"signature\":\"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_06_06\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_02_27\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_28\"]}},\"tls\":{\"sni\":\"ipfs.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":909,\"bytes_toclient\":3506,\"start\":\"2026-02-25T21:58:12.668723+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:12Z","timestamp":1772056692,"ip_dst":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":58912,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)","source":"{\"timestamp\":\"2026-02-25T21:58:12.704692+0000\",\"flow_id\":17675677086648,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":58912,\"dest_ip\":\"209.94.90.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036874,\"rev\":2,\"signature\":\"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_06_06\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_02_27\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_28\"]}},\"tls\":{\"sni\":\"ipfs.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":909,\"bytes_toclient\":3168,\"start\":\"2026-02-25T21:58:12.668600+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":45568,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.091757+0000\",\"flow_id\":1799878799280380,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":45568,\"dest_ip\":\"104.18.50.34\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.50.34\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":45568},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":2598,\"start\":\"2026-02-25T21:58:16.084220+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":45584,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.095613+0000\",\"flow_id\":980502118418862,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":45584,\"dest_ip\":\"104.18.50.34\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.50.34\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":45584},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":2599,\"start\":\"2026-02-25T21:58:16.084398+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59104,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.100670+0000\",\"flow_id\":1323985685471484,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59104,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59104},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":945,\"bytes_toclient\":2674,\"start\":\"2026-02-25T21:58:16.090364+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.117181+0000\",\"flow_id\":2035517885029892,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59116,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59116},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":945,\"bytes_toclient\":2674,\"start\":\"2026-02-25T21:58:16.105988+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59114,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.114166+0000\",\"flow_id\":786446906070090,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59114,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59114},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":2597,\"start\":\"2026-02-25T21:58:16.103498+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59118,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.125933+0000\",\"flow_id\":735409809694327,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59118,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59118},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":945,\"bytes_toclient\":2674,\"start\":\"2026-02-25T21:58:16.106103+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59132,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.291590+0000\",\"flow_id\":1694718672516978,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59132,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59132},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":945,\"bytes_toclient\":2672,\"start\":\"2026-02-25T21:58:16.276338+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59138,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.390278+0000\",\"flow_id\":1857832940518633,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59138,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59138},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":945,\"bytes_toclient\":1654,\"start\":\"2026-02-25T21:58:16.376041+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59140,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.413099+0000\",\"flow_id\":328981349411702,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59140,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59140},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":2598,\"start\":\"2026-02-25T21:58:16.404342+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59156,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.426839+0000\",\"flow_id\":1999388620121624,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59156,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59156},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":945,\"bytes_toclient\":2673,\"start\":\"2026-02-25T21:58:16.419352+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59162,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.435747+0000\",\"flow_id\":316521649306399,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59162,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59162},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":2598,\"start\":\"2026-02-25T21:58:16.424735+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59176,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.458570+0000\",\"flow_id\":2018073875366245,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59176,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59176},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":945,\"bytes_toclient\":2673,\"start\":\"2026-02-25T21:58:16.442725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59184,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.486920+0000\",\"flow_id\":1045259487825542,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59184,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59184},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":2599,\"start\":\"2026-02-25T21:58:16.478854+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59204,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.556430+0000\",\"flow_id\":1462620787336807,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59204,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59204},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":945,\"bytes_toclient\":2673,\"start\":\"2026-02-25T21:58:16.550503+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59198,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.559641+0000\",\"flow_id\":1203924169676638,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59198,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59198},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":2599,\"start\":\"2026-02-25T21:58:16.546654+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T21:58:16Z","timestamp":1772056696,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59216,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-02-25T21:58:16.577921+0000\",\"flow_id\":1266856178001050,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":59216,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.36\",\"port\":59216},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":2598,\"start\":\"2026-02-25T21:58:16.566426+0000\"}}"}],"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Anti-debugging code","verdict":"suspicious","severity":"low","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Anti-debugging code","verdict":"suspicious","severity":"low","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"desperate-moccasin-minnow.myfilebase.com","ip":{"addr":"57.129.37.40","port":443,"asn":16276,"as":"OVH SAS","country":"Germany","country_code":"DE"},"domain_registered":"2022-03-18","domain_rank":0,"first_seen":"2025-12-31T15:41:29.220041Z","last_seen":"2026-01-21T20:59:39.889895Z","alert_count":0,"request_count":2,"received_data":49614,"sent_data":994,"comment":"","tags":null,"fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}]},{"fqdn":"uygft-a78s.vercel.app","ip":{"addr":"216.198.79.67","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2020-01-28","domain_rank":0,"first_seen":"2026-02-25T18:10:52.490414Z","last_seen":"2026-02-25T18:10:52.490414Z","alert_count":0,"request_count":8,"received_data":5703240,"sent_data":4428,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"axiomtrading.sfo3.cdn.digitaloceanspaces.com","ip":{"addr":"104.18.42.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-02-23","domain_rank":1540557,"first_seen":"2025-09-27T14:20:14.070761Z","last_seen":"2026-02-22T14:18:35.783661Z","alert_count":0,"request_count":2,"received_data":4205,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"metadata.rapidlaunch.io","ip":{"addr":"104.26.1.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-04","domain_rank":0,"first_seen":"2025-10-11T15:54:47.790842Z","last_seen":"2026-02-24T21:25:20.383209Z","alert_count":0,"request_count":2,"received_data":34854,"sent_data":952,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"rugsol.info","ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-25T21:58:41.934127Z","last_seen":"2026-02-25T21:58:41.934127Z","alert_count":1,"request_count":44,"received_data":1092144,"sent_data":21223,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-08-23","domain_rank":0,"first_seen":"2026-02-25T03:05:04.781981Z","last_seen":"2026-02-25T03:05:04.781981Z","alert_count":16,"request_count":16,"received_data":5736690,"sent_data":7696,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"dns.google","ip":{"addr":"8.8.8.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2018-04-16","domain_rank":158,"first_seen":"2018-10-26T18:11:46Z","last_seen":"2026-02-25T13:18:10.072221Z","alert_count":0,"request_count":2,"received_data":1557,"sent_data":982,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ipfs.io","ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"domain_registered":"2014-05-16","domain_rank":19271,"first_seen":"2015-09-09T04:41:36Z","last_seen":"2026-02-20T06:13:45.966472Z","alert_count":11,"request_count":11,"received_data":2669994,"sent_data":5195,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Anti-debugging code","verdict":"suspicious","severity":"low","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"b6831139f7556c3c3fe997b81ad39d6d","sha1":"99d9477317bd3f1123e8eb58e4c0ccb42e70c4e9","sha256":"24b53acdef3a9eed500d187500e8996b0b1639a8a8f3d6bc3f307be9bb97b71a","sha512":"8a867514b0ec3fee0850849eac091616547dbc2503fb640427b90ffa39c0cc756bfed7f16f8b7255d4253ba988150a64adcdfff89ebe18a0f15bf364e51de9cc","ssdeep":"","tlshash":"56e0a77d241b7225443711bd664bd5e43f33313371249610fe1c81641f66d1e9452f8d","size":298,"data":"","first_seen":"2026-02-25T21:58:49.554974Z","last_seen":"2026-04-29T15:31:57.783243Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/noir.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"6e9f7635fbbdf03cdebb4081b0a78077","sha1":"17f37d3947971afdd7832bb37d91b890593cd694","sha256":"8d3bb8fa5b66f2fd88d9228f4fcf0dc1ece24d7a3092e798f793e0a3843d173d","sha512":"63a7ae952e8a450d475b7ec0010af6d1a0827784fddee38243d1cf826447f8d58543707d1fc75d64ac7e1885ed8af1a2b71b1e569f6a24c36f33c73884cdba6f","ssdeep":"768:37p4/pGg274TclQPP7GQ5kIP/smN8mZLNgY7BBIipaf0+48AUH:37p4BGg2ETcePjVkIPEChVNgY7BBIipA","tlshash":"c8d22ca7ce8f2e518b745e0823de2ccd092d1b8e68e244cd550aa7c9d68f56704ccaed","size":30191,"data":"","first_seen":"2026-02-25T21:58:49.526914Z","last_seen":"2026-02-25T22:29:22.236424Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"eval","is_inline":false,"md5":"d629dc6884877b5598de386c463de589","sha1":"eb4f23ee697e67c0da00f4a0ae6d6444a0028505","sha256":"32ca16d6c8fc9436c5a353a17e76b7aa6c1549157392b7e91cd3b66aa43595bc","sha512":"405b34b060ac86d40535cf58bf3467e76e0d2c0d7a057b4ed7af0e275ecab8483782b3f5585e451126a5e53b201cb8988a9c60cb923ca03afbdde99edff614e8","ssdeep":"192:EQ11Gh/u1CrpriQeXQIdCpqO4D4oMfoiY+0dhNPnsEsC32pf7kuqGZvkpSFVBbNV:X/CqDCpJmskwkEZxtN+NH6R+4n","tlshash":"b9a2f98ebfa3113666a3712f2bafa15d717650031009cd24bdbd97006f90a75127afed","size":22562,"data":"","first_seen":"2026-02-25T21:58:49.556Z","last_seen":"2026-02-25T22:29:22.304841Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"eval","is_inline":false,"md5":"d629dc6884877b5598de386c463de589","sha1":"eb4f23ee697e67c0da00f4a0ae6d6444a0028505","sha256":"32ca16d6c8fc9436c5a353a17e76b7aa6c1549157392b7e91cd3b66aa43595bc","sha512":"405b34b060ac86d40535cf58bf3467e76e0d2c0d7a057b4ed7af0e275ecab8483782b3f5585e451126a5e53b201cb8988a9c60cb923ca03afbdde99edff614e8","ssdeep":"192:EQ11Gh/u1CrpriQeXQIdCpqO4D4oMfoiY+0dhNPnsEsC32pf7kuqGZvkpSFVBbNV:X/CqDCpJmskwkEZxtN+NH6R+4n","tlshash":"b9a2f98ebfa3113666a3712f2bafa15d717650031009cd24bdbd97006f90a75127afed","size":22562,"data":"","first_seen":"2026-02-25T21:58:49.556Z","last_seen":"2026-02-25T22:29:22.304841Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/c4587bb0f53f4ca8.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"48fc81147fb51eb96a88292a4eb6be79","sha1":"7b17b8dfa2ef9d2af3d5228297b5dfa6722fb435","sha256":"bcc416449145eff5fb174031c820b4ec6914267ae37709759188b0340ce98fd4","sha512":"b4f944b2715e1a08936ee71daddfd1a2d9c98e06a308ba4fb2d0b0ed855c3514f2819d022e7b6495d9c193048ba84d177b54097d412c9e47896fe784013489fd","ssdeep":"1536:wa7bjQfrQemmgMd3ToB9gDzdFhZPi3qSiqreOvOa6v/7d5hmlYIpXSiuJFGYodgh:r7w8pmfd3T5XYa2T6Hzx1bHYC37","tlshash":"28f33ba67351713983df919ac09f4b41b33e19d4601a403cf67e99db2a2068962fbf3d","size":161641,"data":"","first_seen":"2026-02-25T21:58:49.507693Z","last_seen":"2026-02-25T22:29:22.222133Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-08T05:34:38.472382Z","times_seen":155845,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"f61f58b2aefe0c9a0d8d1d8231103da1","sha1":"0a7f86f2c99d8b7b7a12de2a3887b357c44ae32a","sha256":"3177013b2b308b96d6221fd6190a3022083857d5570c4bde1b9108d202148106","sha512":"cefd5759a5495e0cdaae8cd927f136b2ca8d1bb3af61656fb2bc590e04af445447b3579137c2cf2d41e373f4d92c2e49fa55ae2590b083f303bcfff76e6416c0","ssdeep":"","tlshash":"1a110486f90bf8a13d62dd6f112b0f7a84d5fd3a813151acb38ecac94272d790384986","size":1024,"data":"","first_seen":"2026-02-25T21:58:49.557796Z","last_seen":"2026-02-25T22:29:22.307386Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"51207850ad27e2fc9f5e18c95bc27634","sha1":"b7ef9ecbc4fd2ec658c6fe358260d0799ee650b9","sha256":"9152c978bf169e4e2ca51870faededb0f8684b8573fcc1bb9e7051ebcf367960","sha512":"cdfea3ab7bfbacb716b0f5d7bdcde1169491ab3553498560e8635f212e5de35527839852132e9bee6272458b1bc21f305c694f8d2bea968492a1a8ac42033ae7","ssdeep":"96:Lde5Gma5ZWILxZfD7cg1xqzc/xmWJm6TXEl2WvvU2:hqBamQxOgnqzcpmMytXl","tlshash":"c3b1fcfd6005dd5aedab3d1912fe9c3b109c857b46e0dab8f68cde110b8247967d2ac0","size":5190,"data":"","first_seen":"2026-02-25T21:58:49.558896Z","last_seen":"2026-02-25T22:29:22.308147Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"ea9daab80f02a42fb7ed3ed8def31ef5","sha1":"23ec0881914209ddd80770a3955988899ac941b4","sha256":"6a9999668536591c332370b6b193ac1729d58e6c6eba2ea7ea3e93d77c498fe3","sha512":"078df67f4257711b887cd9daf4062ba0026edc0ecd894023c4de89ebfcffd3e92b8529b97be19c3f45d08be0b4f0237e5d7f3342f1ee6f7493e298ac98e6d593","ssdeep":"","tlshash":"a0513869e51aec14bca7ed5e083f2f3b50aee8378535c97ce29dcd54066683a63858c0","size":2745,"data":"","first_seen":"2026-02-25T21:58:49.563172Z","last_seen":"2026-02-25T22:29:22.308765Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/turbopack-3f4cb02358931700.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"a2c92a6d51aa0933ceae3d9107b771ba","sha1":"5b28586270d83dce6ca8cd9574e3e6efa86d4d1f","sha256":"e155e58ad08c7c27a60703de67e48c525c70d889329d77c1bb02cc7249db654f","sha512":"0b971bac99edbfca74a8bdcfa1d33c1a7cccc22b241efa746cb01f29e20cd973792866e3c30c318031c0e912eb57b0ac8cd665c2b345d59e94ea19360bdc43b7","ssdeep":"192:674eFn8/Esp1U91EG5T1uCO9ledFMhMJg4W9PZcxkUk1IsS:674e2OvO9len6JZZQl","tlshash":"8e22d6da37a6f07743afa4e6907f4044f17954a8141d581c93aca8fb383946e49e3f27","size":10232,"data":"","first_seen":"2026-02-25T21:58:49.536932Z","last_seen":"2026-04-29T15:31:57.736993Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/cbd6cfb63f13c644.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"7098148e22cd0cb5e5a7711726acdf86","sha1":"9c2cb718d078e95272c758cce715b3d3088619f8","sha256":"3513688ff5add5b97248693890b9755121af21567b2b841113fef1f3b3019c81","sha512":"0ef99204965554cc7b240aa58ab9e478db62855f6fa95d14bd559a795735f2799f232742012bf4be99319c09845530a59faa4dcb270be9cdad4e7d3ca049accb","ssdeep":"768:J1wC//lQc3HNlFrtgPslqJvOu8LuCACAGFZJK48QhgdIdgYrBMcEBSyLAntJTFy9:JKCSc3tlJzLwqdgYrzyZH","tlshash":"5dd297557290fa9ca4ab01a8592fe05db32f2eacde5fdc64b7bc64611e01098f613fc4","size":28567,"data":"","first_seen":"2026-02-25T21:58:49.508811Z","last_seen":"2026-02-25T22:29:22.287276Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"33c3a15cf79d5190bfd450c38df0b4ba","sha1":"243491d361306ad019f35d30d5ac4fb4a7dec5b8","sha256":"92a19def30de8673bdffc8dcd9b3e16edaf48782e71501be6edf70f1a59cd5d7","sha512":"d2769477dbda9377ef087497d9d0852fdc684a793f7fe49ea64e0f5e132d235886324249de5d7b1b0a4d936b2cc3ff8c7b60da3fdaafc3c865266f51c01d1356","ssdeep":"","tlshash":"6c518c2d7616d99cfd8b3c54123eac3e114ed16b498ade18cad8cd20528743da7939d0","size":2761,"data":"","first_seen":"2026-02-25T21:58:49.564811Z","last_seen":"2026-04-29T15:31:57.790021Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"ce1382f726f7f80b012a8d59d7acf083","sha1":"7ff94c3372f0ed0f57808c17415acb2cf717e4ee","sha256":"4259ff2f431db63fb58a698ddd2c1ad4fb46e5788692829af8a6bd7cb3f45f4a","sha512":"90d17d7ff9d3ddd556e6748c9cfb51d9b8a279ce826ea8e3bacb4d71cd1595c3e6d3d8b875ab2bc3da274b9e4b68b6f83ceeb67d476ecbf40ba706b13cf874ed","ssdeep":"","tlshash":"3e11c26d6c04de16ec2e3d6d083ede7a208d88778154deb842cece051a06a7a23829c1","size":891,"data":"","first_seen":"2026-02-25T21:58:49.566125Z","last_seen":"2026-02-25T22:29:22.310036Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/noir.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"6e9f7635fbbdf03cdebb4081b0a78077","sha1":"17f37d3947971afdd7832bb37d91b890593cd694","sha256":"8d3bb8fa5b66f2fd88d9228f4fcf0dc1ece24d7a3092e798f793e0a3843d173d","sha512":"63a7ae952e8a450d475b7ec0010af6d1a0827784fddee38243d1cf826447f8d58543707d1fc75d64ac7e1885ed8af1a2b71b1e569f6a24c36f33c73884cdba6f","ssdeep":"768:37p4/pGg274TclQPP7GQ5kIP/smN8mZLNgY7BBIipaf0+48AUH:37p4BGg2ETcePjVkIPEChVNgY7BBIipA","tlshash":"c8d22ca7ce8f2e518b745e0823de2ccd092d1b8e68e244cd550aa7c9d68f56704ccaed","size":30191,"data":"","first_seen":"2026-02-25T21:58:49.526914Z","last_seen":"2026-02-25T22:29:22.236424Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"f021b490d3d85caa80c4c711dc5b3e42","sha1":"15b34d1efa741d9204873613d5912152ffc4314d","sha256":"b1e9831e05e8e016d217925a498dc45616b294251ee8482892a65b471b34eb09","sha512":"74fc5eaa5da7df92e50854082d3e04c2e58477af96f79d27cf485024eab79990055c8f5a3f7a9dbbe6ce7dcfbdc16feff9ee1cd096d417fa3fe582c1253ff05b","ssdeep":"","tlshash":"12c080a1dc42cc1dc6674f261c3a1c3521dcc574074555479dd5d9291985b3105b5d8a","size":178,"data":"","first_seen":"2025-09-30T10:59:21.66596Z","last_seen":"2026-06-07T01:02:54.655024Z","times_seen":394,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/98dddd8a319b0650.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"d37eadc62881f9ac5ca29534476d7312","sha1":"6545abb675bc34d26cab60f2ae7c98083d1bf56d","sha256":"a90fbe6372f76a05949f198a12ffdef7000b96c11627891111be4b3ab72f3340","sha512":"c83fd77f3af554ab0027dd03e2300d2d5ef5faecc11cfecd450cdebc8e7d3cecbdc906ccab00755a2acfaeac627d4f54bf101a3acdc18d4857e2a1b4c272e509","ssdeep":"96:wrnXJ47XsY3Gv22aqbk0UjQm0dSaA9n5GmQV0m9/1UXTxjNUXTujZv2P:wrn547X33h2agGjQm0dbAGmQVL9/1Uvk","tlshash":"16b1d8f67a86fc30425d45945433c25b7a183e36204ea494d7ee8ced32b9d8a85a1f8e","size":5259,"data":"","first_seen":"2026-02-25T21:58:49.488543Z","last_seen":"2026-04-29T15:31:57.766152Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/ea80403269d20319.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"8194565c559f218a4dbada2ddb8dbd0f","sha1":"84411cdfffd21df4573fd018dadba80c99376d13","sha256":"f0d2e4a84a00ac85f00136a5d217034b01e240087461261ce8d46de9272a698f","sha512":"947d3369333c83676db1b8d83d96fed15b2bbb015af3a9e15ba9543b6826f359432fdea7ab0dc9f84889b6a60646d0b708ef226493a5e783bc7aad09a933164c","ssdeep":"1536:KE+JHdrBQVCzoR7pjUbztSsMX8ohOsmZu/gzib3aI9+Ztm:S8CEnjU1SsmhOsyda3avtm","tlshash":"85c308f935d5f48207ab44a6c03f0006f32c4d77189e68a0a3e5ddda746499de1b3faa","size":118862,"data":"","first_seen":"2026-02-08T14:10:35.588495Z","last_seen":"2026-06-03T22:24:50.318944Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/d2be314c3ece3fbe.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e189b2054d05a586f4fd6eec2888c203","sha1":"7d92609e0338be85a1f0085efa31f699878f269c","sha256":"a6248517cd3ee53a8186b51c59e1e764e3dc0c512f4acbd50e818f9884663e21","sha512":"1c0e250e62e070ed252776fbd469b27c9c19dc68e695b9e90003b746e3ab6f9c919b39ed1890d581bc0bec54a0b8b2b8a68a415db186d4d278121cbe124a8ad6","ssdeep":"384:735z75Bq9E0m1YmRDQ0cJ3tn79Fg/Ag8qWtOPSNxErV:D5z9BX0ZMOx3ErV","tlshash":"fed2e8717395f9a352db85d9d03a0015f2290d3530ae24b07394dcef368dc89a1fafa9","size":30681,"data":"","first_seen":"2026-01-15T14:11:00.285057Z","last_seen":"2026-06-08T03:09:53.45268Z","times_seen":6027,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/ff1a16fafef87110.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"5458632ee5cb3da028baebb11d5f70dd","sha1":"57e264834d3635e52fbbd3d93135842c09ce8525","sha256":"e9786b1305894e4119bb9811a816dac9cf576755596dd989ee15b455749fc35e","sha512":"28ae4e3a3828f99d64b7d4bfc7238d56c9ad910ce267dcb6c01e53be00c88f8a7f024640680d2bd66240a9972322744ee9147883a12ff8c92717c27ebb3fef50","ssdeep":"","tlshash":"63d02b702150f8d84086a4cc8836424bf52928b262fe3895d7ae8cb16174f0c51e1e55","size":282,"data":"","first_seen":"2025-08-20T23:30:20.185011Z","last_seen":"2026-06-08T04:39:44.020355Z","times_seen":22451,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/69be39811437728d.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4bc3cd8e5f29ceb4c93752a073d603e2","sha1":"5a62d02d9a03e6d267c3dc4505e5a4f6c9ad488b","sha256":"f663b5ba725d2101e855f7f1147dfe83f09023e13149bdbb8df54883b4337683","sha512":"0f2d37d2d519486b22e1956275ebbe774a99c3e473acf404f425a02b2bee389afea8d8b422b8d11421d77465dcfa59223da4045373a7574c2e3ca2f882a73c75","ssdeep":"3072:xVXL5l5cSSScmfJPyGoi8xP3ciNgZTjymL6ZXtJ967+3N:xVXL53cSSScmfPZZnfSXtJ967+3N","tlshash":"43241be83995f6626eb302a710af1803733c252b280d4d60a251fdddb57845eb17bf9e","size":223454,"data":"","first_seen":"2026-01-29T17:46:44.484393Z","last_seen":"2026-06-08T02:24:31.538256Z","times_seen":1221,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"50d4533ae6889af8742c563540df0466","sha1":"9a255deb34efb0e7a5c9655b8036f4071d5b7cd8","sha256":"698ccd5817acd58ca26284e714fb19db20f4e911bbba2206e9a7b876a077a319","sha512":"4cffad20ce5d6bec256a32cbe535a31aaca49b7d3e46a5933a28269567e9c643b0cd80ac5d20cb51431823c057a1e8dc5639e273ec62c8e2ff8fb894a60e15d0","ssdeep":"","tlshash":"15c02b24cc0efc11f830cc0e00141b2f82aec83e40304e14b36ec4c89132a0a130ccd5","size":153,"data":"","first_seen":"2026-02-25T21:58:49.568335Z","last_seen":"2026-05-19T22:57:14.512422Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/f78ba7e4857b32e9.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"64f7897a406720dd1dbaa6776336d11d","sha1":"63845586811fdf01ca8d5a5ab46d90b4fcb81c30","sha256":"702995f4885c871fcf6de870ecc2dbf1dc51ac5eda06d6551e65454adfd02363","sha512":"cef847c041b8ecabe8ec183b2ab7479266a356a51eda59562ed47821673513517aaaae608961c82e9db0395aeedcb148aeb0d121d27b43c4c615863651844d68","ssdeep":"384:bQj/kvDzwE9Cn7vB3vPLQlkal4BKXVdszq+mmdX:K8v7Cn7VvzQldla4dszq+mY","tlshash":"6fb2b5aa71d5f4911b9354a5803f500bf23a1d7a286da0a0e3e2cdf579b045ee133f9e","size":24328,"data":"","first_seen":"2026-02-25T21:58:49.468804Z","last_seen":"2026-05-16T17:48:15.997198Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/82abf2d65f5428ae.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"19622580859b19b23901b9a7be2f7937","sha1":"c06faadd6f342879b808413390376b59f7e0b20c","sha256":"bbc0826384faf59b3d35a439a95f7787cd19280ee35469c84cd0b213bc306f11","sha512":"defe2216a1fb2d9b3670710dd2ec27e23fac86ce5e8cf438ddc8038d513c145fc333c0afd051cbf6f1a83d62beafaa5dfc378bbccf26f7eb98bc59c9912f856a","ssdeep":"384:uj/7DGGRPR+rTfIVZ/X+0o3NkOG4+Z47aJUSwT4WGFJl:M+/8Z/X+0o3KZzZ47amy","tlshash":"bce2c7b572d5faa2129341f0c43f2017f3680d7521acb470a7e8cc9b755888da6bafd9","size":33299,"data":"","first_seen":"2026-01-19T06:24:39.223584Z","last_seen":"2026-06-08T03:09:53.425271Z","times_seen":4266,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/17131b738228cc12.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e40bac2a4cc7daf9aab2d26993b5314c","sha1":"8e96e2e0f31f847869ce022aef84f7741a8a8770","sha256":"8047ecc76d230d571cf723b480ad13ba519c09550d6e68ae16e68a6dbf219129","sha512":"a4c93457120a81f137c554020836810d0786ed63e1a67131cc24d03e23c331675acf076d42630aae81de79c72e5cae3f0a3c89ddee37f8dc2691c6d65774c2be","ssdeep":"384:B3uC7bAbj+JVFNLyqEAAADS/Ao5DGqJAoW4AgB8AvQi9:BeC7bAnYFNOqEAAACAo5DG+Ao3AgB8Ar","tlshash":"81625504b350bfecb96704a8a65ee01d612e7becce5fcca4b5bc28212e454d4ba537c5","size":14967,"data":"","first_seen":"2026-02-25T21:58:49.471537Z","last_seen":"2026-02-25T22:29:22.193403Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"60823b63caf05086433b346536747810","sha1":"2e81984a7b21941d6defaeaf1487df135a8c5509","sha256":"99ecb49cf8e0f58e06e38ec188227db185709b24a80b18cd82bc7fef69c13945","sha512":"f0febc2228e84f44ca84a9d2f2478104ef732e08c42e81bdf43070792cc415f451c9c7b3ebf1590d88b7163065a42bf5b05cd1c557db6df547413c51e020be98","ssdeep":"","tlshash":"0a31aca3ae05ed0aabc55f0d1cbe7d7560ccc2938299a04ba69dcc6446d79306af1222","size":1763,"data":"","first_seen":"2026-02-25T21:58:49.569684Z","last_seen":"2026-02-25T22:29:22.312514Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","fqdn":"uygft-a78s.vercel.app","domain":"uygft-a78s.vercel.app","tld":"vercel.app"},"ip":{"addr":"216.198.79.67","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 09:22:01 GMT","end":"Tue, 26 May 2026 09:22:00 GMT"},"fingerprint":{"sha1":"43:A7:0E:2A:17:34:DC:42:83:88:AE:D6:95:95:09:58:26:71:E6:C5","sha256":"ED:6F:3E:CA:2F:60:5F:3F:0D:72:55:8C:78:B7:4E:0A:E1:37:CD:EE:4D:72:9D:FC:CE:FE:66:8B:2E:C3:13:95"}}},"request":{"raw":"GET /demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F HTTP/1.1\r\nHost: uygft-a78s.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H90QYgbm%2BUiEcsw74BeNfxK5H6s39jEhACFaGhJegzKYkuA%2BUDoknKtlGjPcQi1EDaYrTfr49jwzumUnHt8o%2BVG%2FIla0WY8bFoOjlebK%2Fyt2NlTHbeMzCrLMkHKERScvRZljsw%3D%3D\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin,Accept-Encoding\r\nx-ratelimit-limit: 50\r\nx-ratelimit-remaining: 48\r\nx-ratelimit-reset: 495\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::hr8mx-1772056692660-c97ade238bbe\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2846963,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (33714)","md5":"1d9d2389dc3a354229031f90ec5c0355","sha1":"751618595b25d83eda1bee399198943f94c2578f","sha256":"96ebbeb3f9772a2ae8b2ce953945d1a8bef69bb5cba03e3791f7a1170c7519d1","sha512":"0448acb8a10ae419bccadd7afd872aa945aaec06d286675c6ab4af9ae1f257cf5bfa957fd5c5376f361049ffddc310a502b28488d8202b1efc2a8bee89eb6ba7","ssdeep":"12288:c44LZxNuaZYNUIFPfLUlKY4Ue+jFy1rq6c5249AZQmYN8Ge5CK3i/R0u4gpJR:c4cZxtaUFBE1r5c52aAZSu3iZ0uTJR","tlshash":"d7256cb073a1b07a03eb92d594661100f334941a700d84acfbaca9eb6f959cf957bf35","first_seen":"2026-02-25T21:58:49.456924Z","last_seen":"2026-02-25T21:58:49.456924Z","times_seen":1,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/scan/AVF9F4C4j8b1Kh4BmNHqybDaHgnZpJ7W7yLvL7hUpump?_rsc=1r34m","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /scan/AVF9F4C4j8b1Kh4BmNHqybDaHgnZpJ7W7yLvL7hUpump?_rsc=1r34m HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_tree\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:12 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nCache-Control: private, no-cache, no-store, max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":379,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (378)","md5":"dc3a53826d782183cedba5a93e7636a7","sha1":"fefed5ecf821325e718486ca240e4b2cb4f042dc","sha256":"b3ac142f11f910da6d25599e0ca574f5e196a3c5a7dc7e9573b5b0f54ce3d7d1","sha512":"9ef258c7aca4578367fdaad778b6c2b2c67144f85164423bee4f708c610e5ecde09e919b14d1235932749421c0c0a9c7127f7850b4bf9873715c31475fba50c4","ssdeep":"","tlshash":"12e0e537190e14b30abf20f4852d991619d9dd7b23a825f0c0941d1f3f7232283db68a","first_seen":"2026-02-25T21:58:49.460615Z","last_seen":"2026-02-25T22:29:22.290414Z","times_seen":2,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-desktop.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /solflare-bypass1-desktop.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 6028322\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"cf5ac8fca45e5d0409fef8923c179975\"\r\nLast-Modified: Fri, 23 Jan 2026 22:54:30 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a76912f2b5a0f-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":245491,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"e8667abd293822b094cb65e6aa05398b","sha1":"de77e6eb2ab17f7e010463f6a018f12ab887843c","sha256":"5a632bc6f67f372ca60632e6d7127ae0305a13cf6f0ac25b8ce7af51b6517f2a","sha512":"e590b60ec6546ac99836299d84ea77708de346f817961b2802e9d0a3792c0eab8bb70399aaadb0b7f00e250ab08f0d55b91893adb1378c3ce254670ba71d827e","ssdeep":"6144:W5q1Y6gAQxUROSc/naZLtHKp4AdWkcChfcl7JnnhsPv+:WKLOlpdbVhOBb","tlshash":"403423b969bc0c457646b550322b5623889ff01f0cb73cf207e57ea62b8e47a52cad1d","first_seen":"2026-02-25T21:58:49.463313Z","last_seen":"2026-02-25T21:58:49.463313Z","times_seen":1,"resource_available":false,"data":null}},"time_used":417,"timings":{"blocked":292,"dns":0,"connect":1,"send":0,"wait":102,"receive":6,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"dns.google/resolve?name=_r.chrome-extension-da0e5-bc.com\u0026type=TXT","fqdn":"dns.google","domain":"dns.google","tld":"google"},"ip":{"addr":"8.8.8.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dns.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:48 GMT","end":"Mon, 20 Apr 2026 08:41:47 GMT"},"fingerprint":{"sha1":"58:4D:E1:0C:42:51:7E:9C:BC:BB:A3:A2:D6:87:E2:BF:29:0B:91:D3","sha256":"14:62:92:57:0C:20:C6:D3:87:73:6D:53:FF:B0:73:36:30:5A:02:CE:BE:1E:C6:7A:1F:C1:EF:68:1A:5A:E4:33"}}},"request":{"raw":"GET /resolve?name=_r.chrome-extension-da0e5-bc.com\u0026type=TXT HTTP/1.1\r\nHost: dns.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/dns-json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nOrigin: https://rugsol.info\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\nexpires: Wed, 25 Feb 2026 21:58:12 GMT\r\ncache-control: private, max-age=60\r\ncontent-type: application/json; charset=UTF-8\r\ncontent-encoding: gzip\r\nserver: HTTP server (unknown)\r\ncontent-length: 167\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":239,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"6abb0b32ab4841787052741299db5ce8","sha1":"233a71f2b8e3e6711736da5a0539531d2e8b9324","sha256":"90450f10f7d708f4ce2f227e20f8e177190bbcaef99e6497ab44817face67d98","sha512":"6d04944a5557b76266c7ea2924b064e5c65ed821e3f551c751ffce566c7dd567509c3a809c2ee643b95ed0526f3ca935a30e30a665d88a8858da5d719ec8664c","ssdeep":"","tlshash":"b2d0a789908881adb5079754c487105b9f7c22f2729cbe65a7843e68f7cb281d0d7227","first_seen":"2026-02-25T21:58:49.46612Z","last_seen":"2026-02-25T21:58:49.46612Z","times_seen":1,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":182,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":168},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/f78ba7e4857b32e9.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/f78ba7e4857b32e9.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"5f08-19c951947a7\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":24328,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (24328), with no line terminators","md5":"64f7897a406720dd1dbaa6776336d11d","sha1":"63845586811fdf01ca8d5a5ab46d90b4fcb81c30","sha256":"702995f4885c871fcf6de870ecc2dbf1dc51ac5eda06d6551e65454adfd02363","sha512":"cef847c041b8ecabe8ec183b2ab7479266a356a51eda59562ed47821673513517aaaae608961c82e9db0395aeedcb148aeb0d121d27b43c4c615863651844d68","ssdeep":"384:bQj/kvDzwE9Cn7vB3vPLQlkal4BKXVdszq+mmdX:K8v7Cn7VvzQldla4dszq+mY","tlshash":"6fb2b5aa71d5f4911b9354a5803f500bf23a1d7a286da0a0e3e2cdf579b045ee133f9e","first_seen":"2026-02-25T21:58:49.468804Z","last_seen":"2026-05-16T17:48:15.997198Z","times_seen":12,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":76,"dns":1,"connect":42,"send":0,"wait":24,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/17131b738228cc12.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/17131b738228cc12.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"3a77-19c951947b2\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14967,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14962), with no line terminators","md5":"e40bac2a4cc7daf9aab2d26993b5314c","sha1":"8e96e2e0f31f847869ce022aef84f7741a8a8770","sha256":"8047ecc76d230d571cf723b480ad13ba519c09550d6e68ae16e68a6dbf219129","sha512":"a4c93457120a81f137c554020836810d0786ed63e1a67131cc24d03e23c331675acf076d42630aae81de79c72e5cae3f0a3c89ddee37f8dc2691c6d65774c2be","ssdeep":"384:B3uC7bAbj+JVFNLyqEAAADS/Ao5DGqJAoW4AgB8AvQi9:BeC7bAnYFNOqEAAACAo5DG+Ao3AgB8Ar","tlshash":"81625504b350bfecb96704a8a65ee01d612e7becce5fcca4b5bc28212e454d4ba537c5","first_seen":"2026-02-25T21:58:49.471537Z","last_seen":"2026-02-25T22:29:22.193403Z","times_seen":2,"resource_available":true,"data":null}},"time_used":222,"timings":{"blocked":184,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/about?_rsc=1pn8p","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /about?_rsc=1pn8p HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_head\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1\r\nx-nextjs-postponed: 2\r\nCache-Control: s-maxage=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2337,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (1948)","md5":"c71866d5d30c75db9bd1fd7c9342bd65","sha1":"02bbfb4d8490d1002f0e744f4a30857dadcefa5a","sha256":"37fc6ba775b88490998b87ee8738862e250d97e8336c9ddbb1cf424d0104261f","sha512":"b634c80cd5c13595a644f6d4798fc18ff041226d4ef56d12f9e4c6676e72a720c8134e51158f30b4eb4115d05dc684f21081231dc6be8cf411a8a504da85323a","ssdeep":"","tlshash":"cb41af7eee01ec3a7b9b494e045bb30b625d4337c7785876c68ecc480bd525a3e55261","first_seen":"2026-02-25T21:58:49.474075Z","last_seen":"2026-02-25T22:29:22.230934Z","times_seen":2,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-desktop.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /phantom-bypass1-desktop.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 2031700\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"a22dc9face81ff1665651f1052a0a99f\"\r\nLast-Modified: Fri, 23 Jan 2026 22:55:18 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a768edc058deb-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":786432,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"eeebcd74061a9dcd7dfad338ebe1d46a","sha1":"23148fe8cd0cfe6b4379103d03dabde517e9bfd9","sha256":"631978ce1c77fdc8360949130dc08a761d8a5cbf0b87875b7b1556706cabc068","sha512":"e151fd7805ccbf649173ed454739604bbb31cbd0daa1dbf057454363c74532c9a5c2310e516f087f21ef09e5cd7de46e91d67e01815274b82573caae494eff45","ssdeep":"12288:/2TA4vVLmF/WbRkFOppRWsWNbGSQHJAUOUsLOsWZssG5bxVWhseThDII57tSKnXb:/2TAaRkFipRWRSlpAzUWOsWWvbLqhDVr","tlshash":"41f4233ac26c0681a9a500112e6526604c337cbc54feea3383eddf3adb5b92d6da5295","first_seen":"2026-02-25T03:05:09.955526Z","last_seen":"2026-03-07T02:01:37.494267Z","times_seen":63,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":42,"dns":1,"connect":1,"send":0,"wait":99,"receive":44,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/media/797e433ab948586e-s.p.dbea232f.woff2","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/media/797e433ab948586e-s.p.dbea232f.woff2 HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 31288\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"7a38-19c951947b9\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31288,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31288, version 1.0","md5":"da83d5f06d825c5ae65b7cca706cb312","sha1":"3820bcdc2e187ff5332ab0d5dc8529f8e10fd574","sha256":"b7ac144b394cbd81052d6397ec0c33397977b1d7e9bc095e744e652a378c6fb3","sha512":"c8b02f1655b30d6fd6e0b3ee92280d175fb0410938a71f625354fe79e009fb2928ed55b45d0000db9e527a388e8f3eb42875c6965c80eb4b03046c50f49ed187","ssdeep":"768:N4C8ya3ZZij3h4s0iIfv/x/tV3167X/27IwwlsUxCkegAeyTrJD7/kX:Z8Pzf3JF67eqlsZXLTrJcX","tlshash":"47e2f1e7f5578489abb26e7102e105d5c5ed4aa105bfd1fb642c70660d3aa0e0fc0b27","first_seen":"2024-12-09T15:40:29.87187Z","last_seen":"2026-06-08T03:05:22.703009Z","times_seen":23950,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/ea80403269d20319.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/ea80403269d20319.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"1d04e-19c95194794\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":118862,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8194565c559f218a4dbada2ddb8dbd0f","sha1":"84411cdfffd21df4573fd018dadba80c99376d13","sha256":"f0d2e4a84a00ac85f00136a5d217034b01e240087461261ce8d46de9272a698f","sha512":"947d3369333c83676db1b8d83d96fed15b2bbb015af3a9e15ba9543b6826f359432fdea7ab0dc9f84889b6a60646d0b708ef226493a5e783bc7aad09a933164c","ssdeep":"1536:KE+JHdrBQVCzoR7pjUbztSsMX8ohOsmZu/gzib3aI9+Ztm:S8CEnjU1SsmhOsyda3avtm","tlshash":"85c308f935d5f48207ab44a6c03f0006f32c4d77189e68a0a3e5ddda746499de1b3faa","first_seen":"2026-02-08T14:10:35.588495Z","last_seen":"2026-06-03T22:24:50.318944Z","times_seen":77,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":99,"dns":0,"connect":0,"send":0,"wait":47,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/d2be314c3ece3fbe.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/d2be314c3ece3fbe.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"77d9-19c95194797\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":30681,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30679), with no line terminators","md5":"e189b2054d05a586f4fd6eec2888c203","sha1":"7d92609e0338be85a1f0085efa31f699878f269c","sha256":"a6248517cd3ee53a8186b51c59e1e764e3dc0c512f4acbd50e818f9884663e21","sha512":"1c0e250e62e070ed252776fbd469b27c9c19dc68e695b9e90003b746e3ab6f9c919b39ed1890d581bc0bec54a0b8b2b8a68a415db186d4d278121cbe124a8ad6","ssdeep":"384:735z75Bq9E0m1YmRDQ0cJ3tn79Fg/Ag8qWtOPSNxErV:D5z9BX0ZMOx3ErV","tlshash":"fed2e8717395f9a352db85d9d03a0015f2290d3530ae24b07394dcef368dc89a1fafa9","first_seen":"2026-01-15T14:11:00.285057Z","last_seen":"2026-06-08T03:09:53.45268Z","times_seen":6027,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":184,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/api-docs?_rsc=nn07o","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /api-docs?_rsc=nn07o HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_index\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:12 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1\r\nx-nextjs-postponed: 2\r\nCache-Control: s-maxage=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3614,"size_decoded":0,"mime_type":"text/x-component","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3127)","md5":"e404842213baa0e3cecab35ddc7fb662","sha1":"de401d00bffa8d3819e34eaec91267c40094fd5f","sha256":"7ae22d7728e2134425a98e765b79e9cc1584e0e616e5568f7ce334d73ec756a8","sha512":"97507e72b358f5f4a423bfee8db7aebc1ddfad7d31f1438a748ca0f99dbfea20aaaed5f23260be7b32ad23b66e73e18030ffc3b22d198d3380a70874f325253e","ssdeep":"","tlshash":"1a71203a9609e93e7e56495d11bfef1a625d003b53300cb9f79cdd2803a11796b437d0","first_seen":"2026-02-25T21:58:49.481726Z","last_seen":"2026-02-25T22:29:22.179462Z","times_seen":2,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/scan/2nP9yKQNSGQy851iyawDvBkzkK2R2aqKArQCKc2gpump?_rsc=p37cr","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /scan/2nP9yKQNSGQy851iyawDvBkzkK2R2aqKArQCKc2gpump?_rsc=p37cr HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%7D%2Cnull%2C%22metadata-only%22%5D\r\nnext-url: /\r\nnext-router-prefetch: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nCache-Control: private, no-cache, no-store, max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3278,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (2277)","md5":"dbb47c8aa257afc391e4ff417b0004d7","sha1":"4344b86fe7603191bbef50ce5dca68435370d037","sha256":"dcf8ca42f6f5aa199e2ed48a2b46553576e850408498304d3864b007337e324b","sha512":"637606488a1c0a27351e3b6bc4c1fb4a17198b5110bc92e9e6c46bba35942ae021b756588443858acc76472bfdb186a5b727a91d6ea17574775146da08aa78b1","ssdeep":"","tlshash":"2161403ef911ec376f8f4a49085fb30aa29e63f7ab283ab1d44ccd1806d67970d41661","first_seen":"2026-02-25T21:58:49.483584Z","last_seen":"2026-02-25T21:58:49.483584Z","times_seen":1,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/api-docs?_rsc=yq58y","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /api-docs?_rsc=yq58y HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /api-docs/__PAGE__\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1\r\nx-nextjs-postponed: 2\r\nCache-Control: s-maxage=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12137,"size_decoded":0,"mime_type":"text/x-component","magic":"Unicode text, UTF-8 text, with very long lines (3686)","md5":"82a9a1b7d3f7317a51f45cc4f97f8c5f","sha1":"5a76e98e527bd4bc6f1beabd9b5bf549fc6ad5b0","sha256":"f4adeee326e8d71cfdc7baa3bd4d2c81eee12944746c79d985dc3c626b329738","sha512":"fd900760fad19f6039fb97a7165a05aef100c1a248d221b1bb0f0f7c3d87b1367dd466c2422036fced6b652b32ca4fd72e13599f5e35cd0134c0b75aad394d29","ssdeep":"192:c0B1j20GhGWILAPq8QKqouhPB8DOYl5B85kbM9cJMYU+yral8DDweolYCGBb+hLC:c0Ghg06P+Rf+g+Qe+QOXgzS+4uJ","tlshash":"6e424a3d7616aeadaebb0571541fd27e222d073bdb668d7be2bd2e5503860302d07384","first_seen":"2026-02-25T21:58:49.485623Z","last_seen":"2026-02-25T22:29:22.223938Z","times_seen":2,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-desktop.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /phantom-bypass2-desktop.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 3967947\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"5a6a3867cbfe36845cfc495e5ca7f0ea\"\r\nLast-Modified: Fri, 23 Jan 2026 15:05:42 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a768eda5f5a0f-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":786432,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"77c8cf44927733853063e12a9c919838","sha1":"e753f4fab619a4ad9c7e362f7dbca7d28c6af569","sha256":"0a412e42c896359759d6f578d9439fdfa66c8387c55de84440861ea71f463e59","sha512":"23e51c246c2f5f89fb1e53fad2bbba306a23f2a5d708b1b58dd8b8a60a382c9e38d475a7b57e90d617d2f87524659ca3c63da65c0248367925c1f5ab8bb570c6","ssdeep":"12288:VEznytgluvfiMoSnqYsA4Xp8fvndMMr95Hl42YSbZQxiVUSmj3+SSB9WV:avufiMHLszpYKMLHl4XSjC3h+s","tlshash":"8ff423e9846d4c8222510261295a753c2053b03eddf7bc39b1acdf9dc69ee3e8ce91e5","first_seen":"2026-02-25T03:05:09.958112Z","last_seen":"2026-03-07T02:01:37.50279Z","times_seen":62,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":39,"dns":3,"connect":1,"send":0,"wait":130,"receive":154,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/98dddd8a319b0650.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/98dddd8a319b0650.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"148b-19c951947a9\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5259,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5259), with no line terminators","md5":"d37eadc62881f9ac5ca29534476d7312","sha1":"6545abb675bc34d26cab60f2ae7c98083d1bf56d","sha256":"a90fbe6372f76a05949f198a12ffdef7000b96c11627891111be4b3ab72f3340","sha512":"c83fd77f3af554ab0027dd03e2300d2d5ef5faecc11cfecd450cdebc8e7d3cecbdc906ccab00755a2acfaeac627d4f54bf101a3acdc18d4857e2a1b4c272e509","ssdeep":"96:wrnXJ47XsY3Gv22aqbk0UjQm0dSaA9n5GmQV0m9/1UXTxjNUXTujZv2P:wrn547X33h2agGjQm0dbAGmQVL9/1Uvk","tlshash":"16b1d8f67a86fc30425d45945433c25b7a183e36204ea494d7ee8ced32b9d8a85a1f8e","first_seen":"2026-02-25T21:58:49.488543Z","last_seen":"2026-04-29T15:31:57.766152Z","times_seen":4,"resource_available":true,"data":null}},"time_used":187,"timings":{"blocked":165,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/bafkreihturqwqk5vwlqutqac36payeuqde3idm6iedqipmvmc5dbj6hgia","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 15:03:23 GMT","end":"Mon, 27 Apr 2026 16:03:19 GMT"},"fingerprint":{"sha1":"16:37:D6:0A:78:51:EB:99:5C:91:AE:A9:51:6B:28:6E:E2:74:CC:C8","sha256":"2B:72:87:59:6F:16:53:27:D3:92:29:A0:D2:F3:41:50:18:E7:CE:AA:72:5B:28:68:38:95:22:6D:75:0B:0D:35"}}},"request":{"raw":"GET /ipfs/bafkreihturqwqk5vwlqutqac36payeuqde3idm6iedqipmvmc5dbj6hgia HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 35073\r\nserver: cloudflare\r\ncf-ray: 9d3a7679ac3b8deb-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 105324\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"bafkreihturqwqk5vwlqutqac36payeuqde3idm6iedqipmvmc5dbj6hgia\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/bafkreihturqwqk5vwlqutqac36payeuqde3idm6iedqipmvmc5dbj6hgia\r\nx-ipfs-pop: rainbow-rbx-16-102\r\nx-ipfs-roots: bafkreihturqwqk5vwlqutqac36payeuqde3idm6iedqipmvmc5dbj6hgia\r\nx-robots-tag: noindex, nofollow\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":35073,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"b63b16b33fad331106af4f9d16b45de1","sha1":"0cdac37cc45efba3987a063a4d82a1a6c8dd798d","sha256":"f3a461682bb5b2e149c002df9e0c1290193681b3c820e087b2ac174614f8e640","sha512":"8ea4d4d080a30972ddbe3187237180406b8688b945518e2d52fe366f24dd9a367459de4e6b29db51c6d651be12ece5ae3a810c118d4788ad81ce10e72a15d849","ssdeep":"768:gDU0AVEgKLKRPMYVVKDkOWuMaiqQiVdas:wsVRqY34kOJMaidivas","tlshash":"f4f2f1e313293364f36c85b381ad5ef4f4267b8b9a70d2b08b504334e2652d4ae8f1a5","first_seen":"2026-02-25T21:58:49.490537Z","last_seen":"2026-02-25T22:29:22.183124Z","times_seen":2,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":72,"dns":15,"connect":3,"send":0,"wait":42,"receive":16,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/scan/2nP9yKQNSGQy851iyawDvBkzkK2R2aqKArQCKc2gpump?_rsc=1r34m","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /scan/2nP9yKQNSGQy851iyawDvBkzkK2R2aqKArQCKc2gpump?_rsc=1r34m HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_tree\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:12 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nCache-Control: private, no-cache, no-store, max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":379,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (378)","md5":"3134d303883bcfdad09358f85cf865bd","sha1":"d0c48fd5cba729f0563d2b4487e7d7431219e5c9","sha256":"2cb8df5a146ce2040570b6cfff24a18b1e8e278f142ce7441de044aa78eed124","sha512":"7a5899a77e229e1ca43677f4615e75b4d8deac9bd7c735e891f5d8f662c56081f45611a232d35cffe94737bdaafb0738ffab7a485e7c07ea9fa5eec79f3de40d","ssdeep":"","tlshash":"dde01a2b1c0e14b31abf20f4852e9a0a19dacd7b239824f0c0945d1f3fb232287cf596","first_seen":"2026-02-25T21:58:49.492423Z","last_seen":"2026-02-25T22:29:22.185069Z","times_seen":2,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-desktop.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /solflare-bypass2-desktop.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 8319275\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"ffdbd9550fb16af66a8cf7717da03833\"\r\nLast-Modified: Fri, 23 Jan 2026 22:06:40 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a7691aa46c272-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":196608,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"02163d2fd967c517b10ecd6f8096209b","sha1":"45024657ca90eeabc1e91efddf3cf21569d1ba99","sha256":"59c4a6f38c0de72646a654cd1083701590d5b9b5d0b79207e2af14ff5733a597","sha512":"4276d723a05a16633db45ecbdf78868e021e08c995e463ffe36ce5b7c87841971a3251bf4051435761a7e77095bcfac9c86df3fa73a91c9c30caf5576fd5b8d2","ssdeep":"3072:bf5Iz++emEBeefEU69n8DMeI7bRooWIWGSICgjYnsAaf2Ol/IXVu7Q0GDhh/tNEG:bfw++FELEn9n81uoNI/ssN2OlwXVAQ0U","tlshash":"6c1412eae0be1f15de680468665d1bd52ee340793dbd3c3213809d6d5fd386a3e8c898","first_seen":"2026-02-25T21:58:49.494288Z","last_seen":"2026-03-07T01:55:50.774331Z","times_seen":8,"resource_available":false,"data":null}},"time_used":497,"timings":{"blocked":362,"dns":0,"connect":1,"send":0,"wait":103,"receive":6,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/82abf2d65f5428ae.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/82abf2d65f5428ae.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"8213-19c951947a5\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":33299,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19587)","md5":"19622580859b19b23901b9a7be2f7937","sha1":"c06faadd6f342879b808413390376b59f7e0b20c","sha256":"bbc0826384faf59b3d35a439a95f7787cd19280ee35469c84cd0b213bc306f11","sha512":"defe2216a1fb2d9b3670710dd2ec27e23fac86ce5e8cf438ddc8038d513c145fc333c0afd051cbf6f1a83d62beafaa5dfc378bbccf26f7eb98bc59c9912f856a","ssdeep":"384:uj/7DGGRPR+rTfIVZ/X+0o3NkOG4+Z47aJUSwT4WGFJl:M+/8Z/X+0o3KZzZ47amy","tlshash":"bce2c7b572d5faa2129341f0c43f2017f3680d7521acb470a7e8cc9b755888da6bafd9","first_seen":"2026-01-19T06:24:39.223584Z","last_seen":"2026-06-08T03:09:53.425271Z","times_seen":4266,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":77,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/?_rsc=1r34m","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /?_rsc=1r34m HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_tree\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:12 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1\r\nx-nextjs-postponed: 2\r\nCache-Control: s-maxage=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":624,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"c02d721beeb8e2302d6d85f13a885a00","sha1":"a657e3d168c33eb513e645894a40369277f643d1","sha256":"1e1c59f00ed46b684dacbedaf53489316fd10acef74db66b001300bfa0488bb0","sha512":"c6013b11fda1b441a3989585cb38291f3970388a84dad2e4b6b0d85c4a70c9fb6634246f04d0648e2acd39a1aab21d8fdcee871bdffc1dd75cfe54b32637226b","ssdeep":"","tlshash":"12f0282ec819ad9858e5949c628ee7121668aa3bb4a40de8d4cf5c54167a0391fc6f43","first_seen":"2026-02-25T21:58:49.4968Z","last_seen":"2026-02-25T22:29:22.274577Z","times_seen":2,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/bafkreihturqwqk5vwlqutqac36payeuqde3idm6iedqipmvmc5dbj6hgia","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.617Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ipfs/bafkreihturqwqk5vwlqutqac36payeuqde3idm6iedqipmvmc5dbj6hgia HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T05:34:20.987672Z","times_seen":16230898,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/scan/DpTGPZ3hokS2nZix1eHFgmvwCyhXceM74gAN85Aac7tp?_rsc=p37cr","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /scan/DpTGPZ3hokS2nZix1eHFgmvwCyhXceM74gAN85Aac7tp?_rsc=p37cr HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%7D%2Cnull%2C%22metadata-only%22%5D\r\nnext-url: /\r\nnext-router-prefetch: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nCache-Control: private, no-cache, no-store, max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3239,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (2238)","md5":"4ea9b156ffb68da74148388230dd0abf","sha1":"a34313fb4607f3fa03a0f866e889faffe2a96a7b","sha256":"a5453566058b1fccbb6f0e4662d3b7c39cd85c7d8734d223341937f8470f3c65","sha512":"f5a85a4a66557afec87861f2c79a0b8fdb6ee20db7c17f9efb32dc343b7316c2cbf03491d4720aba63fe047c23d3d661999580762467d96633f47b0025aa27fd","ssdeep":"","tlshash":"2b61253aea12ec26aee78948180fb217528e537fd7786c7ac48ccc5c1bd56571e41362","first_seen":"2026-02-25T21:58:49.502148Z","last_seen":"2026-02-25T21:58:49.502148Z","times_seen":1,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/?_rsc=1pn8p","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /?_rsc=1pn8p HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_head\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1\r\nx-nextjs-postponed: 2\r\nCache-Control: s-maxage=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2337,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (1948)","md5":"c71866d5d30c75db9bd1fd7c9342bd65","sha1":"02bbfb4d8490d1002f0e744f4a30857dadcefa5a","sha256":"37fc6ba775b88490998b87ee8738862e250d97e8336c9ddbb1cf424d0104261f","sha512":"b634c80cd5c13595a644f6d4798fc18ff041226d4ef56d12f9e4c6676e72a720c8134e51158f30b4eb4115d05dc684f21081231dc6be8cf411a8a504da85323a","ssdeep":"","tlshash":"cb41af7eee01ec3a7b9b494e045bb30b625d4337c7785876c68ecc480bd525a3e55261","first_seen":"2026-02-25T21:58:49.474075Z","last_seen":"2026-02-25T22:29:22.230934Z","times_seen":2,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-mobile.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /solflare-bypass1-mobile.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 6028322\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"cf5ac8fca45e5d0409fef8923c179975\"\r\nLast-Modified: Fri, 23 Jan 2026 22:54:15 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a768eece2c272-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":786432,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"13ec753f0f7ac3f2e09cd8fb3d159fd6","sha1":"fb7c640e5ea1b3eb5af719aec31fe04a971c27db","sha256":"69c12f796a581c42a4dfedd57a615fdc0407867c0ab2577507c6afe5320d5b26","sha512":"79c55e8cc4ba19d93751be035f34ffea46704d06b08da0ee65a013c3bb40a7f3295156bc659db38df831457a65d53ed01bb79812b5903f66de13108d99c85e9a","ssdeep":"12288:WKLOlpdbVhOBbi61VlVP30w5qYO8DgLhC9bxl0zY6+wqzta5YpqXl5M0k+3uJH:WKS1/OBbi61/Vvx5qYONFC9VGM60S15M","tlshash":"b4f433f9941e38c2eb42b5617c2f12219dffb09b487f5fe24b40ba6a23dad4443d9458","first_seen":"2026-02-25T03:05:09.960469Z","last_seen":"2026-03-07T02:01:37.469286Z","times_seen":59,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":44,"dns":6,"connect":4,"send":0,"wait":144,"receive":153,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-mobile.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /phantom-bypass2-mobile.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 3967947\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"5a6a3867cbfe36845cfc495e5ca7f0ea\"\r\nLast-Modified: Fri, 23 Jan 2026 15:28:10 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a7690f85e8be6-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":180224,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"001d67de04cf4aad52714dd19d05c15f","sha1":"29184617d82962285ced6eb54d8f875c3a6f3d97","sha256":"d50e61f470ef80f28d4f58852d906da1ac263b661158c25d5de2471db09b3e28","sha512":"4c9f47995602b8beaab50589be832335aea099067660b490a485c04fb053e3b18029f13c2f5d147e37f73de9ca4db40f2aa8b9117335c7e0b17905769c2a6311","ssdeep":"3072:VxuHlknzj7fwU48cUGTsKu8yqI/z3nU5a5+thlHuvfoK0MxhnsjO5zWW6:VEWnUzTsEyqI/zk5a5+LlHuvfiMjsjOE","tlshash":"b00412a5c56c5d42612f02111798e6b9045395bdd4fabc2430fcaf0dcb9fafd2ee14a0","first_seen":"2026-02-25T21:58:49.503841Z","last_seen":"2026-02-25T21:58:49.503841Z","times_seen":1,"resource_available":false,"data":null}},"time_used":429,"timings":{"blocked":255,"dns":1,"connect":1,"send":0,"wait":135,"receive":11,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-mobile.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /solflare-bypass1-mobile.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 6028322\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"cf5ac8fca45e5d0409fef8923c179975\"\r\nLast-Modified: Fri, 23 Jan 2026 22:54:15 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a7691ac094c11-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32768,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"5fa12370dfc3d397ca986901e8c52c0d","sha1":"0a666d4119bb41b8f917ed161889d7fe71078724","sha256":"bc9797e84aa27c88073daf66631e89556be14fab0fdb55e1db67226fd32c2056","sha512":"c1be6ce603e99366091c8a136ee5fa36255e35fdcd19e2e847e8e76ae00d5bd9795162d28903935b0f9c5dc70a326c05d0d6174c1f94659f64bc0bf945bcdcff","ssdeep":"768:QtcihXZzfObmB9SKg76KrO8KC/1RpqZ+bMj:VoZzf5PSK06KrLVDqd","tlshash":"b9e201cd89c4beac6fbb2783b610d6b74f13f012617726c908b6b3462bb46d18541e28","first_seen":"2026-02-25T21:58:49.505499Z","last_seen":"2026-02-25T21:58:49.505499Z","times_seen":1,"resource_available":false,"data":null}},"time_used":489,"timings":{"blocked":359,"dns":0,"connect":8,"send":0,"wait":96,"receive":4,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/api-docs?_rsc=1pn8p","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /api-docs?_rsc=1pn8p HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_head\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:12 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1\r\nx-nextjs-postponed: 2\r\nCache-Control: s-maxage=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2322,"size_decoded":0,"mime_type":"text/x-component","magic":"Unicode text, UTF-8 text, with very long lines (1931)","md5":"6f6ab3177418479e559880da6dd05cb1","sha1":"53614b857b7e0b3c122056825bd45dc3deb0b69a","sha256":"9d60c9eb344aadc5b59a7ecdcfb16f9bf1ae1d781973506f3ddd4a6894136463","sha512":"63c4679d95dab0e647fbcc0148454927ebe72fdbbdf64efa660c8574d6791bacadb4fd4fcc3a63c95bf38bf4afa3b7fe6f8d764dbc7b1a4613b32b00bce2cc9d","ssdeep":"","tlshash":"d5419e7eee01ec2a77db494a045fb30b629d4337c7785836c68ecc5807d535a2e55261","first_seen":"2026-02-25T21:58:49.5067Z","last_seen":"2026-02-25T22:29:22.275945Z","times_seen":2,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/c4587bb0f53f4ca8.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/c4587bb0f53f4ca8.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"27769-19c95194787\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":161641,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"48fc81147fb51eb96a88292a4eb6be79","sha1":"7b17b8dfa2ef9d2af3d5228297b5dfa6722fb435","sha256":"bcc416449145eff5fb174031c820b4ec6914267ae37709759188b0340ce98fd4","sha512":"b4f944b2715e1a08936ee71daddfd1a2d9c98e06a308ba4fb2d0b0ed855c3514f2819d022e7b6495d9c193048ba84d177b54097d412c9e47896fe784013489fd","ssdeep":"1536:wa7bjQfrQemmgMd3ToB9gDzdFhZPi3qSiqreOvOa6v/7d5hmlYIpXSiuJFGYodgh:r7w8pmfd3T5XYa2T6Hzx1bHYC37","tlshash":"28f33ba67351713983df919ac09f4b41b33e19d4601a403cf67e99db2a2068962fbf3d","first_seen":"2026-02-25T21:58:49.507693Z","last_seen":"2026-02-25T22:29:22.222133Z","times_seen":2,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":223,"dns":0,"connect":0,"send":0,"wait":31,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/cbd6cfb63f13c644.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/cbd6cfb63f13c644.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"6f97-19c951947aa\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":28567,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28562), with no line terminators","md5":"7098148e22cd0cb5e5a7711726acdf86","sha1":"9c2cb718d078e95272c758cce715b3d3088619f8","sha256":"3513688ff5add5b97248693890b9755121af21567b2b841113fef1f3b3019c81","sha512":"0ef99204965554cc7b240aa58ab9e478db62855f6fa95d14bd559a795735f2799f232742012bf4be99319c09845530a59faa4dcb270be9cdad4e7d3ca049accb","ssdeep":"768:J1wC//lQc3HNlFrtgPslqJvOu8LuCACAGFZJK48QhgdIdgYrBMcEBSyLAntJTFy9:JKCSc3tlJzLwqdgYrzyZH","tlshash":"5dd297557290fa9ca4ab01a8592fe05db32f2eacde5fdc64b7bc64611e01098f613fc4","first_seen":"2026-02-25T21:58:49.508811Z","last_seen":"2026-02-25T22:29:22.287276Z","times_seen":2,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":223,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/bafkreiallp55sjjfnqdy2njxnyhljygk5hiltpjdfeub3vjsc7zz6tl4qy","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 15:03:23 GMT","end":"Mon, 27 Apr 2026 16:03:19 GMT"},"fingerprint":{"sha1":"16:37:D6:0A:78:51:EB:99:5C:91:AE:A9:51:6B:28:6E:E2:74:CC:C8","sha256":"2B:72:87:59:6F:16:53:27:D3:92:29:A0:D2:F3:41:50:18:E7:CE:AA:72:5B:28:68:38:95:22:6D:75:0B:0D:35"}}},"request":{"raw":"GET /ipfs/bafkreiallp55sjjfnqdy2njxnyhljygk5hiltpjdfeub3vjsc7zz6tl4qy HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 24534\r\nserver: cloudflare\r\ncf-ray: 9d3a76798bc38deb-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 4362273\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"bafkreiallp55sjjfnqdy2njxnyhljygk5hiltpjdfeub3vjsc7zz6tl4qy\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/bafkreiallp55sjjfnqdy2njxnyhljygk5hiltpjdfeub3vjsc7zz6tl4qy\r\nx-ipfs-pop: rainbow-fr2-02\r\nx-ipfs-roots: bafkreiallp55sjjfnqdy2njxnyhljygk5hiltpjdfeub3vjsc7zz6tl4qy\r\nx-robots-tag: noindex, nofollow\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24534,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"40dfb35cd51f93ab09353b99354435a8","sha1":"c0ca65897cac1e6bba9c8b32806ccd249f6aff4e","sha256":"0b5bfbd925256c078d35376e0eb4e0cae9d0b9bd2329281dd53217f39f4d7c86","sha512":"83539cd67f2acb99325e2a4af4ee2d6010ded280fddaba15e7ec3fe70978e591dea998165abedfb5681a84b73f84b0f947869b439af28369a52bb0f2c64a1af3","ssdeep":"384:sqRXgLbFQVfPiE4PaGOMsKBAb55wce0uX9fPzwjuE7tAaceYtKPtWQIQjTg7O0R3:HXO6GO9b5XeDZPzwRtS3EUv+TaO0RXxx","tlshash":"19b2e1139baa1747fd2c5afcdeba473da3cfa601a848074713509a76f8570b3298e543","first_seen":"2026-02-25T21:58:49.509749Z","last_seen":"2026-02-25T22:29:22.229402Z","times_seen":2,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":62,"dns":0,"connect":4,"send":0,"wait":57,"receive":8,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-mobile.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /solflare-bypass2-mobile.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 8319275\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"ffdbd9550fb16af66a8cf7717da03833\"\r\nLast-Modified: Fri, 23 Jan 2026 22:07:07 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a76908c8635a6-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15059,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"bf2f66f6bb8dad60567fee42fdd7901c","sha1":"2555a7eee4f1724d10f2e5744703a25249ad3c19","sha256":"19149a2a76973f2fd232c7d23f22dd71be7d996ec62b3cfa1dac1e427cb3c2cd","sha512":"c1594fdc8f3c258186cdb7e67bbb167559abc992070f95b43086ac4096265a90fc125a0b634f95ef6ed72e39de9ae05e55f62ff1a8ad5ddb737ca14996fa4f7c","ssdeep":"384:85ZCMz5ZCLDkWUC9ZRYcilQ96zIGZPOe5cCYcTXH7xJzGdWVJiB+Lf:pMqftUC9fYFuhGFXbxJzUXB+b","tlshash":"6b62c0fbf069d346e86afd63a96fe9053aca893f6dac101d6302f655b742d040f0c066","first_seen":"2026-02-25T21:58:49.510644Z","last_seen":"2026-03-07T02:01:37.477594Z","times_seen":4,"resource_available":false,"data":null}},"time_used":461,"timings":{"blocked":276,"dns":0,"connect":1,"send":0,"wait":149,"receive":7,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-mobile.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /phantom-bypass1-mobile.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 2031700\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"a22dc9face81ff1665651f1052a0a99f\"\r\nLast-Modified: Fri, 23 Jan 2026 22:55:26 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a7690ca1d783d-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48971,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"aae219bb608c2ec8599b049b66b866f6","sha1":"2d55d2d33c9bf5858804d9ffb587d33a90006028","sha256":"0a774f6c826031d5d7d0462665fd322d8f34a3e049986d177a16693821d91982","sha512":"4336b0d2603d2ead4c90857870c75c99ecf03e7247c7fc32087b75df42d4f70dc2d17e40f5e99c4d1429b24d966af9c95ad3a1585c30dd855fbd254491f66aa4","ssdeep":"768:Spt+iWzvVGM0LbrrtSeGLR1Ci5ksNsalMYPHSFxY3mLlVm03SBBN5G5X/BMgp:SX+ikGnbrrtSelZONlMiSFxY2v0tk5Xd","tlshash":"5b23f14a1529745122dac8c7ed34ee1152a36acdb85ae6670cf48fecd13b91876b031f","first_seen":"2026-02-25T21:58:49.511695Z","last_seen":"2026-02-25T21:58:49.511695Z","times_seen":1,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":236,"dns":1,"connect":1,"send":0,"wait":96,"receive":8,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-25T21:58:11.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1, 1\r\nx-nextjs-stale-time: 300\r\nX-Powered-By: Next.js\r\nCache-Control: s-maxage=31536000\r\nETag: \"8jelgb7mbr1207\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":49266,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (26758)","md5":"d613a6cef226b3bdac90e8f51f92b308","sha1":"8ba6e89edf5d795cd206af6bb770e9a0dca68dc6","sha256":"e03034f0d8f17daee26ecd5505f88c8b52cdfc032feef7609cc5f4b3bfd49163","sha512":"68055c7f3f6ce43a2be2fdfd48a0815dd6d3ef92187217082e74952d09462d347bde4e2a64d7ef69a9085d14d3aeb43d0479d86ef382508a9d4933eb487011d9","ssdeep":"1536:m33HwX1J0e3e8efeQH1OoeGeleaeVeO9eKeXe+eKetemUgYrsfEcQli:mwXqHAeZULrhli","tlshash":"fa23d7a17201e92da8a74dbc657ebf3a51ae823ec667cd68f3dcc15103c7c75ab42580","first_seen":"2026-02-25T21:58:49.51269Z","last_seen":"2026-02-25T22:29:22.292198Z","times_seen":2,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":90,"dns":15,"connect":43,"send":0,"wait":82,"receive":1,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Anti-debugging code","verdict":"suspicious","severity":"low","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/ff1a16fafef87110.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/ff1a16fafef87110.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 282\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"11a-19c9519479f\"\r\nVary: Accept-Encoding\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":282,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with no line terminators","md5":"5458632ee5cb3da028baebb11d5f70dd","sha1":"57e264834d3635e52fbbd3d93135842c09ce8525","sha256":"e9786b1305894e4119bb9811a816dac9cf576755596dd989ee15b455749fc35e","sha512":"28ae4e3a3828f99d64b7d4bfc7238d56c9ad910ce267dcb6c01e53be00c88f8a7f024640680d2bd66240a9972322744ee9147883a12ff8c92717c27ebb3fef50","ssdeep":"","tlshash":"63d02b702150f8d84086a4cc8836424bf52928b262fe3895d7ae8cb16174f0c51e1e55","first_seen":"2025-08-20T23:30:20.185011Z","last_seen":"2026-06-08T04:39:44.020355Z","times_seen":22451,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":180,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/QmXCMT2EzYFBHmJnbt6DcU6Vza627AESYbWNS2sA7u8aex","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 15:03:23 GMT","end":"Mon, 27 Apr 2026 16:03:19 GMT"},"fingerprint":{"sha1":"16:37:D6:0A:78:51:EB:99:5C:91:AE:A9:51:6B:28:6E:E2:74:CC:C8","sha256":"2B:72:87:59:6F:16:53:27:D3:92:29:A0:D2:F3:41:50:18:E7:CE:AA:72:5B:28:68:38:95:22:6D:75:0B:0D:35"}}},"request":{"raw":"GET /ipfs/QmXCMT2EzYFBHmJnbt6DcU6Vza627AESYbWNS2sA7u8aex HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 14808\r\nserver: cloudflare\r\ncf-ray: 9d3a76799c338deb-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 1000889\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"QmXCMT2EzYFBHmJnbt6DcU6Vza627AESYbWNS2sA7u8aex\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/QmXCMT2EzYFBHmJnbt6DcU6Vza627AESYbWNS2sA7u8aex\r\nx-ipfs-pop: rainbow-rbx-247-80\r\nx-ipfs-roots: QmXCMT2EzYFBHmJnbt6DcU6Vza627AESYbWNS2sA7u8aex\r\nx-robots-tag: noindex, nofollow\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14808,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, description=Screenshot, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, datetime=2026:02:14 08:43:17], baseline, precision 8, 318x266, components 3","md5":"6715c710952d60b23eba83b7d54f1ea6","sha1":"750c85b2638764d032c153e8596c5a1460882659","sha256":"d326208e799a6884fee3c86c08bb0e367cb419e191d8962b0e70a9470617c909","sha512":"4122f8594636744c6822b80f333cef9f43aaba21f0dde45c5ef7710f2e264c7f01b71f83cd751cf659df82b3cfc80d04ee8c5b69b25d5d8efc7bdb1df10a4e93","ssdeep":"192:Qps1hMH8b/uZhh33IlhAaT9UM0Rwz9pQuK/NGqCitB0a1yCeeLVoSDhYr0+xVK:BvTb/uBUhAUGwJiu/WtmGeK9Yg1","tlshash":"0b62be3306dc8d9bdd18cbf5bf560795979a9f20e49e36d3288149cbbf44943a66830c","first_seen":"2026-02-25T21:58:49.514339Z","last_seen":"2026-02-25T22:29:22.293546Z","times_seen":2,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":73,"dns":14,"connect":2,"send":0,"wait":62,"receive":1,"ssl":57},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/QmfVLtYXqhimYcffCE6XUJhL9h5J2B4HGtL5Ezfv4dDKzJ","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 15:03:23 GMT","end":"Mon, 27 Apr 2026 16:03:19 GMT"},"fingerprint":{"sha1":"16:37:D6:0A:78:51:EB:99:5C:91:AE:A9:51:6B:28:6E:E2:74:CC:C8","sha256":"2B:72:87:59:6F:16:53:27:D3:92:29:A0:D2:F3:41:50:18:E7:CE:AA:72:5B:28:68:38:95:22:6D:75:0B:0D:35"}}},"request":{"raw":"GET /ipfs/QmfVLtYXqhimYcffCE6XUJhL9h5J2B4HGtL5Ezfv4dDKzJ HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 219801\r\nserver: cloudflare\r\ncf-ray: 9d3a76797b868deb-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 198995\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"QmfVLtYXqhimYcffCE6XUJhL9h5J2B4HGtL5Ezfv4dDKzJ\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/QmfVLtYXqhimYcffCE6XUJhL9h5J2B4HGtL5Ezfv4dDKzJ\r\nx-ipfs-pop: rainbow-rbx-16-102\r\nx-ipfs-roots: QmfVLtYXqhimYcffCE6XUJhL9h5J2B4HGtL5Ezfv4dDKzJ\r\nx-robots-tag: noindex, nofollow\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":219801,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 400x399, components 3","md5":"7e15fcaa40e88228f5fc01bf9750d620","sha1":"808cc9d50f0115aa9322451e2672075b2957d287","sha256":"c53fa4f6a878183f896a8e7873c4ad77895e4453374d7fcab1b89fc3ceecca01","sha512":"4b28d3c48c56d62f65e95124c2fb7100ab10e5558f3f127e91e55f9b82a76bf6586475b6c8869265743230519bea1c7da4e3cfb9c616e53aec57cb326ee44cf8","ssdeep":"3072:aMawX4VDW1E5IlSf9ovEs0a5iYoaFPaceOQaydJ2FJQqdRVJJZ7YYT5+PVM3tOZq:aMl2W/lM+vEOQYdgDOFyivAY9+d24FQ","tlshash":"8b242325dbb8c1f3e8bf819cd823faee872a4788b435b5564c2708e4d2dc651c51b06e","first_seen":"2026-02-25T21:58:49.515313Z","last_seen":"2026-02-25T22:29:22.199965Z","times_seen":2,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":42,"dns":0,"connect":0,"send":0,"wait":44,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/?_rsc=ivliq","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /?_rsc=ivliq HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /__PAGE__\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1\r\nx-nextjs-postponed: 2\r\nCache-Control: s-maxage=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":6289,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (4278)","md5":"663654ce35e5f14f921305ae0c5034cc","sha1":"f27c55584dc043c39ab2713b01c3e138f5f5c498","sha256":"c6307865cc401d4ef9a3dfc375b50df53436b17594a891d4deb284d1274d19fb","sha512":"88dd2403bc823c529f9a142de90e2c3cc64643a6b12852cd49594d9c2381118aa6b345135fc7102b49dd22b7dc9d35a129e2027f6cd4e25a5ff4f6a25a2142e1","ssdeep":"192:OTfLAPXaZVz9GMd9cLeLUN5hZE9ugRGvtuiQ5ZePuifV5ne4uiBA5ve1:id4OPZ6AO","tlshash":"2ad1e12eab0bed6d6e77446c581fd73b522e86379a758eb9d3ed9d6003460302f462c0","first_seen":"2026-02-25T21:58:49.51629Z","last_seen":"2026-02-25T22:29:22.190956Z","times_seen":2,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/about?_rsc=1pr6k","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /about?_rsc=1pr6k HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /about/__PAGE__\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1\r\nx-nextjs-postponed: 2\r\nCache-Control: s-maxage=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":20548,"size_decoded":0,"mime_type":"text/x-component","magic":"Unicode text, UTF-8 text, with very long lines (4250)","md5":"6ae22837ac412617e6e9074854c90314","sha1":"e5c6bc9ca0137c3c26b55f15e3620ad6decd6bd7","sha256":"027c612acde5f968ba50ed543b8023feff511992328f31644156452e627ff2e6","sha512":"51e9591efd70bb9278bbd94a9a31c9ac78c761b6d3c58d16e7b234a397ce2a8105c2d23c5c71a7052e29e58c28e6d004ca6a5b8087668e8e8773a93538cf4042","ssdeep":"384:mGQO8JoTV8oK81b58RCCyg8F9riJw18hLIQBc:cBc+oV+RCCyzF9riu18h3Bc","tlshash":"38929d7d6316aeacbebb0461651ed37a232d463bda968e7ad2fd6e2103470311d173c0","first_seen":"2026-02-25T21:58:49.517233Z","last_seen":"2026-02-25T22:29:22.246377Z","times_seen":2,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-mobile.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /phantom-bypass1-mobile.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 2031700\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"a22dc9face81ff1665651f1052a0a99f\"\r\nLast-Modified: Fri, 23 Jan 2026 22:55:26 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a768edfe82678-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":786432,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"eeebcd74061a9dcd7dfad338ebe1d46a","sha1":"23148fe8cd0cfe6b4379103d03dabde517e9bfd9","sha256":"631978ce1c77fdc8360949130dc08a761d8a5cbf0b87875b7b1556706cabc068","sha512":"e151fd7805ccbf649173ed454739604bbb31cbd0daa1dbf057454363c74532c9a5c2310e516f087f21ef09e5cd7de46e91d67e01815274b82573caae494eff45","ssdeep":"12288:/2TA4vVLmF/WbRkFOppRWsWNbGSQHJAUOUsLOsWZssG5bxVWhseThDII57tSKnXb:/2TAaRkFipRWRSlpAzUWOsWWvbLqhDVr","tlshash":"41f4233ac26c0681a9a500112e6526604c337cbc54feea3383eddf3adb5b92d6da5295","first_seen":"2026-02-25T03:05:09.955526Z","last_seen":"2026-03-07T02:01:37.494267Z","times_seen":63,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":44,"dns":0,"connect":3,"send":0,"wait":112,"receive":131,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/favicon.ico?favicon.0b3bf435.ico","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /favicon.ico?favicon.0b3bf435.ico HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: image/x-icon\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-nextjs-cache: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":25931,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"c30c7d42707a47a3f4591831641e50dc","sha1":"9ecfcc8f0ead0bf3d2d7c39e084b88f41cc89a2e","sha256":"2b8ad2d33455a8f736fc3a8ebf8f0bdea8848ad4c0db48a2833bd0f9cd775932","sha512":"7053e0f76e92179fb5154e2665d81897736bdcc22b002b0a3f8e212f27ef80f56224adaa09972848a20c66b064d16eafa732140461071ad70b6193c33dd517e0","ssdeep":"384:ryveIpvjGAUdJ/RN0d2q3OTirIDpXofYPj68Xg5RNy7yyTLb4v0:bIAJdhwYqZ8pYYPjSy7j3j","tlshash":"11c28e9b2b7e2015c908257641aeddfb011b5d4b28b4a20025fa3eb7b4b3735091fa7f","first_seen":"2023-04-30T22:57:19Z","last_seen":"2026-06-08T05:44:25.41929Z","times_seen":25449,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/api/recent","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /api/recent HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:12 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8688,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4a39835aeebde1d2ca08a8f8023f72d8","sha1":"f77b261936a6f782b398eea7f40aae67acff4668","sha256":"1bb107075af75f75d71061bad3167ab85c5d104afc7cbf65967b830e2fdd1157","sha512":"f2f9280bec39060eb272e2bf9f331e3f5472a7fcf8a0165cfaad01d059da2760b4edc94bc90b341fc032fa5bae30d07848e2fdb0281898ce01ea0184403ab2ab","ssdeep":"192:MLYcBXn0SHY2oLYOKYamXn+YmXJjYAXX5rIzo/ZXrToBLuYPXn0lR+6J8z5XsFJy:wVpHwLYlpq+3NLHZgBLu0CROF1Y9lYPH","tlshash":"7b02878ee237bd1ee4a30f99b49fbe5810d8b0bb5bc5cd90dd89c42c02b0153959af94","first_seen":"2026-02-25T21:58:49.518691Z","last_seen":"2026-02-25T21:58:49.518691Z","times_seen":1,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-mobile.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /solflare-bypass2-mobile.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 8319275\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"ffdbd9550fb16af66a8cf7717da03833\"\r\nLast-Modified: Fri, 23 Jan 2026 22:07:07 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a7691bd72dfec-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16115,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"35778e925b4e63a969f62e12aaa392d7","sha1":"8fc67853bf23f2344b702371bb4f8188b2aa8121","sha256":"d1842cafaf951c31cae9a01a3439c4ecf13b271dc356070b292d29d59dbc5d26","sha512":"19e45576796d09d1f459bbe75a66fb624222c698fcd48bedcff7dc6cf0ae66452b84107283637879d22481f4c8260826c6e1b134d8082df1745c2d0634ef1638","ssdeep":"384:85ZCMz5ZCLDkWUC9ZRYcilQ96zIGZPOe5cCYcTXH7xJzGdWVJiB+L9IDvY:pMqftUC9fYFuhGFXbxJzUXB+eA","tlshash":"9d72c0fbf0599746e86ae962f96ff60536ca893f6ebc001d6302f149f7429040f1c166","first_seen":"2026-02-25T20:10:02.580207Z","last_seen":"2026-03-07T01:35:12.4313Z","times_seen":6,"resource_available":false,"data":null}},"time_used":531,"timings":{"blocked":375,"dns":1,"connect":3,"send":0,"wait":132,"receive":3,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","fqdn":"uygft-a78s.vercel.app","domain":"uygft-a78s.vercel.app","tld":"vercel.app"},"ip":{"addr":"216.198.79.67","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 09:22:01 GMT","end":"Tue, 26 May 2026 09:22:00 GMT"},"fingerprint":{"sha1":"43:A7:0E:2A:17:34:DC:42:83:88:AE:D6:95:95:09:58:26:71:E6:C5","sha256":"ED:6F:3E:CA:2F:60:5F:3F:0D:72:55:8C:78:B7:4E:0A:E1:37:CD:EE:4D:72:9D:FC:CE:FE:66:8B:2E:C3:13:95"}}},"request":{"raw":"GET /demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F HTTP/1.1\r\nHost: uygft-a78s.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X2aw4D%2BddjGIFO4Hw1Lj3L%2FKEZk2BSqL1%2F90MFGtl1oWwyoyVlLPWE8YbLxxXad7TpxSG%2BqO0m4VEFcGqQX2Oo0SOBd8sDBbi%2BDj8dEyK%2Fuc7IwHOKl6GpZvtZ2uhngPEVOTXD3m\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin,Accept-Encoding\r\nx-ratelimit-limit: 50\r\nx-ratelimit-remaining: 47\r\nx-ratelimit-reset: 495\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::bv7m2-1772056692614-df0ab0fae4c3\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":2846963,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (33714)","md5":"448a91f7ce53c00271306cc2b1de3d95","sha1":"707e0921c9c21d98a1583506979cba22086ea3c8","sha256":"aec7632876def11269dc74a62bc901b5ac6bccacd25234a63a8a1ae15b687a6c","sha512":"75ec5a408a429c713cdf4359db63c56e2b40fe82b5ac7267da3169fc6fb47d818c9f0e9f9cd0c047240b0d1737c05935ed1e390a239e6b2de618373666e5fe28","ssdeep":"12288:S44LZxNuaZYNUIFPfLUlKY4Ue+jFy1rq6c5249AZQmYN8Ge5CK3i/R0u4gpJR:S4cZxtaUFBE1r5c52aAZSu3iZ0uTJR","tlshash":"78256cb073a1b07a03eb92d594661100f334941a700d84acfbaca9eb6f959cf957bf35","first_seen":"2026-02-25T21:58:49.520247Z","last_seen":"2026-02-25T21:58:49.520247Z","times_seen":1,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":32,"dns":0,"connect":2,"send":0,"wait":11,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"axiomtrading.sfo3.cdn.digitaloceanspaces.com/36N9f7k6LcGNwL4Ty4zExHPw13BoTBtqNjvGJSt1pump.webp","fqdn":"axiomtrading.sfo3.cdn.digitaloceanspaces.com","domain":"sfo3.cdn.digitaloceanspaces.com","tld":"cdn.digitaloceanspaces.com"},"ip":{"addr":"104.18.42.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ams3.cdn.digitaloceanspaces.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 23:14:51 GMT","end":"Wed, 20 May 2026 00:14:44 GMT"},"fingerprint":{"sha1":"EC:AC:C9:80:EF:06:48:14:65:A7:C8:0F:3D:AE:BE:04:56:98:09:7D","sha256":"39:31:58:4A:97:58:51:18:8D:BD:E8:39:4D:B6:CF:47:AC:99:68:C9:E4:49:C2:B8:95:CE:43:8F:33:E0:1B:33"}}},"request":{"raw":"GET /36N9f7k6LcGNwL4Ty4zExHPw13BoTBtqNjvGJSt1pump.webp HTTP/1.1\r\nHost: axiomtrading.sfo3.cdn.digitaloceanspaces.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3244\r\ncf-ray: 9d3a767979d50daa-OSL\r\naccept-ranges: bytes\r\nlast-modified: Wed, 25 Feb 2026 03:42:38 GMT\r\nx-rgw-object-type: Normal\r\netag: \"256638bfd3608cb7b75a42686e56e99e\"\r\nx-amz-request-id: tx000006f5a78d37bfce219-00699e6fae-a0740474-sfo3a\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-do-cdn-uuid: dab85e55-c9b4-4ad2-8fa0-d6a313f06d95\r\ncache-control: max-age=3600\r\nage: 747\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=iSoV0aZL5SI_CRXPxbDjZI2bBBxDqHl.Lbch.kbEFoU-1772056692-1.0.1.1-Fs8PUr0OtacCK7al3AwWEQzX3OcE8Frk9ky6lS.jTCyYAdISuwqQHuMmSUtjjxLfOjjB1tzy894jhjISQWu4RJokdLDm9BR0ULrKtdkpo0c; path=/; expires=Wed, 25-Feb-26 22:28:12 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":3244,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"256638bfd3608cb7b75a42686e56e99e","sha1":"9ed2b677558b859d87091297feb0acf74e5b2ed5","sha256":"23c4407c25aed2048f7a8aea6775a22a22444d60fc1c01697e317cae0eec270b","sha512":"3a51bde9ae9302372048a9b9f1ef04be3edda8dce6b335c36fad358e856698ccf600ca56a70fad547cb8a914d7f65f572905d49e8dc2d25143abe077b1f04f20","ssdeep":"","tlshash":"fc617d2f76327097abb42d79113c37449d85fe80635c6ec1649f63c472c6400a6e89c4","first_seen":"2026-02-25T21:58:49.521113Z","last_seen":"2026-02-25T22:29:22.181322Z","times_seen":2,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":54,"dns":0,"connect":5,"send":0,"wait":68,"receive":13,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metadata.rapidlaunch.io/images/42bed0d1-a27d-4598-905d-9dc7fa55e47d.jpg","fqdn":"metadata.rapidlaunch.io","domain":"rapidlaunch.io","tld":"io"},"ip":{"addr":"104.26.1.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"8d3eae72.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 08:43:30 GMT","end":"Tue, 28 Apr 2026 09:43:26 GMT"},"fingerprint":{"sha1":"D3:7C:A5:69:2D:FC:FD:02:33:37:45:CF:97:BB:BA:81:00:52:FC:BF","sha256":"0B:87:C9:21:6F:91:32:35:F3:1C:A8:33:26:B0:2F:C3:DD:BC:F2:85:A4:8F:0E:3B:FF:28:52:99:B4:F0:69:A3"}}},"request":{"raw":"GET /images/42bed0d1-a27d-4598-905d-9dc7fa55e47d.jpg HTTP/1.1\r\nHost: metadata.rapidlaunch.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 34163\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uBEaQujJPLbgBr%2BP5TnK8iSAE121VKT1ZGQoHu0aiG2ai3JlINFtmDz6HBt8N%2BnocW5yf9ymNgjCHvm4T%2BI0VZu1uX8C05msshZiNGcuL%2F4FiHwXOFQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\netag: \"f32c720b26995d72b8363fc1fd818345\"\r\nlast-modified: Fri, 20 Feb 2026 04:15:42 GMT\r\nvary: Accept-Encoding\r\nage: 495749\r\ncf-cache-status: HIT\r\ncf-ray: 9d3a7679bc6cad45-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34163,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x512, components 3","md5":"f32c720b26995d72b8363fc1fd818345","sha1":"39273cd382c2d1221be869beb758656c287debbd","sha256":"012ffe53668e505263de28add826b57f20ef0e83b727631b96bb7225cb49b58e","sha512":"1b367231e787e7cfc72cb6b38b9e75827d72fb69a7bfe0680f46b1b2928ba819362d3d657b51c94735fba84fcceb0c76627f1fd3fcd417b6440625b9ad487df3","ssdeep":"768:Ie6hx/s4xtIE6cDQwDB/w5vDtlsn4ppxCkb+u8b:+x/f2/sn2pwg+Xb","tlshash":"58e2f23f9db7d42ad53a3033b5291f111d3ecd319306fa881e1396a547581ce1b4e92b","first_seen":"2026-02-25T21:58:49.522036Z","last_seen":"2026-03-04T19:03:49.942861Z","times_seen":3,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":82,"dns":14,"connect":17,"send":0,"wait":28,"receive":2,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-mobile.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /phantom-bypass2-mobile.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 3967947\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"5a6a3867cbfe36845cfc495e5ca7f0ea\"\r\nLast-Modified: Fri, 23 Jan 2026 15:28:10 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a768eed645fac-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":786432,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"77c8cf44927733853063e12a9c919838","sha1":"e753f4fab619a4ad9c7e362f7dbca7d28c6af569","sha256":"0a412e42c896359759d6f578d9439fdfa66c8387c55de84440861ea71f463e59","sha512":"23e51c246c2f5f89fb1e53fad2bbba306a23f2a5d708b1b58dd8b8a60a382c9e38d475a7b57e90d617d2f87524659ca3c63da65c0248367925c1f5ab8bb570c6","ssdeep":"12288:VEznytgluvfiMoSnqYsA4Xp8fvndMMr95Hl42YSbZQxiVUSmj3+SSB9WV:avufiMHLszpYKMLHl4XSjC3h+s","tlshash":"8ff423e9846d4c8222510261295a753c2053b03eddf7bc39b1acdf9dc69ee3e8ce91e5","first_seen":"2026-02-25T03:05:09.958112Z","last_seen":"2026-03-07T02:01:37.50279Z","times_seen":62,"resource_available":false,"data":null}},"time_used":347,"timings":{"blocked":42,"dns":7,"connect":3,"send":0,"wait":115,"receive":150,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/b9faa43b3e4d2c0a.css","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/b9faa43b3e4d2c0a.css HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: text/css; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"1d84a-19c951947b2\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":120906,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1ddf1d80bc46bc8d61494b49f41c3928","sha1":"3cbcd50ff1218790e7028f4bd810a7af27c1ce32","sha256":"10ce41bb1471074bee4f29ac1cb45ebba93eeceba65c8663d8912b3d6c979c1b","sha512":"00af09233075111794d615b33bd2286af5792cbdbf12f25706e2f0e94f45916e14cdf3342cb1cb9e673b9bfaadd3a101eea86fc855866c079d2ba28e1a660e82","ssdeep":"768:9ruAz2kED9fASl3Rht1WgilnTsNpnuWoBp7vAHCSl/Ku4WeeaEzzzKUpg0ajOhS8:9qf9YvQCSl/K/Up9thS+vyRErJJ1v","tlshash":"d3c341a0f1b0e17bbd27b5fda39cf45da20ab0a6dd6547ddb911620163e37f21892e00","first_seen":"2026-02-25T21:58:49.52297Z","last_seen":"2026-02-25T22:29:22.195117Z","times_seen":2,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":54,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/api-docs?_rsc=1r34m","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /api-docs?_rsc=1r34m HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_tree\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:12 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1\r\nx-nextjs-postponed: 2\r\nCache-Control: s-maxage=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":752,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (419)","md5":"4fe572a155865245d10e80e075497a18","sha1":"80b75bc500b298b9e89a6a1151b2b8195879c846","sha256":"3de70023faf2fd49ce027d0716cb14e0af6babeaef3ccc95934a887f6e323104","sha512":"69876d5203685eaf723df7acdff58d0fc7e5919348cbbea8ded1cf38bde537ed86e4c11509408aad8030dd24767b1b300d78ea0445a44e4f5848978a82be7ea9","ssdeep":"","tlshash":"ba014c2ec859bd9c68e5848c628ae70616689e3bb4a94de898cf5c50176e0381ec6f47","first_seen":"2026-02-25T21:58:49.52431Z","last_seen":"2026-02-25T22:29:22.196786Z","times_seen":2,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/bafkreiallp55sjjfnqdy2njxnyhljygk5hiltpjdfeub3vjsc7zz6tl4qy","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.608Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ipfs/bafkreiallp55sjjfnqdy2njxnyhljygk5hiltpjdfeub3vjsc7zz6tl4qy HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T05:34:20.987672Z","times_seen":16230898,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uygft-a78s.vercel.app/api/v2/handshake","fqdn":"uygft-a78s.vercel.app","domain":"uygft-a78s.vercel.app","tld":"vercel.app"},"ip":{"addr":"216.198.79.67","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:15.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 09:22:01 GMT","end":"Tue, 26 May 2026 09:22:00 GMT"},"fingerprint":{"sha1":"43:A7:0E:2A:17:34:DC:42:83:88:AE:D6:95:95:09:58:26:71:E6:C5","sha256":"ED:6F:3E:CA:2F:60:5F:3F:0D:72:55:8C:78:B7:4E:0A:E1:37:CD:EE:4D:72:9D:FC:CE:FE:66:8B:2E:C3:13:95"}}},"request":{"raw":"POST /api/v2/handshake HTTP/1.1\r\nHost: uygft-a78s.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/octet-stream\r\nContent-Length: 71\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/octet-stream\r\ndate: Wed, 25 Feb 2026 21:58:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1sSwizGR%2BNlwJA0gs4ttfUSH6kBWACpoqWAG9ztc0j9fqo4nTRkbiWi6P0ynezWNjvJTkty1dZnk%2B4px1tBzjlPKjwosKk%2FgSyUFwGysgw43bxlNt4LPsNmScaHQf5cou%2FXYvzJ6\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin\r\nx-session-id: 17159708d1ebede97022c234e1b1f9d5\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::wkwrr-1772056695646-719438bdb0bb\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":80,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"57b73180b5e6ecaf077d1471590ae9cf","sha1":"6ea2a9952ce06d2810e43689befc3803d43d9a0d","sha256":"7fc571443002a323c64841fded8b49b5a40129ede51c0f144878270a623b8a5c","sha512":"2ec1db6ac5f8bb9eb99a9f5c91271a9fdbbc6b672e6510675aa840fdf322e852a2fdc39aa860a878eea97fc89970e55af28b95e6ef2f5bb31d657d42400d2b78","ssdeep":"","tlshash":"03a024071170c7c0ccc05cf150401ccc1035d735407134351040c344cc004f11071cc7","first_seen":"2026-02-25T21:58:49.525201Z","last_seen":"2026-02-25T21:58:49.525201Z","times_seen":1,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-desktop.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /phantom-bypass1-desktop.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 2031700\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"a22dc9face81ff1665651f1052a0a99f\"\r\nLast-Modified: Fri, 23 Jan 2026 22:55:18 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a7690a9e9a0f0-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":130667,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"de81d7feb28e28319d237b9c1a64fc1b","sha1":"795fe77449dfb72111052338bf0c0cc675a8bbc6","sha256":"255491041fcc68a039571326a5897ddc409274744cdb1c09a85521757a3b2e05","sha512":"49ecca4952b6af00b9cb146648998fbf2d8da22809081f10601b1e00a640ab16a673d60f1b9d2404f48fe471f14ef99991204edffb9c5649042aa05c4d4df05d","ssdeep":"3072:SXBk6tHklM/AY0QXJrL9RruMAYOKfgSAQW/ermyyXSH7:SX42j0QXJrmMAYOKE2myyXu7","tlshash":"36d3120d4a28408069fb1197d6245a2405ab6cdcfbffed230bf48da8d527a18767b34b","first_seen":"2026-02-25T21:58:49.526152Z","last_seen":"2026-02-25T21:58:49.526152Z","times_seen":1,"resource_available":false,"data":null}},"time_used":371,"timings":{"blocked":226,"dns":0,"connect":3,"send":0,"wait":113,"receive":12,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/noir.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /noir.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 25 Feb 2026 13:59:08 GMT\r\nETag: W/\"75ef-19c9518adb8\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30191,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (30191), with no line terminators","md5":"6e9f7635fbbdf03cdebb4081b0a78077","sha1":"17f37d3947971afdd7832bb37d91b890593cd694","sha256":"8d3bb8fa5b66f2fd88d9228f4fcf0dc1ece24d7a3092e798f793e0a3843d173d","sha512":"63a7ae952e8a450d475b7ec0010af6d1a0827784fddee38243d1cf826447f8d58543707d1fc75d64ac7e1885ed8af1a2b71b1e569f6a24c36f33c73884cdba6f","ssdeep":"768:37p4/pGg274TclQPP7GQ5kIP/smN8mZLNgY7BBIipaf0+48AUH:37p4BGg2ETcePjVkIPEChVNgY7BBIipA","tlshash":"c8d22ca7ce8f2e518b745e0823de2ccd092d1b8e68e244cd550aa7c9d68f56704ccaed","first_seen":"2026-02-25T21:58:49.526914Z","last_seen":"2026-02-25T22:29:22.236424Z","times_seen":2,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":67,"dns":1,"connect":44,"send":0,"wait":91,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dns.google/resolve?name=_r.chrome-extension-da0e5-bc.com\u0026type=TXT","fqdn":"dns.google","domain":"dns.google","tld":"google"},"ip":{"addr":"8.8.8.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dns.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:48 GMT","end":"Mon, 20 Apr 2026 08:41:47 GMT"},"fingerprint":{"sha1":"58:4D:E1:0C:42:51:7E:9C:BC:BB:A3:A2:D6:87:E2:BF:29:0B:91:D3","sha256":"14:62:92:57:0C:20:C6:D3:87:73:6D:53:FF:B0:73:36:30:5A:02:CE:BE:1E:C6:7A:1F:C1:EF:68:1A:5A:E4:33"}}},"request":{"raw":"GET /resolve?name=_r.chrome-extension-da0e5-bc.com\u0026type=TXT HTTP/1.1\r\nHost: dns.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/dns-json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nOrigin: https://rugsol.info\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\nexpires: Wed, 25 Feb 2026 21:58:12 GMT\r\ncache-control: private, max-age=60\r\ncontent-type: application/json; charset=UTF-8\r\ncontent-encoding: gzip\r\nserver: HTTP server (unknown)\r\ncontent-length: 197\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":282,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"16ef10c038e8097aee159dd29650dcb6","sha1":"b1ccb51105d4d8b112d837bcffaa9b3ec3f459fc","sha256":"9abdaf2a1fce0b3cb417c59ed3d95456485fb53330c5fb885b97ab6b1b25db20","sha512":"8d0c1585059777973f2802f4a4b48589b737566a50bb61678b3cb9c68bc1e4fe1c24249f54177426d727d25833aa402bb1e5cd471d92abec76155d4ae3fc2399","ssdeep":"","tlshash":"93d0c289908481adb6066794c08b14469f6c22a272acbe599b842e74e6cb291b496257","first_seen":"2026-02-25T20:48:30.850331Z","last_seen":"2026-02-25T22:00:14.503785Z","times_seen":3,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":92,"dns":7,"connect":7,"send":0,"wait":32,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/QmXCMT2EzYFBHmJnbt6DcU6Vza627AESYbWNS2sA7u8aex","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.616Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ipfs/QmXCMT2EzYFBHmJnbt6DcU6Vza627AESYbWNS2sA7u8aex HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T05:34:20.987672Z","times_seen":16230898,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-desktop.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /solflare-bypass1-desktop.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 6028322\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"cf5ac8fca45e5d0409fef8923c179975\"\r\nLast-Modified: Fri, 23 Jan 2026 22:54:30 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a768ee812783d-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":786432,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"13ec753f0f7ac3f2e09cd8fb3d159fd6","sha1":"fb7c640e5ea1b3eb5af719aec31fe04a971c27db","sha256":"69c12f796a581c42a4dfedd57a615fdc0407867c0ab2577507c6afe5320d5b26","sha512":"79c55e8cc4ba19d93751be035f34ffea46704d06b08da0ee65a013c3bb40a7f3295156bc659db38df831457a65d53ed01bb79812b5903f66de13108d99c85e9a","ssdeep":"12288:WKLOlpdbVhOBbi61VlVP30w5qYO8DgLhC9bxl0zY6+wqzta5YpqXl5M0k+3uJH:WKS1/OBbi61/Vvx5qYONFC9VGM60S15M","tlshash":"b4f433f9941e38c2eb42b5617c2f12219dffb09b487f5fe24b40ba6a23dad4443d9458","first_seen":"2026-02-25T03:05:09.960469Z","last_seen":"2026-03-07T02:01:37.469286Z","times_seen":59,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":43,"dns":7,"connect":1,"send":0,"wait":128,"receive":156,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"uygft-a78s.vercel.app/api/v2/binary","fqdn":"uygft-a78s.vercel.app","domain":"uygft-a78s.vercel.app","tld":"vercel.app"},"ip":{"addr":"216.198.79.67","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 09:22:01 GMT","end":"Tue, 26 May 2026 09:22:00 GMT"},"fingerprint":{"sha1":"43:A7:0E:2A:17:34:DC:42:83:88:AE:D6:95:95:09:58:26:71:E6:C5","sha256":"ED:6F:3E:CA:2F:60:5F:3F:0D:72:55:8C:78:B7:4E:0A:E1:37:CD:EE:4D:72:9D:FC:CE:FE:66:8B:2E:C3:13:95"}}},"request":{"raw":"POST /api/v2/binary HTTP/1.1\r\nHost: uygft-a78s.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/octet-stream\r\nX-Session-Id: 17159708d1ebede97022c234e1b1f9d5\r\nX-Config-Id: 6991ac01928eb20ac9bc2dde\r\nContent-Length: 111\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/octet-stream\r\ndate: Wed, 25 Feb 2026 21:58:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RLOXnCpIcHwaXmadWa%2BD4JElne8d7OygNoYFnEbQZVf3i4VaSdDF6hmJEr1s68PMW%2BG9S8ppFP5uuh8nVwZiH8cXec2JL75NtiKUQSvV23ZukVXlIzoqkgyUumNMny%2Fg67P7dg%3D%3D\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::x6f96-1772056696162-4f45bd14721d\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":111,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"ad9d58c7c3c9e369a1d7d908db83c05c","sha1":"c0c9f18965dbe7f3564894f81e038113ae638a02","sha256":"3a3cbc1e7b18100450034c19b92fc527e2d05a0fd1e3890ff64ca4371b77060e","sha512":"3edda74b6ba619a139965990b1c12170f826abdacb48cde7e4f630935cec27fdc560c305c7ed5109d46b0e5a34ae09e4f0465a5717a5be6480cb37c99196705a","ssdeep":"","tlshash":"74b0120063100445f000a771012c0558a251f5a041e932d1224c04c55c1c8211f63915","first_seen":"2026-02-25T21:58:49.528524Z","last_seen":"2026-02-25T21:58:49.528524Z","times_seen":1,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/bafybeiabwi75qdakq3opautnnnrnpuc5ndsjuz6rfpni7bkfmfixpoodhi","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 15:03:23 GMT","end":"Mon, 27 Apr 2026 16:03:19 GMT"},"fingerprint":{"sha1":"16:37:D6:0A:78:51:EB:99:5C:91:AE:A9:51:6B:28:6E:E2:74:CC:C8","sha256":"2B:72:87:59:6F:16:53:27:D3:92:29:A0:D2:F3:41:50:18:E7:CE:AA:72:5B:28:68:38:95:22:6D:75:0B:0D:35"}}},"request":{"raw":"GET /ipfs/bafybeiabwi75qdakq3opautnnnrnpuc5ndsjuz6rfpni7bkfmfixpoodhi HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 1864268\r\nserver: cloudflare\r\ncf-ray: 9d3a76797b808deb-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 121497\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"bafybeiabwi75qdakq3opautnnnrnpuc5ndsjuz6rfpni7bkfmfixpoodhi\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/bafybeiabwi75qdakq3opautnnnrnpuc5ndsjuz6rfpni7bkfmfixpoodhi\r\nx-ipfs-pop: rainbow-rbx-16-102\r\nx-ipfs-roots: bafybeiabwi75qdakq3opautnnnrnpuc5ndsjuz6rfpni7bkfmfixpoodhi\r\nx-robots-tag: noindex, nofollow\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1864268,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced","md5":"83cbfd2c236e3ee62e1dbd5736edc7d6","sha1":"da8a9534f3505f421efa9cde447db67038073472","sha256":"d891c204b7a3b744d391ae8fcdb4d0f58bc20150b68355f2cba14ea662efe947","sha512":"a2cad5ae7aa4693b9ef0ecb1144f47b1f9292bc4cbb4f6d19efa3c881f87c86e547d4f51fd64fa9391f91ba020f556727200545b5a74785bfd1cbea76448303e","ssdeep":"24576:EKQEF0Qt4/mAeFl/Rpw/t1clSMv+6DY8K/z5:9BF0GQmKtObvlDv4d","tlshash":"b8252336e2acc8e1f26383975863a4f744533561daf40db2bcfddad8ca8c53a58e1191","first_seen":"2026-02-25T21:58:49.529464Z","last_seen":"2026-02-25T22:29:22.302615Z","times_seen":2,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":55,"dns":1,"connect":2,"send":0,"wait":36,"receive":170,"ssl":60},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/bafybeifxsnlj2dg4g6ii2s3ohn2vygm2onykxt4pdwdp6xzfqiwgyn7pay","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 15:03:23 GMT","end":"Mon, 27 Apr 2026 16:03:19 GMT"},"fingerprint":{"sha1":"16:37:D6:0A:78:51:EB:99:5C:91:AE:A9:51:6B:28:6E:E2:74:CC:C8","sha256":"2B:72:87:59:6F:16:53:27:D3:92:29:A0:D2:F3:41:50:18:E7:CE:AA:72:5B:28:68:38:95:22:6D:75:0B:0D:35"}}},"request":{"raw":"GET /ipfs/bafybeifxsnlj2dg4g6ii2s3ohn2vygm2onykxt4pdwdp6xzfqiwgyn7pay HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 402672\r\nserver: cloudflare\r\ncf-ray: 9d3a7679ac598deb-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 320076\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"bafybeifxsnlj2dg4g6ii2s3ohn2vygm2onykxt4pdwdp6xzfqiwgyn7pay\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/bafybeifxsnlj2dg4g6ii2s3ohn2vygm2onykxt4pdwdp6xzfqiwgyn7pay\r\nx-ipfs-pop: rainbow-rbx-247-80\r\nx-ipfs-roots: bafybeifxsnlj2dg4g6ii2s3ohn2vygm2onykxt4pdwdp6xzfqiwgyn7pay\r\nx-robots-tag: noindex, nofollow\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":402672,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 600, 8-bit/color RGB, non-interlaced","md5":"4863d80de214d85da6a2ef05cb38d765","sha1":"2a060976ef1b6da1f6362dd0d49a67eef5767061","sha256":"df446433f08f28e3daa9ba70ea951f3181f3119cba4ad7d85712e1e5e90b0d6d","sha512":"982288953866ba11eb712b550456ec5487511c67ae906ca0dd887c78a1550dbfca2ac6abbc19236b86086148041285fec6fa26da5c9f286ad202586db2f030ce","ssdeep":"12288:51FyN1SEw7yW99J3tKw4+aPdPAyHZYs5FU:51iKeanYd9HI","tlshash":"688423db521d43f2895b66f685b8202ba711fdba9fb812dc0163219f2c8b5cf8460f4d","first_seen":"2026-02-25T21:58:49.530305Z","last_seen":"2026-02-25T22:29:22.277175Z","times_seen":2,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":73,"dns":15,"connect":16,"send":0,"wait":58,"receive":17,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/media/caa3a2e1cccd8315-s.p.853070df.woff2","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/media/caa3a2e1cccd8315-s.p.853070df.woff2 HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 28388\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"6ee4-19c951947bf\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28388,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28388, version 1.0","md5":"18bae71b1e1b2bb25321090a3b563103","sha1":"a636827d1fb47f9fddf94d55ed8f25e85155d1ea","sha256":"a29f900a6d603e989449327956e7ac61ea3e6b26ca7426f64e7cccf2cd4aed37","sha512":"e6560e1f68d236883884afa1fa4c2de5ddd6c75e69ddf1057c97f525015aa4306a14fb56c1526141bf2067d24b2ca72ea78e0e518b2bcbaf162056ee4a2b327a","ssdeep":"768:KD+2Y2za0bgeumM+doeWITKGOgUT3CbeZq:KDFzfKJ+SHIGGOh3CbeZq","tlshash":"9dd2e1a0bb98461d35fe1ba096ed42bf4a1d7f4ded7c1a65093b2b80174d4df20d8c68","first_seen":"2025-09-14T11:55:19.751418Z","last_seen":"2026-06-08T03:30:59.936954Z","times_seen":22670,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":82,"dns":0,"connect":42,"send":0,"wait":90,"receive":18,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/2473c16c0c2f6b5f.css","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/2473c16c0c2f6b5f.css HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: text/css; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"950-19c951947b1\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2384,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"CSV ASCII text","md5":"e3afb44681da074e86b3efbea758c8d0","sha1":"ae9d03e6a3be8417f581d8d60f2d70545aae139b","sha256":"c86896a5b21900af92780bf0a7d68a4ea3fe452111a694b9b157f2b2bb1ce305","sha512":"45a9283e5f86f84a2382222cc09d541b1d0382774a8741a7e1e14de8dd2900407b467f4991d545ac3ef206161eb664bf3889eb40e8b950b13db910779323edca","ssdeep":"","tlshash":"b341c130842fa50ad6e78c6330cf7eb32419a4258aae1667996d1e784deb57f13e0724","first_seen":"2025-09-20T00:53:54.718949Z","last_seen":"2026-06-07T01:02:54.612314Z","times_seen":988,"resource_available":false,"data":null}},"time_used":461,"timings":{"blocked":83,"dns":0,"connect":47,"send":0,"wait":284,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/noir.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /noir.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:12 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 25 Feb 2026 13:59:08 GMT\r\nETag: W/\"75ef-19c9518adb8\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":30191,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (30191), with no line terminators","md5":"6e9f7635fbbdf03cdebb4081b0a78077","sha1":"17f37d3947971afdd7832bb37d91b890593cd694","sha256":"8d3bb8fa5b66f2fd88d9228f4fcf0dc1ece24d7a3092e798f793e0a3843d173d","sha512":"63a7ae952e8a450d475b7ec0010af6d1a0827784fddee38243d1cf826447f8d58543707d1fc75d64ac7e1885ed8af1a2b71b1e569f6a24c36f33c73884cdba6f","ssdeep":"768:37p4/pGg274TclQPP7GQ5kIP/smN8mZLNgY7BBIipaf0+48AUH:37p4BGg2ETcePjVkIPEChVNgY7BBIipA","tlshash":"c8d22ca7ce8f2e518b745e0823de2ccd092d1b8e68e244cd550aa7c9d68f56704ccaed","first_seen":"2026-02-25T21:58:49.526914Z","last_seen":"2026-02-25T22:29:22.236424Z","times_seen":2,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/scan/7tNviT7hyPL8ZBxd68rMZ12TMDyUXmeSpHQruzLepump?_rsc=1r34m","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /scan/7tNviT7hyPL8ZBxd68rMZ12TMDyUXmeSpHQruzLepump?_rsc=1r34m HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_tree\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:12 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nCache-Control: private, no-cache, no-store, max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":379,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (378)","md5":"87e0a6a49a24d7bd62c314ca044461c1","sha1":"ff3048d6f7eddb0d7a6b3219ebf8cdcf6e6ccf2c","sha256":"3770f059702e662c230d2a709952f11a6ef1d94dc776535ac721d0eb9d25a5ae","sha512":"efc16451737b441dcd779d626a7dc2236e408920efc9ae529c8f587339c4dc13ac827499557fcfda8838630a551be796a5a0b1f5839f1c0f286b57d639afa60b","ssdeep":"","tlshash":"ece0e5271d0e64b71abf21e4852e9a1619d9cd7b239829f0c0941c1f3b7232293cf686","first_seen":"2026-02-25T21:58:49.532711Z","last_seen":"2026-02-25T22:29:22.280411Z","times_seen":2,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/scan/7tNviT7hyPL8ZBxd68rMZ12TMDyUXmeSpHQruzLepump?_rsc=p37cr","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /scan/7tNviT7hyPL8ZBxd68rMZ12TMDyUXmeSpHQruzLepump?_rsc=p37cr HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%7D%2Cnull%2C%22metadata-only%22%5D\r\nnext-url: /\r\nnext-router-prefetch: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nCache-Control: private, no-cache, no-store, max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3268,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (2267)","md5":"a857fb1570bd81fe9ffeb3eff761fb0d","sha1":"19b5fbc9ef53825decf43003a83bcc9b1a216991","sha256":"3a5de6b7e91bc171b5551de047d93b1df1c096c9c5f4bdf9a56dc21dfc4071d0","sha512":"ad08accc140a569be3cf0e314d8179507e51f15cd659ef92abb5fcb073a91dabdd296eba5d979df6d07a43bee4869a252d05b73a9da4a16ae171fab06de4017d","ssdeep":"","tlshash":"8661f13eee11ec2bbec7898d144fb209729e53bb9f2829a6d48c8d1c02e57565f42350","first_seen":"2026-02-25T21:58:49.533426Z","last_seen":"2026-02-25T21:58:49.533426Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/scan/EXrBNZPC9z8pGgTJFPLRJqvEVoqaPteQMkSgRQfWpump?_rsc=p37cr","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /scan/EXrBNZPC9z8pGgTJFPLRJqvEVoqaPteQMkSgRQfWpump?_rsc=p37cr HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%7D%2Cnull%2C%22metadata-only%22%5D\r\nnext-url: /\r\nnext-router-prefetch: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nCache-Control: private, no-cache, no-store, max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3447,"size_decoded":0,"mime_type":"text/x-component","magic":"Unicode text, UTF-8 text, with very long lines (2376)","md5":"8f7397b58d939fe12296064f503425c7","sha1":"98ce86c1937ab90c6f787758a6c3c7f67742f5b3","sha256":"2d7935669da5f784d23f0ad7e3e7c8025540c6ee1fff7b2dd38f98769b680f4d","sha512":"2fdea0eb9ae2d0104e94244f3dec09281e0f644e21368b05d9514493ff3de8b16fa8da3cbc5e71eeead926f16617116ceebb8760936872d8d1466d91a2d7920f","ssdeep":"","tlshash":"d561423ee601ec29ff9b8849188fb219668f537b9fa028b1d58ccc1c03c566f5d423a1","first_seen":"2026-02-25T21:58:49.534275Z","last_seen":"2026-02-25T21:58:49.534275Z","times_seen":1,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/about?_rsc=uudir","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /about?_rsc=uudir HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /about\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1\r\nx-nextjs-postponed: 2\r\nCache-Control: s-maxage=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":432,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"93f780575da0af0e22cdaa40daa4704e","sha1":"ba0d023b075a2d7b03b702666f33aef98769d2c4","sha256":"0ca3c281fda55eb44c40a2059937e11061e03ee3f09b44819bbba574d2ab2a46","sha512":"44c9fe0e17381534c0af2c83fb188eaa05841ca450a162e07c5e6d65c4563e0db5db331640c00e1cddbc4ea0634e9a33062c25daf704010aff81fbb968139e6e","ssdeep":"","tlshash":"d6e0227ae50eec363e76cc0c401e532b126e883f563069b4d2aecd9c43a553a078a6a0","first_seen":"2026-02-25T21:58:49.535088Z","last_seen":"2026-02-25T22:29:22.202271Z","times_seen":2,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uygft-a78s.vercel.app/api/v2/binary","fqdn":"uygft-a78s.vercel.app","domain":"uygft-a78s.vercel.app","tld":"vercel.app"},"ip":{"addr":"216.198.79.67","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:15.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 09:22:01 GMT","end":"Tue, 26 May 2026 09:22:00 GMT"},"fingerprint":{"sha1":"43:A7:0E:2A:17:34:DC:42:83:88:AE:D6:95:95:09:58:26:71:E6:C5","sha256":"ED:6F:3E:CA:2F:60:5F:3F:0D:72:55:8C:78:B7:4E:0A:E1:37:CD:EE:4D:72:9D:FC:CE:FE:66:8B:2E:C3:13:95"}}},"request":{"raw":"POST /api/v2/binary HTTP/1.1\r\nHost: uygft-a78s.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/octet-stream\r\nX-Session-Id: 355325be1d758b70b4b0a4057f585242\r\nX-Config-Id: 6991ac01928eb20ac9bc2dde\r\nContent-Length: 99\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/octet-stream\r\ndate: Wed, 25 Feb 2026 21:58:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zJhaHJyWgOuXRIqnYQtqkgUKcPgqxl0hQ33thUDdPLY6pfpdPe6tq5xvJBLsaDk1URbyUx2bUwrfgaoV7vog7nPSZdXaySCAoXsDGYZpvcgz72K2g1W3g4jGYPIkOTP3N0myIxH0\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin,Accept-Encoding\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::xfbs6-1772056695950-7dd5fb5e6c18\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":995,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"18cd31d7fc61fb53ecc4c618b5ef26e4","sha1":"d8a157ada21be92ea6b685cc848c702687632117","sha256":"73003a5f2cfa46e3684a3b9b4126c6c5c5e755d67df2f3abfc54c8d4b0d32744","sha512":"d336c4d1cbe2a9094fbfe3366c9d8dd615da1532fd2825bdfe406e14e8b4257276991d231649741142a1cc8a48da07742dbc2a2552451109e3312881f1ee1e01","ssdeep":"","tlshash":"73116872846dc755f61e95ff9838f7664811043ad12524981b5773710d066cb4d7b20d","first_seen":"2026-02-25T21:58:49.536073Z","last_seen":"2026-02-25T21:58:49.536073Z","times_seen":1,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/turbopack-3f4cb02358931700.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/turbopack-3f4cb02358931700.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"27f8-19c95194791\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10232,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6402)","md5":"a2c92a6d51aa0933ceae3d9107b771ba","sha1":"5b28586270d83dce6ca8cd9574e3e6efa86d4d1f","sha256":"e155e58ad08c7c27a60703de67e48c525c70d889329d77c1bb02cc7249db654f","sha512":"0b971bac99edbfca74a8bdcfa1d33c1a7cccc22b241efa746cb01f29e20cd973792866e3c30c318031c0e912eb57b0ac8cd665c2b345d59e94ea19360bdc43b7","ssdeep":"192:674eFn8/Esp1U91EG5T1uCO9ledFMhMJg4W9PZcxkUk1IsS:674e2OvO9len6JZZQl","tlshash":"8e22d6da37a6f07743afa4e6907f4044f17954a8141d581c93aca8fb383946e49e3f27","first_seen":"2026-02-25T21:58:49.536932Z","last_seen":"2026-04-29T15:31:57.736993Z","times_seen":4,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":165,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/api/stats","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /api/stats HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:12 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":76,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"851ec6fcc9659813b6dccf4b3ae5215b","sha1":"b8faa32543a45fb44dd1a503a8a4164f0c39b057","sha256":"3caaeaaba553c9cbc602c94df64afde07c8f6482930c3bc5154d58e2f8df284d","sha512":"d7eb9b4ec26015a12627fd23969ed658089b55bc02e9bc247746c29cefe19daf84a4498d634d188cce7229b781ae94969892920fecf5089dbdb38471c7747e5a","ssdeep":"","tlshash":"a0a01213310420f2541ad0c36234261241f020b305101144a0dcd100448000ea50154b","first_seen":"2026-02-25T21:58:49.537771Z","last_seen":"2026-02-25T22:29:22.271846Z","times_seen":2,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/QmPzmcQLe53t8NtNaZsWhwXZWDsFK1NYwzC2qCR5NQkghY","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 15:03:23 GMT","end":"Mon, 27 Apr 2026 16:03:19 GMT"},"fingerprint":{"sha1":"16:37:D6:0A:78:51:EB:99:5C:91:AE:A9:51:6B:28:6E:E2:74:CC:C8","sha256":"2B:72:87:59:6F:16:53:27:D3:92:29:A0:D2:F3:41:50:18:E7:CE:AA:72:5B:28:68:38:95:22:6D:75:0B:0D:35"}}},"request":{"raw":"GET /ipfs/QmPzmcQLe53t8NtNaZsWhwXZWDsFK1NYwzC2qCR5NQkghY HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 102580\r\nserver: cloudflare\r\ncf-ray: 9d3a7679ac3f8deb-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 1064007\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"QmPzmcQLe53t8NtNaZsWhwXZWDsFK1NYwzC2qCR5NQkghY\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/QmPzmcQLe53t8NtNaZsWhwXZWDsFK1NYwzC2qCR5NQkghY\r\nx-ipfs-pop: rainbow-am6-03\r\nx-ipfs-roots: QmPzmcQLe53t8NtNaZsWhwXZWDsFK1NYwzC2qCR5NQkghY\r\nx-robots-tag: noindex, nofollow\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":102580,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 1024x1024, components 3","md5":"6b4e69ae5f21865e60d3534370d21a33","sha1":"a129dbb284a874d604f1e9551640ecc604aa613e","sha256":"ab40c66fcae3569f2af7079e2bca379188590457b343af6518ab8de1467568c5","sha512":"8bb606f63574112dd0280eae30e910489552f5bea34c7a491de279bc2612049c6eddda4ed23a1af74f4df8ba06a916f8eed796d71e89dc73054544d67222919f","ssdeep":"3072:QCkx595f9y2/+k6rvSTmZjgGmUZ/xgv2pV6IeSFF:QCI5XFdvr6ZUGjHVHeiF","tlshash":"b2a3bf678a449383a60c1361dc430d8e6fb17b3ca8d56aee08631ed7bbd6b35884f41d","first_seen":"2026-02-25T21:58:49.538926Z","last_seen":"2026-02-25T22:29:22.28323Z","times_seen":2,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":70,"dns":15,"connect":16,"send":0,"wait":64,"receive":4,"ssl":36},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"desperate-moccasin-minnow.myfilebase.com/ipfs/Qmb5JxsyMuP7V1d7Vq5dc8PmcT17ohPBm1M345U4kvQkeV","fqdn":"desperate-moccasin-minnow.myfilebase.com","domain":"myfilebase.com","tld":"com"},"ip":{"addr":"57.129.37.40","port":443,"asn":16276,"as":"OVH SAS","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"myfilebase.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 11:56:29 GMT","end":"Sun, 10 May 2026 11:56:28 GMT"},"fingerprint":{"sha1":"EB:50:E7:35:FC:83:4D:BB:3E:C1:E5:68:76:A3:F5:D6:69:67:64:BD","sha256":"55:C8:40:46:45:E7:B3:3B:74:C4:B6:AE:3B:31:1D:47:31:9D:68:2A:9A:53:4B:04:58:14:44:F4:AC:4E:CF:6D"}}},"request":{"raw":"GET /ipfs/Qmb5JxsyMuP7V1d7Vq5dc8PmcT17ohPBm1M345U4kvQkeV HTTP/1.1\r\nHost: desperate-moccasin-minnow.myfilebase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 18086\r\nx-filebase-pop: lim3\r\nx-filebase-request-id: 87b866995694a68040112a03552b090d\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"Qmb5JxsyMuP7V1d7Vq5dc8PmcT17ohPBm1M345U4kvQkeV\"\r\nx-ipfs-path: /ipfs/Qmb5JxsyMuP7V1d7Vq5dc8PmcT17ohPBm1M345U4kvQkeV\r\nx-ipfs-roots: Qmb5JxsyMuP7V1d7Vq5dc8PmcT17ohPBm1M345U4kvQkeV\r\nx-filebase-cache: HIT\r\nserver: Filebase\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\naccess-control-max-age: 1728000\r\nx-filebase-edge-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":18086,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x292, components 3","md5":"08ca5e5f0aec3e270836c25988283682","sha1":"b36cc8b53671c8e81184e751196ecc9ab2f1f92f","sha256":"48aa59902885bf0a2c589cda37ad4eceef5db929157e21b021b2d0d253c0e6f4","sha512":"4f7061145190fec05688c80f2f7e365f71a86161666f6a50633225cda121b37cf6a4a354110e335a4a17402007331d605523e18de0db5d93df3bf96e3d163ddc","ssdeep":"384:9wOGQg0P+sosuvXUBCd+5BaW22ogNpi9ylKOEF+9ryMkr3yX4fneWVmVi:COLg0WsuPUBCd+5xpi4lPDX4feWVmVi","tlshash":"b082e01037b44a29e25e4931a61b77749955f763cbd736808bc0e1ec17189a4eb232fb","first_seen":"2026-02-25T21:58:49.539776Z","last_seen":"2026-02-25T22:29:22.264549Z","times_seen":2,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":36,"dns":6,"connect":50,"send":0,"wait":95,"receive":4,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/scan/AVF9F4C4j8b1Kh4BmNHqybDaHgnZpJ7W7yLvL7hUpump?_rsc=p37cr","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /scan/AVF9F4C4j8b1Kh4BmNHqybDaHgnZpJ7W7yLvL7hUpump?_rsc=p37cr HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%7D%2Cnull%2C%22metadata-only%22%5D\r\nnext-url: /\r\nnext-router-prefetch: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nCache-Control: private, no-cache, no-store, max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3168,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (2167)","md5":"ff794260ef78c820083a8f0bcd189f56","sha1":"956dc8ac3ccfa338bd6eaece9b3ad7b3f7c5ab5f","sha256":"0648f7218c86f44a5712b9f7473731b073498e334d218ce50add0805d3ec6e61","sha512":"d325a2b24f1b2208dcbf8fcb1c7b5185bfe2966c0159ca77e0e8a7bf06aca21982ed74620ae0d78ffc37b991d216d9617cc828ee7f6da379d1b9af215abb1a3b","ssdeep":"","tlshash":"bf512f3eed02fc2a6ecb8849146fb30f768ea3bb9b64a575c1cc8c0c16d66561e42351","first_seen":"2026-02-25T21:58:49.54062Z","last_seen":"2026-02-25T21:58:49.54062Z","times_seen":1,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uygft-a78s.vercel.app/api/v2/handshake","fqdn":"uygft-a78s.vercel.app","domain":"uygft-a78s.vercel.app","tld":"vercel.app"},"ip":{"addr":"216.198.79.67","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:15.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 09:22:01 GMT","end":"Tue, 26 May 2026 09:22:00 GMT"},"fingerprint":{"sha1":"43:A7:0E:2A:17:34:DC:42:83:88:AE:D6:95:95:09:58:26:71:E6:C5","sha256":"ED:6F:3E:CA:2F:60:5F:3F:0D:72:55:8C:78:B7:4E:0A:E1:37:CD:EE:4D:72:9D:FC:CE:FE:66:8B:2E:C3:13:95"}}},"request":{"raw":"POST /api/v2/handshake HTTP/1.1\r\nHost: uygft-a78s.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/octet-stream\r\nContent-Length: 71\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/octet-stream\r\ndate: Wed, 25 Feb 2026 21:58:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uEDpe7AUwiFClri4%2BQYNFdr6EbFra00i6eR8f8hIvGMvqTFvn42aGEq3L3eqdA9jiBcpQ7Yl%2FQihK5xAG8S%2BPJRwtBeWVpSsyWcXs4rP5rDI07GVuHga95G2Y4v7Zs4SYuSihUJt\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin\r\nx-session-id: 355325be1d758b70b4b0a4057f585242\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::xfbs6-1772056695544-d72bd66a32af\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"0e0f8ab30f9da221c25dc73a13d0f8e1","sha1":"537e2a7b5cff8ed84a4fd2128dce38f1c3fa0715","sha256":"7c1b82ff5da5a7600b152819862283aa480581ebe9294d4a706b2e060b39e162","sha512":"6543d420693f6030e49689f4032f2844ac1651d321e988ff4094e53486fda20e7c84e2e92c32276f8821f917adba7edad934fe3d567de24c54fc9719c9ff1719","ssdeep":"","tlshash":"55a0123300245443c3828354510186d404778002eff3080452409c100464305244e400","first_seen":"2026-02-25T21:58:49.541428Z","last_seen":"2026-02-25T21:58:49.541428Z","times_seen":1,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uygft-a78s.vercel.app/api/v2/binary","fqdn":"uygft-a78s.vercel.app","domain":"uygft-a78s.vercel.app","tld":"vercel.app"},"ip":{"addr":"216.198.79.67","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 09:22:01 GMT","end":"Tue, 26 May 2026 09:22:00 GMT"},"fingerprint":{"sha1":"43:A7:0E:2A:17:34:DC:42:83:88:AE:D6:95:95:09:58:26:71:E6:C5","sha256":"ED:6F:3E:CA:2F:60:5F:3F:0D:72:55:8C:78:B7:4E:0A:E1:37:CD:EE:4D:72:9D:FC:CE:FE:66:8B:2E:C3:13:95"}}},"request":{"raw":"POST /api/v2/binary HTTP/1.1\r\nHost: uygft-a78s.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/octet-stream\r\nX-Session-Id: 355325be1d758b70b4b0a4057f585242\r\nX-Config-Id: 6991ac01928eb20ac9bc2dde\r\nContent-Length: 99\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/octet-stream\r\ndate: Wed, 25 Feb 2026 21:58:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AUCaGnvBtfQSVpt1nDiStKKWU6kHWuuwzg7DWyuNT%2FO6HOmDJxB928PvbFnsuIMqhFzKWJui%2FkpypjdMEFLiptWz%2BkhfWdu5TIk5v4lzJ5QJAMIx6nMpye%2BpBq7vPz48jmojRA%3D%3D\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::xfbs6-1772056696073-f7f8cf00bedb\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":99,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"993d70df5cb6c42c06b700cc59210c3c","sha1":"9ffb673de3916f906b116a14a37aa97dc667845d","sha256":"c23e98f5fbd5ffbeb2917cfe9f974e5a40cbd2c6b657e1aaba37fb9d6f20b94e","sha512":"cd632f5d8cc5cf8529688dafe12e6299981e3d5f0bc318f65a66389c57e992926f417a4df5177060116bf17627a14916eeb4fbd72bc15e9015f21fb7ab62d16a","ssdeep":"","tlshash":"69b01240c50d4c98c1a009f640b4124c3a109054014b03100e296847780724a26c1090","first_seen":"2026-02-25T21:58:49.542951Z","last_seen":"2026-02-25T21:58:49.542951Z","times_seen":1,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-desktop.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /solflare-bypass2-desktop.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 8319275\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"ffdbd9550fb16af66a8cf7717da03833\"\r\nLast-Modified: Fri, 23 Jan 2026 22:06:40 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a76902f825ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":98304,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"6c97a03777e3bdf67e8b079c8c09671e","sha1":"d8b6e47e996b426c46000430ac78dcd14f2382ea","sha256":"48cbdee105384b3cd7f10fbc1b960cdee3c810124db9ac81417df69be8f78fdb","sha512":"a976b19a1ea4b2eeb78e7f42e87108ee8b77d06eb06a8c9eba1097dca0e8d84b825e99f6855a24a8a041f5586440ca7daa914b10d4aeec0e26bb420791a8724d","ssdeep":"1536:Ttz9fYIkFr7zUR+em1WBIIuefEUJyOA0onplEdGhIv52SKQZHoS6hbRooWIWRp:bf5Iz++emEBeefEU69n8DMeI7bRooWIE","tlshash":"95a312d7f07ae70dee5024f43a4e9a853ed3133db8b92c2256c1d819af838169f0c650","first_seen":"2026-02-25T03:10:01.079271Z","last_seen":"2026-03-07T00:54:55.565772Z","times_seen":6,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":173,"dns":2,"connect":6,"send":0,"wait":135,"receive":6,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/scan/DpTGPZ3hokS2nZix1eHFgmvwCyhXceM74gAN85Aac7tp?_rsc=1r34m","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /scan/DpTGPZ3hokS2nZix1eHFgmvwCyhXceM74gAN85Aac7tp?_rsc=1r34m HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_tree\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nCache-Control: private, no-cache, no-store, max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":379,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (378)","md5":"4e4df211adb3be081b82a9117667b924","sha1":"81092c853e2a0bf79d17feea0ad06341b6c3e647","sha256":"73881687bcbef65051c97be6c3be405a4d44c02f86257b7a8a76e3c7b35cbd3f","sha512":"2530ef930d8c5ff0052d355cd7c384f3e4bc4fc316b406822ba0bfee82ad698815e26d9976bc32c97e4f57017f59f421f6063987158ed7f67f9af69f29be2bca","ssdeep":"","tlshash":"07e01a276d0e19b34abf20f4842d550619d9cd7b279820f0d0941c1f3f7236293cf596","first_seen":"2026-02-25T21:58:49.545309Z","last_seen":"2026-02-25T22:29:22.266473Z","times_seen":2,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uygft-a78s.vercel.app/api/v2/binary","fqdn":"uygft-a78s.vercel.app","domain":"uygft-a78s.vercel.app","tld":"vercel.app"},"ip":{"addr":"216.198.79.67","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:15.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 09:22:01 GMT","end":"Tue, 26 May 2026 09:22:00 GMT"},"fingerprint":{"sha1":"43:A7:0E:2A:17:34:DC:42:83:88:AE:D6:95:95:09:58:26:71:E6:C5","sha256":"ED:6F:3E:CA:2F:60:5F:3F:0D:72:55:8C:78:B7:4E:0A:E1:37:CD:EE:4D:72:9D:FC:CE:FE:66:8B:2E:C3:13:95"}}},"request":{"raw":"POST /api/v2/binary HTTP/1.1\r\nHost: uygft-a78s.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/octet-stream\r\nX-Session-Id: 17159708d1ebede97022c234e1b1f9d5\r\nX-Config-Id: 6991ac01928eb20ac9bc2dde\r\nContent-Length: 111\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/octet-stream\r\ndate: Wed, 25 Feb 2026 21:58:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d45ePVnF0SWlmUc5nWcwz%2BPFHBVCK0IyMMcYSgR13%2BZJxFC%2FFdIDvKrZAF2lID%2BEPpBCpHUMaSBohVYsUPoZ1sWZlKYU3PfwuXzw2ErEQW%2Fb6ehgV0HR6OAb6RTvakUDor%2FpZRWk\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin,Accept-Encoding\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::x6f96-1772056695954-ff6cd524acff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1007,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"da09a9f33bc4c0dc8d4c3d6516b283b2","sha1":"f4cbdfa9b589544d8439efe2cc8c38539d88c008","sha256":"ebcdb02f7efcd492427531ba956d43291b0d9d903bfce0cabc291a5c155f9838","sha512":"df959732aeebb73d180282fcadb66e665c2ee7106bb9fed14baf3453cda65f9112640fb40205466eda0bbf52b51e3afc394d32715cf65f745e651da9c985a351","ssdeep":"","tlshash":"be11a12e8b927ea4dbcb137b9de96e0fe6481c6d6235509014332d899c13d8c606e769","first_seen":"2026-02-25T21:58:49.546546Z","last_seen":"2026-02-25T21:58:49.546546Z","times_seen":1,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/_next/static/chunks/69be39811437728d.js","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /_next/static/chunks/69be39811437728d.js HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=31536000, immutable\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 25 Feb 2026 13:59:47 GMT\r\nETag: W/\"368de-19c951947ac\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":223454,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4bc3cd8e5f29ceb4c93752a073d603e2","sha1":"5a62d02d9a03e6d267c3dc4505e5a4f6c9ad488b","sha256":"f663b5ba725d2101e855f7f1147dfe83f09023e13149bdbb8df54883b4337683","sha512":"0f2d37d2d519486b22e1956275ebbe774a99c3e473acf404f425a02b2bee389afea8d8b422b8d11421d77465dcfa59223da4045373a7574c2e3ca2f882a73c75","ssdeep":"3072:xVXL5l5cSSScmfJPyGoi8xP3ciNgZTjymL6ZXtJ967+3N:xVXL53cSSScmfPZZnfSXtJ967+3N","tlshash":"43241be83995f6626eb302a710af1803733c252b280d4d60a251fdddb57845eb17bf9e","first_seen":"2026-01-29T17:46:44.484393Z","last_seen":"2026-06-08T02:24:31.538256Z","times_seen":1221,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":145,"dns":0,"connect":0,"send":0,"wait":23,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/favicon.ico?favicon.0b3bf435.ico","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:11.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /favicon.ico?favicon.0b3bf435.ico HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:11 GMT\r\nContent-Type: image/x-icon\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-nextjs-cache: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25931,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"c30c7d42707a47a3f4591831641e50dc","sha1":"9ecfcc8f0ead0bf3d2d7c39e084b88f41cc89a2e","sha256":"2b8ad2d33455a8f736fc3a8ebf8f0bdea8848ad4c0db48a2833bd0f9cd775932","sha512":"7053e0f76e92179fb5154e2665d81897736bdcc22b002b0a3f8e212f27ef80f56224adaa09972848a20c66b064d16eafa732140461071ad70b6193c33dd517e0","ssdeep":"384:ryveIpvjGAUdJ/RN0d2q3OTirIDpXofYPj68Xg5RNy7yyTLb4v0:bIAJdhwYqZ8pYYPjSy7j3j","tlshash":"11c28e9b2b7e2015c908257641aeddfb011b5d4b28b4a20025fa3eb7b4b3735091fa7f","first_seen":"2023-04-30T22:57:19Z","last_seen":"2026-06-08T05:44:25.41929Z","times_seen":25449,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/api-docs?_rsc=gjxk4","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /api-docs?_rsc=gjxk4 HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /api-docs\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:12 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1\r\nx-nextjs-postponed: 2\r\nCache-Control: s-maxage=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":432,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"93f780575da0af0e22cdaa40daa4704e","sha1":"ba0d023b075a2d7b03b702666f33aef98769d2c4","sha256":"0ca3c281fda55eb44c40a2059937e11061e03ee3f09b44819bbba574d2ab2a46","sha512":"44c9fe0e17381534c0af2c83fb188eaa05841ca450a162e07c5e6d65c4563e0db5db331640c00e1cddbc4ea0634e9a33062c25daf704010aff81fbb968139e6e","ssdeep":"","tlshash":"d6e0227ae50eec363e76cc0c401e532b126e883f563069b4d2aecd9c43a553a078a6a0","first_seen":"2026-02-25T21:58:49.535088Z","last_seen":"2026-02-25T22:29:22.202271Z","times_seen":2,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/bafybeiabwi75qdakq3opautnnnrnpuc5ndsjuz6rfpni7bkfmfixpoodhi","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.590Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ipfs/bafybeiabwi75qdakq3opautnnnrnpuc5ndsjuz6rfpni7bkfmfixpoodhi HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T05:34:20.987672Z","times_seen":16230898,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"axiomtrading.sfo3.cdn.digitaloceanspaces.com/36N9f7k6LcGNwL4Ty4zExHPw13BoTBtqNjvGJSt1pump.webp","fqdn":"axiomtrading.sfo3.cdn.digitaloceanspaces.com","domain":"sfo3.cdn.digitaloceanspaces.com","tld":"cdn.digitaloceanspaces.com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.603Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /36N9f7k6LcGNwL4Ty4zExHPw13BoTBtqNjvGJSt1pump.webp HTTP/1.1\r\nHost: axiomtrading.sfo3.cdn.digitaloceanspaces.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T05:34:20.987672Z","times_seen":16230898,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"desperate-moccasin-minnow.myfilebase.com/ipfs/QmcWFfeXHGbTZ1zrY7Un6GmXisSqeDEaJ5XpcLmgt4xd4X","fqdn":"desperate-moccasin-minnow.myfilebase.com","domain":"myfilebase.com","tld":"com"},"ip":{"addr":"57.129.37.40","port":443,"asn":16276,"as":"OVH SAS","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"myfilebase.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 11:56:29 GMT","end":"Sun, 10 May 2026 11:56:28 GMT"},"fingerprint":{"sha1":"EB:50:E7:35:FC:83:4D:BB:3E:C1:E5:68:76:A3:F5:D6:69:67:64:BD","sha256":"55:C8:40:46:45:E7:B3:3B:74:C4:B6:AE:3B:31:1D:47:31:9D:68:2A:9A:53:4B:04:58:14:44:F4:AC:4E:CF:6D"}}},"request":{"raw":"GET /ipfs/QmcWFfeXHGbTZ1zrY7Un6GmXisSqeDEaJ5XpcLmgt4xd4X HTTP/1.1\r\nHost: desperate-moccasin-minnow.myfilebase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Feb 2026 21:58:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 29846\r\nx-filebase-pop: lim3\r\nx-filebase-request-id: eb2c641d2eb18b6b3249c25cf9687174\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"QmcWFfeXHGbTZ1zrY7Un6GmXisSqeDEaJ5XpcLmgt4xd4X\"\r\nx-ipfs-path: /ipfs/QmcWFfeXHGbTZ1zrY7Un6GmXisSqeDEaJ5XpcLmgt4xd4X\r\nx-ipfs-roots: QmcWFfeXHGbTZ1zrY7Un6GmXisSqeDEaJ5XpcLmgt4xd4X\r\nx-filebase-cache: HIT\r\nserver: Filebase\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\naccess-control-max-age: 1728000\r\nx-filebase-edge-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":29846,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"5b1fb057cab986a1e4e864879865843f","sha1":"6d1996cfb53731189c26cc43226425b2c6a8ee07","sha256":"0471891ac8d063dea31930362c516eaec03774eb076355e7df5cb697283c5397","sha512":"92ed8d8eaa845d8729110f8768a99f21cfec84c40144e2b151453342dd8567b520c1b291162a2afb1c1777146cec88e140450abe669d3d688a74678ecd86b6e9","ssdeep":"768:X0W2oCgDg5XtZ+5ShDwKSRDvaTvrcdwpAmbB:X0Wdpg5XC56UKoODrvpAmbB","tlshash":"bed2e17ce2912557d03d39fb0d6ac335ea07343926d1caaac789984d774d8b00b1a4df","first_seen":"2026-02-25T21:58:49.548116Z","last_seen":"2026-02-25T22:29:22.294711Z","times_seen":2,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":163,"dns":60,"connect":54,"send":0,"wait":93,"receive":30,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/scan/EXrBNZPC9z8pGgTJFPLRJqvEVoqaPteQMkSgRQfWpump?_rsc=1r34m","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:13.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /scan/EXrBNZPC9z8pGgTJFPLRJqvEVoqaPteQMkSgRQfWpump?_rsc=1r34m HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_tree\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:13 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nCache-Control: private, no-cache, no-store, max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":379,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (378)","md5":"d1d7dc44f67094b1942bac398d57930e","sha1":"30b33ee960075f62253a75575238c3b3ddea4201","sha256":"d9c3c20e1827d561fdbe444f028f47edc264f14f62d3c285129513168baf0c72","sha512":"d322287fbb698228c074e9eb5eab6849cce5390ad6b1c4932724147a6d7e7a5e959d838e5bca3752a85cd9a4be0f8d981626000e0cdce9645e85ad1a8f00ae31","ssdeep":"","tlshash":"91e0e52b580f15b31abf20e0882d590619d9de7b239825f0c0945d1f3f7236693db695","first_seen":"2026-02-25T21:58:49.549056Z","last_seen":"2026-02-25T22:29:22.232404Z","times_seen":2,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-desktop.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uygft-a78s.vercel.app/demo.php?id=6991ac01928eb20ac9bc2dde\u0026parent_url=rugsol.info%2F","date":"2026-02-25T21:58:16.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 08:27:13 GMT","end":"Tue, 14 Apr 2026 08:27:12 GMT"},"fingerprint":{"sha1":"8E:B1:C6:1C:4F:29:20:20:9B:A5:D6:9D:E1:36:5C:9E:97:FB:1D:39","sha256":"37:AE:3E:49:CD:79:B6:64:E2:E2:D7:10:C5:42:B8:60:97:C4:95:B7:D1:0F:FE:B7:2D:84:F2:DC:70:4E:53:C2"}}},"request":{"raw":"GET /phantom-bypass2-desktop.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://uygft-a78s.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 21:58:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 3967947\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"5a6a3867cbfe36845cfc495e5ca7f0ea\"\r\nLast-Modified: Fri, 23 Jan 2026 15:05:42 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9d3a7690dabba0f0-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48883,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"c2bd3670af722a4e8f194b372e2032a3","sha1":"7c05e01ca5ef73f8edf4fd6db49b07ae438a9ff0","sha256":"55faa7cb0d0e30fca57cb6eb103d2a085eb7378902dca13fc8c54c9463306e7d","sha512":"9ed99eb3225402a008ae45859922f5d6b321445e384fdb905cddc9386271d21ecc7a9ee72450cc016d30baefe2caf6e0c59925ad69173b81061d50525719eef5","ssdeep":"768:wOJkipRC1iRwWDbZf+J5lFjRvbJjU8Gmokpu51qe+wK+CELrSUmY9AoHb9beveal:wODxRwWJw5lkmox5eV+Cs/KoHo2Jg","tlshash":"0123022988c0e9d5311ec7419eccf2f42a4205fe64b32da59c492fde96f8656c9eb0f4","first_seen":"2026-02-25T21:58:49.549994Z","last_seen":"2026-02-25T21:58:49.549994Z","times_seen":1,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":240,"dns":0,"connect":5,"send":0,"wait":121,"receive":7,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-25","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"rugsol.info/about?_rsc=1r34m","fqdn":"rugsol.info","domain":"rugsol.info","tld":"info"},"ip":{"addr":"193.233.75.119","port":443,"asn":215590,"as":"DpkgSoft International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugsol.info","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 16:37:50 GMT","end":"Tue, 12 May 2026 16:37:49 GMT"},"fingerprint":{"sha1":"DD:89:21:E4:C8:34:84:37:19:E9:99:B5:9F:6C:0F:82:65:01:22:F4","sha256":"D9:9A:83:17:DD:83:59:01:39:BF:5F:A6:3D:9A:59:6D:99:01:4E:D3:60:54:7A:0A:45:F1:C8:8F:EC:1A:A8:43"}}},"request":{"raw":"GET /about?_rsc=1r34m HTTP/1.1\r\nHost: rugsol.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rugsol.info/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_tree\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 25 Feb 2026 21:58:12 GMT\r\nContent-Type: text/x-component\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1\r\nx-nextjs-postponed: 2\r\nCache-Control: s-maxage=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":746,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (413)","md5":"021d2b697281992cfe48f9c6e666821b","sha1":"a42d51a3b228eb95a10b9c28fd3844e79c90d88e","sha256":"db96965f8059e4acedb9a369cc81329d71670f0dd0b7a89e855edb906dca3ac7","sha512":"75c93464254ec82908e6ff8e4f19fef375a2c7a8f3a4cf69593ff05949dcdf799f60e842ee32fbbc97ff474d4dfcc3a6fcff8effb6462677dabc7635aa3caeed","ssdeep":"","tlshash":"ce014c2e8959bd9958e5848c6289e70616689a3bf0a44de8c8cf5c50177e0380ec6b43","first_seen":"2026-02-25T21:58:49.550889Z","last_seen":"2026-02-25T22:29:22.255114Z","times_seen":2,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metadata.rapidlaunch.io/images/42bed0d1-a27d-4598-905d-9dc7fa55e47d.jpg","fqdn":"metadata.rapidlaunch.io","domain":"rapidlaunch.io","tld":"io"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugsol.info/","date":"2026-02-25T21:58:12.614Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/42bed0d1-a27d-4598-905d-9dc7fa55e47d.jpg HTTP/1.1\r\nHost: metadata.rapidlaunch.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugsol.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T05:34:20.987672Z","times_seen":16230898,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}