{"report_id":"adee7d03-7540-4237-92f0-1bda605f6545","version":6,"status":"done","tags":[],"date":"2026-05-14T18:43:10Z","url":{"schema":"http","addr":"webtrader.rilvo.tech","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":0,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"webtrader.rilvo.tech/login","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"title":"Webtrader","dom":{"size":21300,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (6994)","md5":"899b6aeedb590bf1d647b152bf3dad5b","sha1":"aa90a491d1f5a6da065406217218c6e61f8e96a4","sha256":"0845994c2a41a491d6d7138e842c6fdd60fadf701c3a061765aff9493a2008cf","sha512":"037f77420a6365b98f374ccc7ddde6f9e55773da67c79b2b1dd9389e79178eee85e8e0b08fe9190e250e756a4323cce3cd0d3313f6378c40dbb1902203af164e","ssdeep":"192:EkdnHaqhJmXoZSvaTsS3wNE3rC8bZpiLi1I1PrPGIWfmFyAdxKqw7r6vVOjrgeQr:bCStbOrPJWAyAfnAr8ikeQyybYO","tlshash":"a3a2c7226a5a0096713389e119cab7052c7a5143d3128e6b75fc9d69cfcfce6427f72c","dom_hash":"domhash11a30a7fadeee97f7675ad663aae5b34","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"webtrader.rilvo.tech","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":0,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-18T18:43:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-10T22:17:57.86744Z","alert_count":0,"request_count":1,"received_data":73851,"sent_data":540,"comment":"","tags":null,"fingerprints":null},{"fqdn":"webtrader.rilvo.tech","ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":33,"request_count":33,"received_data":3962101,"sent_data":15610,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"webtrader.rilvo.tech/polyfills.3115db2c0ec3f144.js?v=2.3.8","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"0c021c8e2a0c83083eee911fefc28402","sha1":"dbe6b91f40030426000a366cc389e9e8009f5064","sha256":"28cce31dd74fdc3c417a433ed3c44a49d908ceeec4447caaee28fbac67fc9144","sha512":"0512d82acd9b681e22aa07a113f680733640a80db2cdeddf8b02a763edb9532183624142c31f9e940f021a01f25c7175ecb6465b1b278d28801a0cdd0f21271f","ssdeep":"768:Oao1hFBEkYWk7lpxhoXzQ8x64QQH5XHb4XchK6mJ19i7bhDgqj8AwOjpVSYo5+L7:JkYWk7lGTFPt1wkintit0T1cvqd2","tlshash":"1c23fac677a2f0668bf661f4a13f850bf2361564785c88e4f258d8e4397908ad07bf2d","size":47636,"data":"","first_seen":"2025-10-10T21:54:22.79596Z","last_seen":"2026-05-18T14:02:28.111558Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/388.c5961fcbb3e7466e.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"aa304448138bfb837d5c31c64f73d8b2","sha1":"0af73e9085d07636bc8d23859a02e00f3fa4227d","sha256":"de804b8cf58dc814514db13d73c679ba0b525200865bfba8136b5c4b724c1b71","sha512":"873643e7106d381ef30d7f20311a5bc1ca8ebc32218efd87c715f142dbe75c479f1a70079553c5cda6f0ce301e02c20d0ee4f8e79e807ecd28c92b4dfcec777f","ssdeep":"384:uTVNZSYxhM9B+UZqYLVyeFFPS+7qZGElIM9BybawYmlXU2PJ:cVXnmF3VmZGElIM9BybbYmlXU2PJ","tlshash":"7382b7ae3369b93a46dd4995e076860bf71b2c48900b006cb67c9cdf196cc44b2b6f7d","size":18109,"data":"","first_seen":"2025-10-10T21:54:22.814435Z","last_seen":"2026-05-18T14:02:28.108697Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/8499.e99a4fcc6012c716.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"243d90bdd7c884480c2885e91dfe3653","sha1":"69d2065c6b615d608d8a9b88835f368b3540d288","sha256":"cf86cd3892e401f04918285cca00d176011680f1d65d9fb33dcf0b1a51721a84","sha512":"e8057b4d65cd12a3a0433c8c829439b29da8b9d0f104e2ddc72514be6cb4917a8f72e18b60b5f10c4fdc72afefd21bf9666c8e1a3edfc669fcfd4db212eddb95","ssdeep":"6144:KVCCgdFUuEKBpzH+ehV6Q6tffhdx+y6pfttisdjuxT8Qc76HTEtva7nMUFAz/FzQ:zEK7zeehV6Q6Nfhr+y6pfD+MUFAz/FzQ","tlshash":"45843cd63211206603eb50e9547a0247f32b1899a50a44bc77bc8cee6f6dd4c72beb7d","size":375998,"data":"","first_seen":"2026-02-11T09:30:36.525663Z","last_seen":"2026-05-18T14:02:28.102627Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/4927.9d8d53103da50dfa.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"97671a41e75ac4f3a3e54d251d504362","sha1":"475521ed9b5b023b0fb298f1a854bc8123656e9e","sha256":"626252f58c78a366fd24075f97b922f4acda36abe8e0f48d1231ca86762676d8","sha512":"0a08e36d90e0a2ae2dbc72ef72e14cdded31746f38aea620f9dab712c983596ea4fae928346adb48ee42f3ca287b2c0a7f394fc606630e28b91bc0c10f11a535","ssdeep":"","tlshash":"b861960655827466227e48e8df76d540f8fb0e424043ce84fffccd706aa6589b1c7ab8","size":3380,"data":"","first_seen":"2026-02-11T09:30:36.548764Z","last_seen":"2026-05-18T14:02:28.103674Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"953ca7fe62fbb3c9f00ef80e8a5e52d6","sha1":"4f15fb9419bf335164c7a5b7828468e9b75e323d","sha256":"a6914b5280602a30f8743ae1aa5c1edfa87cd3dc5adbc32a84c2a547427589e5","sha512":"8542df48985ca4133c7377fea815588fa2fdd1d725fb33718eeb39ec9486e6f32d7798a28c8d5fc0bb1932147f7884510b2dfdd88318b96eed077b9cb0a81156","ssdeep":"","tlshash":"2c21af19eabdc4a500a3e4be8767d2082937a0933104e4aa3f4cda85df454958ae75df","size":1142,"data":"","first_seen":"2025-10-10T21:54:22.822221Z","last_seen":"2026-05-18T14:02:28.120269Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"4625e4466d92230d8f7353c4ce32532a","sha1":"b0338caf3318419a4b3c9db5d2fab427718634ed","sha256":"f6b5cd265470dfeab96af65a61a587a923796e998952a6aae7c178f564c1a2aa","sha512":"8f44d7dc62685918bc8c50e24dc1334e84660ef9ca194eab8f9a375709ad3cd9c00340fb640043787d6885f3a86e28da5e9b568774e074e8659e5686548f384a","ssdeep":"","tlshash":"6711e54e4efd402615b3786f0e1b8101323bc9539559de487fed67904f86d389ae36e4","size":855,"data":"","first_seen":"2025-10-10T21:54:22.823408Z","last_seen":"2026-05-18T14:02:28.120854Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/runtime.b64b71f3dbed7c00.js?v=2.3.8","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc7ad8b8fc60ae0d6fb6e114b42baaec","sha1":"fbf88bd826d30d06a321d3d9796b34500b6ea773","sha256":"1182088f180a569e05a0823d2079a5fdea4e4d4c960d9116d2cde14538d2966b","sha512":"8258eba9574910b9fbefd4f5bc89ec1e48784bc8bb2b6bd76dd7b06c0d1cbbb0da8947ef678ba1f4eb140701ebb5b395480b13a2a943dd7735ae6085b79d8f25","ssdeep":"96:A77GtBS5nK/CVTD+vV2Vt9AjSdIslM3k2IJbcNlGMy:A77eS5nUCh+v4/CjDsWUsE","tlshash":"638119bd6b2cb9e62b7244c56c3d9cf8b65824373017acb1a71fe8566058df00917a73","size":4133,"data":"","first_seen":"2026-02-11T09:30:36.546898Z","last_seen":"2026-05-18T14:02:28.113819Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/6709.bfe45a98d0131c8b.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"5fa18af2bcd2e9f1a2f48f5f9d9ba79a","sha1":"3ebd9631d2979f46dbe9c170132fcd97441a7e0c","sha256":"81777b6c0983cd6c0bb8f4ad12982410b4b955c8d6d4f27b1b7b17b11957d69c","sha512":"999e89e8fe17cd1b899323d29b3eeab6ca786d5c280a289f93547a6bec0bdfc699e4b6b5a363542f3adf59e2165e4a2fa1d6c635202327670f4b0910212274e8","ssdeep":"768:K1tpPXcQn/zro6EysU0hS/vOl1HK7M1gni9KBrEP/iVm/xaavDLxkf/E1/M8AHS:Kh/BsUyS/q94ni9KBrEP/iVAvDL6El","tlshash":"3023d99a3742357716fb829618b1050bb92d2480a2054d6db1e8dcee5e9dcccb33bb7c","size":49535,"data":"","first_seen":"2025-10-10T21:54:22.772008Z","last_seen":"2026-05-18T14:02:28.105214Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/common.2506177d324cc13c.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc8cfb6fa05ac43c41d1b856cc439594","sha1":"cdd0f9d94f60205728e8978db864631d151e9e1c","sha256":"2d1dd65f7e8c77653dc5bd1dacae4624ccdf3e2dab54febf97373a3213f9b0c7","sha512":"ec732b3c639bac6694bbf9ec165d651762925818b0649d04bcc9bab76bfce54caf155d6b669061b63250f2297fd88b2e0822fa5af40e5f4f30a749502a89f9e4","ssdeep":"768:8VdzdjfdFwrexzMv7aCTfYjn5FZ3EzCErm2oKsU9xem:Wzq8p4bcm","tlshash":"071385f2c62450dd33a1c8439613b3086c68f571d852c999fb5dacac8ae2fee528577c","size":41970,"data":"","first_seen":"2026-02-11T09:30:36.555035Z","last_seen":"2026-05-18T14:02:28.10025Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/3654.68719923a6e705c3.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce924dc21c56a1ad3292f67fece39840","sha1":"1a805e2e29c9b07c51aff92f50613c1536423bdb","sha256":"277bfbb3c93ad65f04378c80652381aafabbf6d64a5055e60ec4f451c62a4563","sha512":"573e21db7726ed2e5c9fc353302478b217c46f89f4e0d0bc04f5aa9e64383479d2301b762cf6dce7e08f3b4b8ef01ea68bec22809899d9a306f3e7a2d26fefdb","ssdeep":"6144:NyA9lluWirEiM3z0zAQL48XdFoFkPAptBR2bmtOgXgTj4YDuEIJ9ade9Z+uYMkAq:j9lluWeEiM3z0zAQL48XdFoFkPAptBRk","tlshash":"6884ca22f3802017415e6243b023174297271aa66d85cdadbe7cade67e69c4d33feb74","size":374923,"data":"","first_seen":"2026-02-11T09:30:36.526635Z","last_seen":"2026-05-18T14:02:28.103185Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"de6000f0003000000003c30000330cf300000c0f00ccc30cfc0000c000c00000000c03","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-05-22T18:17:33.506967Z","times_seen":284255,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/main.1bceabbbc7dc1d97.js?v=2.3.8","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"3761aaf503a1368bcb7b4dfc80152e22","sha1":"1452296a299a01188b3bdf4a7871bacefb823e92","sha256":"e7d957b438637917efe2641148411954bb43ffc0ca72494d8b6fc8ae89fdb37e","sha512":"e899f155bb430f2c9380da47e7569a368ebf9c85aa9f7ebc46f625ab65d5c54fe96b362aee08b51356fc35dc6103723a4dca389cf16288d343d685daa58fdf74","ssdeep":"49152:Y77NGJYQvrOtTPcWecZcLpsVe7nX+aXyeRzDnzI8Pq0caeq:Y77NGJYQvrOtTPcWeB","tlshash":"7485c7582a6bf3449408c0dbf9373c88d59dd18aa00b50e56fb14bf75ba1746ebacd23","size":1819039,"data":"","first_seen":"2026-02-11T09:30:36.562856Z","last_seen":"2026-05-18T14:02:28.119682Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/7872.19b4e259a06f7ec4.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b49f241c63ad019754ab0164a28d15e","sha1":"72282bdde1ec3a9536553c8d1917c20a3286c822","sha256":"dd7270176b0549888849e84f806b92f753ffbdbf36b1e67663f24a0b56c812c0","sha512":"16b4dde098713ef5aac90d7d10b3844d64e72f0e90ede225e66dd5a24fd158807c45f9d743f96002d0c1ccde30acd39e60b676ef375e97999f62abd403ae3666","ssdeep":"384:wGMlO6ZiCAEDGKOm0TeQKFatYfwKwTOBMxxYQtRmen0o9HaBBD/HD5gmDAq21JQZ:dMlO6ZirEDGKOm06RatYfwNTOBMxxYQq","tlshash":"289294c971d3f46593a358a5c0af080ff16c6c1da18da498f2a1d9e97c7905ed273f28","size":20036,"data":"","first_seen":"2025-10-10T21:54:22.793086Z","last_seen":"2026-05-18T14:02:28.102114Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/2347.f29693ee0d302577.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba2c13eac0e88b57bb39352cdf76f165","sha1":"e0adab179abb8a6ad59cc557a043e182361a10b9","sha256":"772eb109840fb67a06dcfe14c5661bc3d46556cdd0f4206ab9555fbea3739878","sha512":"fa9ecf9a88e03dea10e6433a65e6fd262c82d36df03575f98cbf9cb06e46d8076898dbb710fb7782c50f29552ba417ea253f207d1d6005daa0652ca4a78e473d","ssdeep":"1536:FDyrK2JFXbMLJYHF1kuMll529CAKEjcmpV5rmO0z8QDP:MVFXMIF85O8BXz8k","tlshash":"b453ea49325371214eed4c9ddcf5098ab2254f38a50101edb27e9eed3aedd09b23673a","size":65315,"data":"","first_seen":"2025-11-12T03:41:30.814006Z","last_seen":"2026-05-18T14:02:28.10816Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/4310.f7ab4f16927a9dbf.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"89b38c213860616a5b250f4260d8c8bf","sha1":"52d6f14b48af569693b2a88ce2aad2a45095c6d9","sha256":"4fa5f3c49dbb4673e1b78d48e9248d7f391e74bb80f8f68edee1d7af9d6648b3","sha512":"13bdf0b4c4403f9453bfe4d5da9084b24ca09929751316863979524a13d1b1d46142e565448db59aaf35f626eb73561615336994b32d00800a755fe87d4b8a9c","ssdeep":"384:5ffpQBXtfSvI5kQ4Y3FTFEdvLWmEdbXNF1JEFFWFDVJ4:5ffpQBXL4Yx4yrXr4","tlshash":"4b9263f2852450dc3395c4024723b2055e1cfe21d56acaadfa9dc84da7d6feea28573c","size":19630,"data":"","first_seen":"2025-11-12T03:41:30.817325Z","last_seen":"2026-05-18T14:02:28.115811Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"df6c609f1ca6f390c474595d9ca3c646","sha1":"ddbcc02d91acfd84b3eb49080604319df3cbe844","sha256":"9742eb1c5153b3fd0338965e87710641f450ec417047e8fdde4111f789ccff46","sha512":"56b1b1a263abd0f5aa2ab8fc08b514c38ea4d47dcb665fc9e6e11001c331d6bffe8955787793ed4135cde47f4b248003332f191d90afe495664a2e56510a2c2f","ssdeep":"","tlshash":"b2119c2a453a083705a7d929c64b70151773a3473108d48e394de6089f96a45c7626fe","size":1060,"data":"","first_seen":"2025-10-10T21:54:22.824584Z","last_seen":"2026-05-18T14:02:28.121411Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"f01c3c4d5bdff8284f46baa4044e98ff","sha1":"514c86aa51fac203d5bff101a53f94c9b1342c51","sha256":"afadd7bbc7b3fc0def9b0fbcaf001c50c01b7db3fec4880f57a570ebd956b0c1","sha512":"f3f5bde0c65f6750b38cb6625b808dd18cbf698d52475a61ac71c00ce760d59b84d8058596316c5937d28ad253a90a593edbbb81379a2687b4e3dca45e01c9eb","ssdeep":"","tlshash":"90700000088800202e02088a8a000302a8000e08082020a0a008a32bc0808030820028","size":24,"data":"","first_seen":"2025-10-10T21:54:22.826305Z","last_seen":"2026-05-18T14:02:28.121977Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/2381.6bdb8222c04f4f70.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ef377f3cbd81741952dc19c0d9f67bb","sha1":"ddd543ba8e9e50e0053dbb133523b313f054da3c","sha256":"ee506791ee0287f785769370c45ed79c90f94d3a670523d7645a0b877006b1b8","sha512":"e36567da16a2e348da680b86e3cb7f05569a2404c54508ef34bae9c166f4e73eb53d5533bfde0772bf3175e6ff044f0d1d615f5b81c88170b22e74b20cfb85b9","ssdeep":"384:ucymEE+RDYWZtY7QUNktDgWMHvTZ8wQ36wI+iuFkhfTQmSreXQ1ZyDghfD9OL3wn:uc6E+RDYWDtD9Mrm6wI+iuFkhfTQmSai","tlshash":"c5b2c6587341747243ca905b907b4607b3394044b187b038f56dccef2ebadeea2a7a79","size":24055,"data":"","first_seen":"2025-10-10T21:54:22.816981Z","last_seen":"2026-05-18T14:02:28.105696Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/6801.4c1cc07c3bdffe5e.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f4b51cbada9ce17c28b5bbbd2856c5b","sha1":"118a45b66c0a6388613d431fa0a08f3570d6e67f","sha256":"399e8b65e2c7052cdb29f8042f9c67bd0f13148313195303706230e69f16366b","sha512":"ef2bac17036cc7fec4eef6b3a070a1947b6c9f9df006dcdfc7260d46f8355820953242f7bc560fb417c5cdce18f3fc3bfd0d3866cc31bdf92c0896293ee3bec9","ssdeep":"1536:4tmdti67G2LpXJQcz/r3buDf5dEmGVoc6ZP:16rZP","tlshash":"cb43ca579581a4f713e629f0ab6fa50263944d85ad098180f39ccca77bfc58c63a3e7c","size":57228,"data":"","first_seen":"2026-02-11T09:30:36.558532Z","last_seen":"2026-05-18T14:02:28.11764Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/9967.d11294bbace0f438.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"53b8124cfa6183688d50dede83574bb9","sha1":"ae161987677b32cd5fa05706c635427d5af7dd97","sha256":"5a30113b051e5a39f95215b700048faad10b91f87eecc54b38cb5b9fe1911b72","sha512":"fbc3692efee6d5fa9e5aa0865c8bd89e1660ed081f04fcd2715ac44db20f93c1f9c6128ed6698a7cf3855765d5c46c19135f37d936fbbbae83194c8c561c6b07","ssdeep":"192:bp6wrVMeeF4skTXDj0XRq4ScWVqhXTFiMo4V7JJH:bowrVMeeFcSq4zLJB","tlshash":"4662edf7862540cc73e2c427931372446d7af2249893cd99b78f484c8ae0faa938677c","size":14708,"data":"","first_seen":"2025-11-12T03:41:30.857725Z","last_seen":"2026-05-18T14:02:28.110409Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/8692.fd07f664154c5e8c.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"efe5a73c44745c8acde16c5934b8638b","sha1":"e6d80d221f87420289b6f9caf8a56e81c8c454cd","sha256":"1114e51c25fc761104db6d2d06df28b3ba322b37c383183883db6367f3fe994f","sha512":"a5d664289783d2755d5200b5b3c6d831f6b58f73fd46bc3cf0c7acc82c7de7159cd1e4a29406d000cbbeb568c118e9c4048f2318fe59ba1ccd530eff592aa0b7","ssdeep":"1536:76khn2cuOKPczJhdTiDyU23WAnxtNqFrk+SPes88oROCGxHrm6IkjT9lVcPZVL:dhn2cujL+fnxtklk+wx88o+rAL7","tlshash":"f1340a12f895a0e102eb6458a76f4e02a62c1d46290ed498f3dccdda77dd84c726bf3d","size":249382,"data":"","first_seen":"2026-02-11T09:30:36.545231Z","last_seen":"2026-05-18T14:02:28.112696Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/8888.a36f7263afdacf0f.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"e0dcc720502b3f5cfe3349e565d670e1","sha1":"ad4d594c74382150f5d83a8a962af97b6d53c2f7","sha256":"a451d955bc4621f6d8e830af2551d58188ef817006f2089116c82e2d8646bf85","sha512":"2f87c3433b1fa75c51f79e2bfef259ad70849cbc420d143e119f9b8693842187417a2714002220383471d904499af28cccaee002e2095ab14e1ed56bc389b876","ssdeep":"768:F3oMy/JJm/aixoWNpfIFBhWtUh2Q2jspO/trGQLkXfEQpan8jCbM:CmiixpMqtovABnsU8j1","tlshash":"aae2f7f2853040e933b2c04242673606591cfe20d91acd58f6ae9d9d7be9f8d6297b3c","size":33845,"data":"","first_seen":"2026-02-11T09:30:36.523741Z","last_seen":"2026-05-18T14:02:28.109262Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"webtrader.rilvo.tech/9967.d11294bbace0f438.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /9967.d11294bbace0f438.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:48 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 14708\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:31 GMT\r\nETag: \"69a95ddb-3974\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14708,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14708), with no line terminators","md5":"53b8124cfa6183688d50dede83574bb9","sha1":"ae161987677b32cd5fa05706c635427d5af7dd97","sha256":"5a30113b051e5a39f95215b700048faad10b91f87eecc54b38cb5b9fe1911b72","sha512":"fbc3692efee6d5fa9e5aa0865c8bd89e1660ed081f04fcd2715ac44db20f93c1f9c6128ed6698a7cf3855765d5c46c19135f37d936fbbbae83194c8c561c6b07","ssdeep":"192:bp6wrVMeeF4skTXDj0XRq4ScWVqhXTFiMo4V7JJH:bowrVMeeFcSq4zLJB","tlshash":"4662edf7862540cc73e2c427931372446d7af2249893cd99b78f484c8ae0faa938677c","first_seen":"2025-11-12T03:41:30.857725Z","last_seen":"2026-05-18T14:02:28.110409Z","times_seen":46,"resource_available":true,"data":null}},"time_used":437,"timings":{"blocked":232,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/brs/api/getPage/b6f6b161-3b7a-48e1-9675-3877f1ce7c84/welcome?lang=null","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:49.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /brs/api/getPage/b6f6b161-3b7a-48e1-9675-3877f1ce7c84/welcome?lang=null HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer null\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/login\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:49 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":218,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"45dc2d5a341e0a5ba919210664c60c61","sha1":"de51fbda80950447323ebd777adedfd5f98492b6","sha256":"c5a96ec85fe0eca8de85de530fdd20ad437ef7583e6403903abedbbf8f1bb0ed","sha512":"de1c0a925428243917e81d12b1a616881aa95eb5e968ffbc06ed16c5a79191bccdbed4632f6d60c5e32c771462b323f51d22a7603596cbdf109831caf0186ff4","ssdeep":"","tlshash":"2bd02323dd5896122e9e2150b4353c65d97d12cf5050dc10751a5e5801d01f9e60745a","first_seen":"2025-10-10T21:54:22.788453Z","last_seen":"2026-05-18T14:02:28.113259Z","times_seen":69,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/brs/api/getPage/b6f6b161-3b7a-48e1-9675-3877f1ce7c84/login?lang=null","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:49.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /brs/api/getPage/b6f6b161-3b7a-48e1-9675-3877f1ce7c84/login?lang=null HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer null\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/login\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:49 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2405,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"df7d4d24c113f5c1e6f4b2e3f5fd46e0","sha1":"8869666e6b9a1c54a7b8f2d72306b886ec26922a","sha256":"6a0cf0b225cfac55248e1421a856b42568715ecd2843b5fc7bf53e84ad5761d4","sha512":"85caf19fb1c25a3deb411924249760f0ef8b395a6a0fa02fea2fc7db5f95a15e501cbf6adab636f8db5719bee572602dff70c23c2249aa69f5f716b7101417a7","ssdeep":"","tlshash":"5541b14b99228cfb4f0745e1f4a27f52b66d206b45458c30846e9fd8a1f1bf62352e07","first_seen":"2026-02-11T09:30:36.542383Z","last_seen":"2026-05-18T14:02:28.118202Z","times_seen":39,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/icomoon.88084cdf1f5e7b99.ttf?ml7oqx","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:49.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /icomoon.88084cdf1f5e7b99.ttf?ml7oqx HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/styles.3ec2a20c30c77d74.css?v=2.3.8\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:49 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 13172\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-3374\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13172,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, icomoon    ","md5":"d7007bb286f680fb5376db252feb84dc","sha1":"8940ebfe6f04097b88b283f5220c20df48d7a7c5","sha256":"ca48a4893c651f5f7a70e7615363432cf60fe9e424cba7f72c1ddec03bcf95f2","sha512":"e7b48c11a914c8c759764e0f0fb96ff618d197f126e93684c613224ea8ce1dfacd95184ea43061b12272e202ae0df1614cfa6279eda9c4f052fbab22a9e2273f","ssdeep":"384:elzqZ6PzMEOCnSEIScPbgfdld/wfzorBUbgod5:kWZ6PzMEOeSscPbgfdlJwfwB9K","tlshash":"2242e686db62fb99fc079b759d9b68540ef85f12c139e38353894d86a0054e81d3cf8e","first_seen":"2025-11-12T03:41:30.803302Z","last_seen":"2026-05-18T14:02:28.104188Z","times_seen":51,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":157,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/main.1bceabbbc7dc1d97.js?v=2.3.8","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:45.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /main.1bceabbbc7dc1d97.js?v=2.3.8 HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:46 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1819039\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-1bc19f\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1819039,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8d38d4c18faab6d0021da3cda1180b0c","sha1":"7473c4ed43c15e75483d8d8e1e340082ec60e45c","sha256":"854b0203cb5282ae49d8a8a73e63ef61d0868c4313c1c4f8fcd13aa052e3e132","sha512":"e293e89744072d53ea37191f9f27de160aa6cea53358d3b4202e9e02484ca82e2324dc1e076b8252d4b58d7656ae072092b423d71867038f77462b2d0a93f823","ssdeep":"24576:Y7sAhVuhEyG9Z3TSZWkcSa2dpGGJYQv5W2kWzfFaGMDITctTP2AhVuh20FPQCLgh:Y77NGJYQvrOtTPcWecZcLpsVe7nX+aXs","tlshash":"54251bca32e2755a079650a6c43b480eb12d1c80b018c53cffad99dff968d5c52bbb79","first_seen":"2026-02-11T09:30:36.540225Z","last_seen":"2026-05-18T14:02:28.11213Z","times_seen":48,"resource_available":false,"data":null}},"time_used":680,"timings":{"blocked":70,"dns":1,"connect":30,"send":0,"wait":201,"receive":332,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/6709.bfe45a98d0131c8b.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /6709.bfe45a98d0131c8b.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:47 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 49535\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-c17f\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49535,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (49535), with no line terminators","md5":"5fa18af2bcd2e9f1a2f48f5f9d9ba79a","sha1":"3ebd9631d2979f46dbe9c170132fcd97441a7e0c","sha256":"81777b6c0983cd6c0bb8f4ad12982410b4b955c8d6d4f27b1b7b17b11957d69c","sha512":"999e89e8fe17cd1b899323d29b3eeab6ca786d5c280a289f93547a6bec0bdfc699e4b6b5a363542f3adf59e2165e4a2fa1d6c635202327670f4b0910212274e8","ssdeep":"768:K1tpPXcQn/zro6EysU0hS/vOl1HK7M1gni9KBrEP/iVm/xaavDLxkf/E1/M8AHS:Kh/BsUyS/q94ni9KBrEP/iVAvDL6El","tlshash":"3023d99a3742357716fb829618b1050bb92d2480a2054d6db1e8dcee5e9dcccb33bb7c","first_seen":"2025-10-10T21:54:22.772008Z","last_seen":"2026-05-18T14:02:28.105214Z","times_seen":71,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/bg-login-page.93c0bacdf18c4dde.jpg","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:49.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /bg-login-page.93c0bacdf18c4dde.jpg HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/styles.3ec2a20c30c77d74.css?v=2.3.8\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:49 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 28085\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-6db5\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28085,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=Adobe Photoshop CC 2019 Windows, datetime=2024-09-05T16:04:22+03:00], baseline, precision 8, 1010x1078, components 3","md5":"d2e8e3c6e915dea0f3964659274d3489","sha1":"613385807945ccbbb61f672c5186f626582b83be","sha256":"19b831c48f554434abab2e1406d0404195116e56c4b75d4d0686a12fcaf6abf8","sha512":"45a5893aec025f511aecf14d3be7260f748a32189b548e8ae8fda7409b351cc769b44350dd4b219314036a6f5d9bb564c5208ceaead374acb99794df62cfd0a5","ssdeep":"384:nnTAhJL2/QDxqvC+6l/CZ85s/ZYnTy7s1jOYN7Ntj8Ww4bjAWlm+3:nGS/u/OmnTms1jOY5fQ4bgE","tlshash":"b4c29eb5af48934ac56beb3116b3432d7f0348fa2e961193e5bd40b21c8615ebd292e0","first_seen":"2025-10-10T21:54:22.794517Z","last_seen":"2026-05-18T14:02:28.110965Z","times_seen":66,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":228,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/8888.a36f7263afdacf0f.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:48.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /8888.a36f7263afdacf0f.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:49 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 33845\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-8435\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33845,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (33845), with no line terminators","md5":"e0dcc720502b3f5cfe3349e565d670e1","sha1":"ad4d594c74382150f5d83a8a962af97b6d53c2f7","sha256":"a451d955bc4621f6d8e830af2551d58188ef817006f2089116c82e2d8646bf85","sha512":"2f87c3433b1fa75c51f79e2bfef259ad70849cbc420d143e119f9b8693842187417a2714002220383471d904499af28cccaee002e2095ab14e1ed56bc389b876","ssdeep":"768:F3oMy/JJm/aixoWNpfIFBhWtUh2Q2jspO/trGQLkXfEQpan8jCbM:CmiixpMqtovABnsU8j1","tlshash":"aae2f7f2853040e933b2c04242673606591cfe20d91acd58f6ae9d9d7be9f8d6297b3c","first_seen":"2026-02-11T09:30:36.523741Z","last_seen":"2026-05-18T14:02:28.109262Z","times_seen":47,"resource_available":true,"data":null}},"time_used":200,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":198,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/runtime.b64b71f3dbed7c00.js?v=2.3.8","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:45.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /runtime.b64b71f3dbed7c00.js?v=2.3.8 HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:46 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 4133\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:31 GMT\r\nETag: \"69a95ddb-1025\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4133,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4133), with no line terminators","md5":"fc7ad8b8fc60ae0d6fb6e114b42baaec","sha1":"fbf88bd826d30d06a321d3d9796b34500b6ea773","sha256":"1182088f180a569e05a0823d2079a5fdea4e4d4c960d9116d2cde14538d2966b","sha512":"8258eba9574910b9fbefd4f5bc89ec1e48784bc8bb2b6bd76dd7b06c0d1cbbb0da8947ef678ba1f4eb140701ebb5b395480b13a2a943dd7735ae6085b79d8f25","ssdeep":"96:A77GtBS5nK/CVTD+vV2Vt9AjSdIslM3k2IJbcNlGMy:A77eS5nUCh+v4/CjDsWUsE","tlshash":"638119bd6b2cb9e62b7244c56c3d9cf8b65824373017acb1a71fe8566058df00917a73","first_seen":"2026-02-11T09:30:36.546898Z","last_seen":"2026-05-18T14:02:28.113819Z","times_seen":48,"resource_available":true,"data":null}},"time_used":314,"timings":{"blocked":73,"dns":1,"connect":28,"send":0,"wait":158,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/brs/api/validate-ip/Terminal/b6f6b161-3b7a-48e1-9675-3877f1ce7c84","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:46.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /brs/api/validate-ip/Terminal/b6f6b161-3b7a-48e1-9675-3877f1ce7c84 HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nCache-Control: no-cache\r\nAuthorization: Bearer undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:47 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":227,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"ff40fc103c9d7ad518f005215c557fd1","sha1":"a90a922000e39d766284784f0d6a99c869285628","sha256":"921a5051f518f0559166dee05fc08d00c22dec6a203d705d33c9e9440fc3bd37","sha512":"637dc371f650f9a084169b2a35c21f2ce73931bed25a6a94e696c7e2c35c9f0cf803f7b8ee9b8612e6b7e81b6ebb901f5dd1c3bce5c61203429490e2eeedaab3","ssdeep":"","tlshash":"4cd02235aca88a53ad12c18caa463f0147fce0abc1a38810d48e6f6841f83f11a93217","first_seen":"2025-07-16T06:49:20.097296Z","last_seen":"2026-05-20T05:31:56.77043Z","times_seen":83,"resource_available":false,"data":null}},"time_used":493,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":493,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/brs/api/get-dialing-codes/b6f6b161-3b7a-48e1-9675-3877f1ce7c84","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /brs/api/get-dialing-codes/b6f6b161-3b7a-48e1-9675-3877f1ce7c84 HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nCache-Control: no-cache\r\nAuthorization: Bearer undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:47 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9358,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"40472130e00d98ed862b02ba0eb76c24","sha1":"d9faecea9055341c9eb38f961c07ec6e03209493","sha256":"280401830c5c0620d9b7cc9bb02f92ad92c03ce11bd9587163d163adb184f2e0","sha512":"7b4f738fef3867da6de4e5aad9f1cbc660bb97edf017360ac5220549cab62c74dfdb95ab9d9c6670e69e3a17988507c2207d27523c774f50a49cf932bb8db4f2","ssdeep":"96:p95RDzohKniUVn7K+1CcmnrYllyfqQwfO+:v7YKnDFKtP8zyfqQWO+","tlshash":"471223bba60dae6ced36bb12b44f3a355c3af46418cc0907608cdb76b2c6bfc1125061","first_seen":"2025-11-12T03:41:30.79693Z","last_seen":"2026-05-18T14:02:28.1047Z","times_seen":22,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":157,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/common.2506177d324cc13c.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /common.2506177d324cc13c.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:48 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 41970\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-a3f2\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41970,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (41970), with no line terminators","md5":"bc8cfb6fa05ac43c41d1b856cc439594","sha1":"cdd0f9d94f60205728e8978db864631d151e9e1c","sha256":"2d1dd65f7e8c77653dc5bd1dacae4624ccdf3e2dab54febf97373a3213f9b0c7","sha512":"ec732b3c639bac6694bbf9ec165d651762925818b0649d04bcc9bab76bfce54caf155d6b669061b63250f2297fd88b2e0822fa5af40e5f4f30a749502a89f9e4","ssdeep":"768:8VdzdjfdFwrexzMv7aCTfYjn5FZ3EzCErm2oKsU9xem:Wzq8p4bcm","tlshash":"071385f2c62450dd33a1c8439613b3086c68f571d852c999fb5dacac8ae2fee528577c","first_seen":"2026-02-11T09:30:36.555035Z","last_seen":"2026-05-18T14:02:28.10025Z","times_seen":45,"resource_available":true,"data":null}},"time_used":438,"timings":{"blocked":237,"dns":0,"connect":0,"send":0,"wait":196,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/settings/config.json","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:46.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /settings/config.json HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://webtrader.rilvo.tech/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:46 GMT\r\nContent-Type: application/json\r\nContent-Length: 258\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:31 GMT\r\nETag: \"69a95ddb-102\"\r\nCache-Control: no-cache, no-store, must-revalidate\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":258,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8e193c507deccaedd73842f3ffbcb673","sha1":"665a4080a5d45e6c404e7ae086028d7f44609473","sha256":"99fff54b61075a3e48e1565b126c3cad5b2b8c9b2f953eebf196b263431c3500","sha512":"dcaf165df8fe7c2ca9d0e52ac90f38ae37d3d6f1571dadd3499fd685fbb33c61e70026a6f0dd12940305e83965c40e8f18daa00adab6be60a3603f950f859df3","ssdeep":"","tlshash":"e1d05e90f83845b761d562f5002ad101a5367c6b0188b62cb393a21d971f66a2cb25e8","first_seen":"2026-05-14T18:43:24.760406Z","last_seen":"2026-05-14T18:46:17.50761Z","times_seen":2,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/brs/api/getMenu/b6f6b161-3b7a-48e1-9675-3877f1ce7c84","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /brs/api/getMenu/b6f6b161-3b7a-48e1-9675-3877f1ce7c84 HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nCache-Control: no-cache\r\nAuthorization: Bearer undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:47 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":486,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c8ad04ad73b3622363bd2fbb0278029c","sha1":"71db452a95a46f028844dd55fff8cfcb4d6a1341","sha256":"459973fa81fedf6690f5ed82aa7c4a3602b414a661aafcc9e134f4b53fe3138d","sha512":"64b48443305f698aeef502180673eec06ccef03ef4a84a7269b6c70698a6fc8582a1d237d5d67a806083f69bc75cc3c328396bd70d1ae665af7f0689f4b0deaa","ssdeep":"","tlshash":"d7f05c1966109ce9ed83c04265d6baeaefec9437d048ec9890594f3c80af3b81462d3f","first_seen":"2026-05-14T18:43:24.761849Z","last_seen":"2026-05-14T18:46:17.500111Z","times_seen":2,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/7872.19b4e259a06f7ec4.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /7872.19b4e259a06f7ec4.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:47 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 20036\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-4e44\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20036,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20036), with no line terminators","md5":"1b49f241c63ad019754ab0164a28d15e","sha1":"72282bdde1ec3a9536553c8d1917c20a3286c822","sha256":"dd7270176b0549888849e84f806b92f753ffbdbf36b1e67663f24a0b56c812c0","sha512":"16b4dde098713ef5aac90d7d10b3844d64e72f0e90ede225e66dd5a24fd158807c45f9d743f96002d0c1ccde30acd39e60b676ef375e97999f62abd403ae3666","ssdeep":"384:wGMlO6ZiCAEDGKOm0TeQKFatYfwKwTOBMxxYQtRmen0o9HaBBD/HD5gmDAq21JQZ:dMlO6ZirEDGKOm06RatYfwNTOBMxxYQq","tlshash":"289294c971d3f46593a358a5c0af080ff16c6c1da18da498f2a1d9e97c7905ed273f28","first_seen":"2025-10-10T21:54:22.793086Z","last_seen":"2026-05-18T14:02:28.102114Z","times_seen":69,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/8692.fd07f664154c5e8c.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /8692.fd07f664154c5e8c.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:48 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 249382\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-3ce26\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":249382,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"efe5a73c44745c8acde16c5934b8638b","sha1":"e6d80d221f87420289b6f9caf8a56e81c8c454cd","sha256":"1114e51c25fc761104db6d2d06df28b3ba322b37c383183883db6367f3fe994f","sha512":"a5d664289783d2755d5200b5b3c6d831f6b58f73fd46bc3cf0c7acc82c7de7159cd1e4a29406d000cbbeb568c118e9c4048f2318fe59ba1ccd530eff592aa0b7","ssdeep":"1536:76khn2cuOKPczJhdTiDyU23WAnxtNqFrk+SPes88oROCGxHrm6IkjT9lVcPZVL:dhn2cujL+fnxtklk+wx88o+rAL7","tlshash":"f1340a12f895a0e102eb6458a76f4e02a62c1d46290ed498f3dccdda77dd84c726bf3d","first_seen":"2026-02-11T09:30:36.545231Z","last_seen":"2026-05-18T14:02:28.112696Z","times_seen":45,"resource_available":true,"data":null}},"time_used":575,"timings":{"blocked":240,"dns":0,"connect":0,"send":0,"wait":205,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/4927.9d8d53103da50dfa.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:48.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /4927.9d8d53103da50dfa.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:48 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3380\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-d34\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3380,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3380), with no line terminators","md5":"97671a41e75ac4f3a3e54d251d504362","sha1":"475521ed9b5b023b0fb298f1a854bc8123656e9e","sha256":"626252f58c78a366fd24075f97b922f4acda36abe8e0f48d1231ca86762676d8","sha512":"0a08e36d90e0a2ae2dbc72ef72e14cdded31746f38aea620f9dab712c983596ea4fae928346adb48ee42f3ca287b2c0a7f394fc606630e28b91bc0c10f11a535","ssdeep":"","tlshash":"b861960655827466227e48e8df76d540f8fb0e424043ce84fffccd706aa6589b1c7ab8","first_seen":"2026-02-11T09:30:36.548764Z","last_seen":"2026-05-18T14:02:28.103674Z","times_seen":48,"resource_available":true,"data":null}},"time_used":155,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/assets/i18n/EN.json","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:49.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /assets/i18n/EN.json HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer null\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/login\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:49 GMT\r\nContent-Type: application/json\r\nContent-Length: 21451\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-53cb\"\r\nCache-Control: public, max-age=300\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21451,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9906d1c4b5eb2e738be51633e4a4063e","sha1":"80ed78ba23961cef6e94e722d0f5af82bc3d3901","sha256":"e51b6ac113a109e52b127ec2f1905a902f007d5b6b7fbf72db742ecd165bad32","sha512":"f272d84ec2a301082d5314b73f6c91e1d8eb900666fa361960b58a7e23aa1921c1b71d55135358d58cd012fce73ef0feef23d6eedafd00270b551f25186acac0","ssdeep":"384:tmV+K7RJjaHWnh7/dLq0AxjB74AFIj9gyEiE:8V+K7RB+oh7FHAxjTFIFE","tlshash":"3fa26263e8818f6209f4d68475a94a12f25b5fbfb304081f78bc576d0f7e52d12cba29","first_seen":"2026-02-11T09:30:36.539449Z","last_seen":"2026-05-18T14:02:28.116373Z","times_seen":48,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":201,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/polyfills.3115db2c0ec3f144.js?v=2.3.8","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:45.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /polyfills.3115db2c0ec3f144.js?v=2.3.8 HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:46 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 47636\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-ba14\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47636,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (47636), with no line terminators","md5":"0c021c8e2a0c83083eee911fefc28402","sha1":"dbe6b91f40030426000a366cc389e9e8009f5064","sha256":"28cce31dd74fdc3c417a433ed3c44a49d908ceeec4447caaee28fbac67fc9144","sha512":"0512d82acd9b681e22aa07a113f680733640a80db2cdeddf8b02a763edb9532183624142c31f9e940f021a01f25c7175ecb6465b1b278d28801a0cdd0f21271f","ssdeep":"768:Oao1hFBEkYWk7lpxhoXzQ8x64QQH5XHb4XchK6mJ19i7bhDgqj8AwOjpVSYo5+L7:JkYWk7lGTFPt1wkintit0T1cvqd2","tlshash":"1c23fac677a2f0668bf661f4a13f850bf2361564785c88e4f258d8e4397908ad07bf2d","first_seen":"2025-10-10T21:54:22.79596Z","last_seen":"2026-05-18T14:02:28.111558Z","times_seen":71,"resource_available":true,"data":null}},"time_used":414,"timings":{"blocked":82,"dns":1,"connect":29,"send":0,"wait":198,"receive":43,"ssl":59},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/4310.f7ab4f16927a9dbf.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:48.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /4310.f7ab4f16927a9dbf.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:48 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 19630\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:31 GMT\r\nETag: \"69a95ddb-4cae\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19630,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19630), with no line terminators","md5":"89b38c213860616a5b250f4260d8c8bf","sha1":"52d6f14b48af569693b2a88ce2aad2a45095c6d9","sha256":"4fa5f3c49dbb4673e1b78d48e9248d7f391e74bb80f8f68edee1d7af9d6648b3","sha512":"13bdf0b4c4403f9453bfe4d5da9084b24ca09929751316863979524a13d1b1d46142e565448db59aaf35f626eb73561615336994b32d00800a755fe87d4b8a9c","ssdeep":"384:5ffpQBXtfSvI5kQ4Y3FTFEdvLWmEdbXNF1JEFFWFDVJ4:5ffpQBXL4Yx4yrXr4","tlshash":"4b9263f2852450dc3395c4024723b2055e1cfe21d56acaadfa9dc84da7d6feea28573c","first_seen":"2025-11-12T03:41:30.817325Z","last_seen":"2026-05-18T14:02:28.115811Z","times_seen":47,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":193,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/assets/images/logo.png","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:49.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /assets/images/logo.png HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/login\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 3127\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-c37\"\r\nCache-Control: no-cache, no-store, must-revalidate\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3127,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 212 x 87, 8-bit/color RGBA, non-interlaced","md5":"31989791b35031f949ba1a8e07cb1092","sha1":"16ad1678a5d9da0c6c0494d32a6b793336fddf39","sha256":"b1f7233def52849aa8afff9fa8d65bdf7f3d9559a4c67cae8b6b65d1d497561d","sha512":"36eb7dd9ec79c78effbe9d8e84d6c8c9b06bf02843651e37ce8e842d32d5776dd52057ed33af0a3451c434a4a4b9f6cecf114ef24d3e32620a91e77dce594f26","ssdeep":"","tlshash":"e6514ccc79405c7bd75955f38f8962ba32da68cb1074cc0b80534cd7862ec64423ebb4","first_seen":"2026-05-14T18:43:24.76698Z","last_seen":"2026-05-14T18:46:17.504634Z","times_seen":2,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/styles.3ec2a20c30c77d74.css?v=2.3.8","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:46.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /styles.3ec2a20c30c77d74.css?v=2.3.8 HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:46 GMT\r\nContent-Type: text/css\r\nContent-Length: 387029\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-5e7d5\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":387029,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65309)","md5":"dc519e7a5e9b0d1a1694e048d2d226a1","sha1":"97f386f57ad0d0567b4241e8e87d36315b465e10","sha256":"7e50a0a3fc5f9775ba15794ef639f5abb83e672afd383cace9f9b1e4bf23701e","sha512":"1e833f05076687bd657904d442c4d5fe2623e7bd7327ea4a4d0d3be853ed84144a41d4dba67e35d6abf184b4d773fcea3e9b68f9aefe74804545b7b9f54d731c","ssdeep":"6144:V11tMa3SYiHENM6HN26njkUoqHKJE8A3phEuqWXkJzAf9w3pHxNKn2lgZ:XjkUoqHKJE8A3phEuqWXkJzAf9w3pHxy","tlshash":"8384e9d1f101212df2a7c17950c0fa596d5fa282e6520ffbf05b3a7886cd9ca126bf19","first_seen":"2026-02-11T09:30:36.532555Z","last_seen":"2026-05-18T14:02:28.109833Z","times_seen":48,"resource_available":false,"data":null}},"time_used":547,"timings":{"blocked":81,"dns":1,"connect":32,"send":0,"wait":203,"receive":173,"ssl":55},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/388.c5961fcbb3e7466e.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /388.c5961fcbb3e7466e.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:48 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18109\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-46bd\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18109,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18109), with no line terminators","md5":"aa304448138bfb837d5c31c64f73d8b2","sha1":"0af73e9085d07636bc8d23859a02e00f3fa4227d","sha256":"de804b8cf58dc814514db13d73c679ba0b525200865bfba8136b5c4b724c1b71","sha512":"873643e7106d381ef30d7f20311a5bc1ca8ebc32218efd87c715f142dbe75c479f1a70079553c5cda6f0ce301e02c20d0ee4f8e79e807ecd28c92b4dfcec777f","ssdeep":"384:uTVNZSYxhM9B+UZqYLVyeFFPS+7qZGElIM9BybawYmlXU2PJ:cVXnmF3VmZGElIM9BybbYmlXU2PJ","tlshash":"7382b7ae3369b93a46dd4995e076860bf71b2c48900b006cb67c9cdf196cc44b2b6f7d","first_seen":"2025-10-10T21:54:22.814435Z","last_seen":"2026-05-18T14:02:28.108697Z","times_seen":67,"resource_available":true,"data":null}},"time_used":409,"timings":{"blocked":205,"dns":0,"connect":0,"send":0,"wait":203,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcCo3FwrK3iLTcviYwYZ8UA3.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:46.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"99:99:69:B2:FC:B4:4F:EA:18:FB:04:4C:0F:8D:3E:40:61:B5:31:00","sha256":"55:6F:9F:9F:5C:FF:31:03:79:C7:88:2B:89:0C:1A:2F:DE:0B:7B:1A:91:6E:BD:C8:7D:60:EF:5A:D9:C7:51:26"}}},"request":{"raw":"GET /s/inter/v20/UcCo3FwrK3iLTcviYwYZ8UA3.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://webtrader.rilvo.tech\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 73016\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 12 May 2026 18:42:13 GMT\r\nexpires: Wed, 12 May 2027 18:42:13 GMT\r\ncache-control: public, max-age=31536000\r\nage: 172833\r\nlast-modified: Tue, 09 Sep 2025 18:42:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":73016,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 73016, version 1.0","md5":"e990806dbc9b31e48655f37651732c80","sha1":"54e77318d2bf0a4f449782986345f4fca55c22a2","sha256":"dd8a4575be9806105ac3decd02805cd2782fe7c05abb02c582316bc436ce03ae","sha512":"d8af9c56b0b4baaa791ac9e293f73925ada707b1dfd171a0f6f41ce838e44dbf8f91b560f2c1f1ef5fcb6f7ab7d60a9a02f7a357fb6a1e554e9648135c56170d","ssdeep":"1536:o+w6J6OKIaGHrkvPegUsHuVeSSFt4FN7mgkdoPvwdDjmbdkbZp:JwPOKIVQXlYZhDPvwVjmaH","tlshash":"1a63122068c07586f4aa437b8f370b89f013fa47a963c83753c988e6936242d22edd35","first_seen":"2025-06-23T04:26:53.679576Z","last_seen":"2026-05-22T15:33:51.311051Z","times_seen":736,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":83,"dns":1,"connect":21,"send":0,"wait":23,"receive":41,"ssl":63},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/6801.4c1cc07c3bdffe5e.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /6801.4c1cc07c3bdffe5e.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:47 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 57228\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-df8c\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57228,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (57228), with no line terminators","md5":"2f4b51cbada9ce17c28b5bbbd2856c5b","sha1":"118a45b66c0a6388613d431fa0a08f3570d6e67f","sha256":"399e8b65e2c7052cdb29f8042f9c67bd0f13148313195303706230e69f16366b","sha512":"ef2bac17036cc7fec4eef6b3a070a1947b6c9f9df006dcdfc7260d46f8355820953242f7bc560fb417c5cdce18f3fc3bfd0d3866cc31bdf92c0896293ee3bec9","ssdeep":"1536:4tmdti67G2LpXJQcz/r3buDf5dEmGVoc6ZP:16rZP","tlshash":"cb43ca579581a4f713e629f0ab6fa50263944d85ad098180f39ccca77bfc58c63a3e7c","first_seen":"2026-02-11T09:30:36.558532Z","last_seen":"2026-05-18T14:02:28.11764Z","times_seen":45,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/8499.e99a4fcc6012c716.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /8499.e99a4fcc6012c716.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:47 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 375998\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-5bcbe\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":375998,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"243d90bdd7c884480c2885e91dfe3653","sha1":"69d2065c6b615d608d8a9b88835f368b3540d288","sha256":"cf86cd3892e401f04918285cca00d176011680f1d65d9fb33dcf0b1a51721a84","sha512":"e8057b4d65cd12a3a0433c8c829439b29da8b9d0f104e2ddc72514be6cb4917a8f72e18b60b5f10c4fdc72afefd21bf9666c8e1a3edfc669fcfd4db212eddb95","ssdeep":"6144:KVCCgdFUuEKBpzH+ehV6Q6tffhdx+y6pfttisdjuxT8Qc76HTEtva7nMUFAz/FzQ:zEK7zeehV6Q6Nfhr+y6pfD+MUFAz/FzQ","tlshash":"45843cd63211206603eb50e9547a0247f32b1899a50a44bc77bc8cee6f6dd4c72beb7d","first_seen":"2026-02-11T09:30:36.525663Z","last_seen":"2026-05-18T14:02:28.102627Z","times_seen":48,"resource_available":true,"data":null}},"time_used":486,"timings":{"blocked":62,"dns":1,"connect":30,"send":0,"wait":191,"receive":156,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/3654.68719923a6e705c3.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /3654.68719923a6e705c3.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:48 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 374923\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-5b88b\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":374923,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"ce924dc21c56a1ad3292f67fece39840","sha1":"1a805e2e29c9b07c51aff92f50613c1536423bdb","sha256":"277bfbb3c93ad65f04378c80652381aafabbf6d64a5055e60ec4f451c62a4563","sha512":"573e21db7726ed2e5c9fc353302478b217c46f89f4e0d0bc04f5aa9e64383479d2301b762cf6dce7e08f3b4b8ef01ea68bec22809899d9a306f3e7a2d26fefdb","ssdeep":"6144:NyA9lluWirEiM3z0zAQL48XdFoFkPAptBR2bmtOgXgTj4YDuEIJ9ade9Z+uYMkAq:j9lluWeEiM3z0zAQL48XdFoFkPAptBRk","tlshash":"6884ca22f3802017415e6243b023174297271aa66d85cdadbe7cade67e69c4d33feb74","first_seen":"2026-02-11T09:30:36.526635Z","last_seen":"2026-05-18T14:02:28.103185Z","times_seen":45,"resource_available":true,"data":null}},"time_used":519,"timings":{"blocked":174,"dns":0,"connect":0,"send":0,"wait":202,"receive":143,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-14T18:42:45.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:45 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: W/\"69a95dd9-2d62\"\r\nCache-Control: no-cache, no-store, must-revalidate\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11618,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (4298)","md5":"69737f2ee5ecfbca8d466a4facc28c62","sha1":"428a5da3149e4050495c5e476934a06fbc7e1687","sha256":"89f0fb6225543227743e48f78fa0db4c2ee4b500b30910b6e1d3742e857e1db6","sha512":"dec13c5b67514272df12af481f3b36577e39353c99fbc06d8e3cb0cc8507f19e78e2c6162b01e7d68ac53c1d1413650288aaf7c76a0daee6198b18f5341c6f93","ssdeep":"192:xdnHaqjJmXoZSvaTsS3wNE3rC8bZpiLi1I1PrPGIifmhqnYO:x0StbOrPJiXYO","tlshash":"1a328112056fc009621389e725cfb6223d5a9053919a9569befc8e99dfcfc7703b3368","first_seen":"2026-02-11T09:30:36.521618Z","last_seen":"2026-05-18T14:02:28.106216Z","times_seen":48,"resource_available":true,"data":null}},"time_used":564,"timings":{"blocked":206,"dns":53,"connect":30,"send":0,"wait":152,"receive":0,"ssl":121},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/favicon.ico","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:46.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:47 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 166666\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-28b0a\"\r\nCache-Control: no-cache, no-store, must-revalidate\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":166666,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 9 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"44f3ad02622fe3b7ebd9b5dd96b9516d","sha1":"0a07cbb7cb8d22858eb9e5c0f4c32c4d218a186c","sha256":"a60ad19bba5f6f8e082bda3fbb831a4c31835b0ec884219b51d860e65a944e0f","sha512":"f59388b67c811cf19baa0762e761d91c12b23de91a76685bad29e896506127599f020b682bde8d4d909068145e7af5dfca3d9168eea641d344dac899cca32f5e","ssdeep":"768:NqcxFEVVU51GgdnP5+nHp9X9Tzu0GP5NwVm3g9:Nqe2U5br+nJF9TzxGhkmw9","tlshash":"10f38743b553db34fa05177ddbc094fa207a9ef44b6210df39483e8e15b6ee2c6286a4","first_seen":"2026-05-14T18:43:24.772394Z","last_seen":"2026-05-14T18:46:17.487122Z","times_seen":2,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":198,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/brs/api/getProject/b6f6b161-3b7a-48e1-9675-3877f1ce7c84","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /brs/api/getProject/b6f6b161-3b7a-48e1-9675-3877f1ce7c84 HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nCache-Control: no-cache\r\nAuthorization: Bearer undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:47 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12606,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a832b69a18a37c37d6e5e0a0e6d3b303","sha1":"dedc7010690d5667cffb3d0998ef1921f283f88d","sha256":"29277dde333b5e246a3316fe252d9a441e2ec7d46da5330c8c081c6299fc14fe","sha512":"524deec406cd58816f1733441ba2941bc35e756de3df4e40ae67b67d96ffe353e944ef4db2112bbe9f1d2a54f57ac131ebde61345b22e1ea4d9f87495baa232e","ssdeep":"192:jzEj8fA8WjT3g3rDFSeLZz5VFjo5f8/23xjSalNwvbxdFcpBI96svTOFK04NwBUX:jauATeL5Fj/M2oNXnI9x0Z4NpB","tlshash":"1142d60674442abfca537ea33ca76a25702aa4ddf0f49cc9a184cdc86d19dc45133aba","first_seen":"2026-05-14T18:43:24.774331Z","last_seen":"2026-05-14T18:46:17.492967Z","times_seen":2,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":161,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/2347.f29693ee0d302577.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /2347.f29693ee0d302577.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:47 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 65315\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-ff23\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65315,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65315), with no line terminators","md5":"ba2c13eac0e88b57bb39352cdf76f165","sha1":"e0adab179abb8a6ad59cc557a043e182361a10b9","sha256":"772eb109840fb67a06dcfe14c5661bc3d46556cdd0f4206ab9555fbea3739878","sha512":"fa9ecf9a88e03dea10e6433a65e6fd262c82d36df03575f98cbf9cb06e46d8076898dbb710fb7782c50f29552ba417ea253f207d1d6005daa0652ca4a78e473d","ssdeep":"1536:FDyrK2JFXbMLJYHF1kuMll529CAKEjcmpV5rmO0z8QDP:MVFXMIF85O8BXz8k","tlshash":"b453ea49325371214eed4c9ddcf5098ab2254f38a50101edb27e9eed3aedd09b23673a","first_seen":"2025-11-12T03:41:30.814006Z","last_seen":"2026-05-18T14:02:28.10816Z","times_seen":49,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/assets/images/loader.svg","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:45.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /assets/images/loader.svg HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:46 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 76823\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:30 GMT\r\nETag: \"69a95dda-12c17\"\r\nCache-Control: public, max-age=86400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76823,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9ee6f2aedb04bbf5897c87dda1d3376b","sha1":"481e817c8bd9ee62c7c32ad66ae872685a087a38","sha256":"932323112c20fb8ab05cbf2bbfd47e626d0d1d84cb8c17089d2379b4735b32b9","sha512":"0156d42fa216ac46205d7f5fcc07b7214f6bc1ff5db0a724a0852d8fc5346e29c5efb01d70e2dd743dcc85bf0b418d59965b679b924b26d99d97a3a57d03a235","ssdeep":"384:PqAO2u/7NU4YNBAXWKAjYBsBQ6LVU37a6aWr83UEAov5gzqLzNP73zQjGr85aNh5:YuS+R4v/Y4RDLV3RxFvUEOdVpRWV8","tlshash":"af731ae54b7b0c5598cfe0d07fe63b540913be5a8909d0ab9bb91c26f110b52983edce","first_seen":"2025-10-10T21:54:22.811266Z","last_seen":"2026-05-18T14:02:28.106707Z","times_seen":71,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/settings/config.json","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:46.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /settings/config.json HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nCache-Control: no-cache\r\nAuthorization: Bearer undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:46 GMT\r\nContent-Type: application/json\r\nContent-Length: 258\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:31 GMT\r\nETag: \"69a95ddb-102\"\r\nCache-Control: no-cache, no-store, must-revalidate\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":258,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8e193c507deccaedd73842f3ffbcb673","sha1":"665a4080a5d45e6c404e7ae086028d7f44609473","sha256":"99fff54b61075a3e48e1565b126c3cad5b2b8c9b2f953eebf196b263431c3500","sha512":"dcaf165df8fe7c2ca9d0e52ac90f38ae37d3d6f1571dadd3499fd685fbb33c61e70026a6f0dd12940305e83965c40e8f18daa00adab6be60a3603f950f859df3","ssdeep":"","tlshash":"e1d05e90f83845b761d562f5002ad101a5367c6b0188b62cb393a21d971f66a2cb25e8","first_seen":"2026-05-14T18:43:24.760406Z","last_seen":"2026-05-14T18:46:17.50761Z","times_seen":2,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrader.rilvo.tech/2381.6bdb8222c04f4f70.js","fqdn":"webtrader.rilvo.tech","domain":"rilvo.tech","tld":"tech"},"ip":{"addr":"193.149.185.33","port":443,"asn":399629,"as":"BLNWX","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webtrader.rilvo.tech/","date":"2026-05-14T18:42:47.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rilvo.tech","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Wed, 20 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"E9:B7:23:07:11:B4:01:A7:0F:50:11:C0:B8:A3:EB:94:EA:9D:FD:45","sha256":"85:13:FC:40:9E:8A:A2:1F:22:F7:0B:2B:D5:7A:88:B4:3F:C0:28:76:FC:4C:84:C5:6D:0B:25:CE:5D:CE:93:35"}}},"request":{"raw":"GET /2381.6bdb8222c04f4f70.js HTTP/1.1\r\nHost: webtrader.rilvo.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webtrader.rilvo.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Thu, 14 May 2026 18:42:47 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 24055\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 10:41:29 GMT\r\nETag: \"69a95dd9-5df7\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24055,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (24055), with no line terminators","md5":"5ef377f3cbd81741952dc19c0d9f67bb","sha1":"ddd543ba8e9e50e0053dbb133523b313f054da3c","sha256":"ee506791ee0287f785769370c45ed79c90f94d3a670523d7645a0b877006b1b8","sha512":"e36567da16a2e348da680b86e3cb7f05569a2404c54508ef34bae9c166f4e73eb53d5533bfde0772bf3175e6ff044f0d1d615f5b81c88170b22e74b20cfb85b9","ssdeep":"384:ucymEE+RDYWZtY7QUNktDgWMHvTZ8wQ36wI+iuFkhfTQmSreXQ1ZyDghfD9OL3wn:uc6E+RDYWDtD9Mrm6wI+iuFkhfTQmSai","tlshash":"c5b2c6587341747243ca905b907b4607b3394044b187b038f56dccef2ebadeea2a7a79","first_seen":"2025-10-10T21:54:22.816981Z","last_seen":"2026-05-18T14:02:28.105696Z","times_seen":71,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"webtrader.rilvo.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}