{"report_id":"d6515864-16e1-4fc0-8c9f-444401f06986","version":6,"status":"done","tags":[],"date":"2026-02-28T16:17:30Z","url":{"schema":"https","addr":"rthrthrthdad.info/","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":0,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"final":{"url":{"schema":"https","addr":"rthrthrthdad.info/","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"title":"Bravo Main","dom":{"size":42306,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (40053)","md5":"4e348f661c7ce77cc6d08a3e18d51b29","sha1":"64eb18774cbd00fe34539f73cf7f1f9ab513d838","sha256":"a1cf9f8b90b720907dddd49b0312256d459856fdd2a8d27c1a567c55bc240eaf","sha512":"9a14f542315c00e31844ca790735bf78c000d8f04884d132640eb197f836d77e849e0b36e97ca5fdf6e5a9e1ee54ba910dbae773450be8fdd6dd9ee699428aef","ssdeep":"384:Mj2FNLKViaOptEj/OSDxzu3zzDO9vzue6yvk6cFzXM9M1MmMfMckUSvvLdveg+vU:/j0xczOvSs2XM9M1MmMfMcZglyu","tlshash":"4f1374993310666db0278bc5e2313a7620a7f3cbc74fd6c8586c2165afc39b97c725a4","dom_hash":"domhashac0e8160b4e07f175ffc33a1d5969b08","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"rthrthrthdad.info/","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":0,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-04T16:17:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"telegram.org","ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":499,"first_seen":"2013-12-18T13:14:30Z","last_seen":"2026-02-25T12:43:06.823364Z","alert_count":0,"request_count":1,"received_data":114323,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"rthrthrthdad.info","ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-28T16:17:31.333167Z","last_seen":"2026-02-28T16:17:31.333167Z","alert_count":13,"request_count":13,"received_data":3695906,"sent_data":7443,"comment":"","tags":null,"fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rthrthrthdad.info/assets/index-BMNde1Ag.js","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"90a7e51b9f5478d7fa2ad10ed344cfa9","sha1":"01086da47737a9e3dfc5790fdb6043be5fb9e665","sha256":"bbcce9d6bbdce6ba35dc3022500f0d084bcd49c55cfeed13adcf3b340b2761b2","sha512":"7d83e31a4e9b72975db633e17adae6fbd7aa2fa284cff31ff44a9008a5a55fd5f0bc91499714e2ed0fdb7144310b633bf48a8299783c9ca02f73fd7eecb879fb","ssdeep":"6144:LJBzpZ/rfoxZelIhIZKYvRRvDg8zmC8JIHmELcQ+Y1S:NBzpZkmlqIZKYvRRvDg8zmJIH3+2S","tlshash":"7d944c98325670ad93f339f4586a1401b13d1fb9f50ec4d4b1fc6caa3aa3c5486a7f68","size":415712,"data":"","first_seen":"2026-02-28T16:17:40.604393Z","last_seen":"2026-02-28T19:43:22.153291Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/telegram-web-app.js","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"70dbd7ade763706614c7ee99973dcc9c","sha1":"0b980ef4fe3e17d253fc2cdb672f1208736b733f","sha256":"b47f6cb105860d35b4ae512c22696a33157a365f4c885a33488f22ea8a3b6a03","sha512":"03c1f60831856975b61bea126ead239f116235fb0422178425d6b8c86553a3548d487c919f0f3f81e14de201680f63b7be24106589faffd8f3c56b28c2d19b45","ssdeep":"1536:pO5TpRdo54F0WN2Zbjcn9cF9KTfVjLo03ueLE+wFFz1NIVIB/MGYV76/xHK8ITrm:s5TpRdccKFU76x1H","tlshash":"6eb32e4d6cb3612285b3b1bf8b5f924172759883301def20794d9b646f80e7c53eaad8","size":113990,"data":"","first_seen":"2025-07-29T21:33:08.487755Z","last_seen":"2026-05-12T02:27:32.127067Z","times_seen":3808,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"rthrthrthdad.info/assets/smart-BLBCdqDn.png","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:09.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET /assets/smart-BLBCdqDn.png HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/\r\nCookie: __ddg8_=VAYull80cZqQ2fdB; __ddg10_=1772295429; __ddg9_=91.90.42.154; __ddg1_=U2znE0xupr5HTPWijePB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=AY91LpSOngLwe8Wp; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg10_=1772295429; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\r\ndate: Sat, 28 Feb 2026 09:13:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 186994\r\nlast-modified: Sun, 22 Feb 2026 09:13:58 GMT\r\naccept-ranges: bytes\r\nddg-cache-status: HIT,HIT\r\netag: \"699ac8d6-2da72\"\r\nage: 25398\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":186994,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"6d2886b16a50495f04cd42f08ba121ff","sha1":"5529bd5ed95cda115a033ca2edeaf5782759f0a2","sha256":"c9caff34bbc25feb7eeb7cd355962a90a567178493da49cc5ed5e904ed61b92f","sha512":"80b0aa56b577f6b7c71ea6b7d4fe5ce8f7f7f5c7e628d44b1d2cc7fff595a8e4bc61266c7ecc4b52fd279b26f5f614b8f113ceb277d8a8fcb3cf3ae162ab7a22","ssdeep":"3072:/VvPVFJXfswj855IdfbFPHbw0dg5+YDb0/3HyTOhDpnHzI5E59lC54YHH:/VvPVfXfPjb/Hbw0dg5j0/HyyxpTI5EU","tlshash":"a20423c8c4a7dbe1dfd08ef77b279361c2414314be4a58c89598019af35705aca7ebb2","first_seen":"2026-02-12T23:46:26.884407Z","last_seen":"2026-02-28T19:43:22.150861Z","times_seen":4,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rthrthrthdad.info/assets/Poppins-Regular-BaFCsOL4.woff2","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:09.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET /assets/Poppins-Regular-BaFCsOL4.woff2 HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/assets/index-D0HcX8zl.css\r\nCookie: __ddg8_=AY91LpSOngLwe8Wp; __ddg10_=1772295429; __ddg9_=91.90.42.154; __ddg1_=U2znE0xupr5HTPWijePB\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=24AV8x2WiZnWXNWg; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg10_=1772295429; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\r\ndate: Sat, 28 Feb 2026 07:38:26 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 52516\r\nlast-modified: Sun, 22 Feb 2026 09:13:57 GMT\r\naccept-ranges: bytes\r\nddg-cache-status: HIT,HIT\r\nvary: Accept-Encoding\r\netag: \"699ac8d5-cd24\"\r\nage: 31123\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":52516,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 52516, version 1.0","md5":"c33d1fdbaa2ff4ad0adaa6325da68f83","sha1":"7aff983dc522cb1ce2121ebd8b2ae513497d70ce","sha256":"8b6930f117f51d540e81459204323d8111b3ee02e9c0e3dac595d9d6b6780547","sha512":"1904839c4ee886d0bf98303d759e35d838ddd1d95d8a25192d35a5b96eb8459aa110b1cae4eb29d21094178c02861f7e7522d9070ed52f543825dc70e1b98dc3","ssdeep":"1536:Bm9503ZDm1GjMxsp9KQg1K5ZivqrXnhiLbq1V:BmM3lm1uHKQg184vqrxUm1V","tlshash":"8e33025392ab2010d288b7ff01f1b9c7cb09bd4aa86ec5ae918961594e32d131f0bd6d","first_seen":"2024-09-19T22:29:04.86802Z","last_seen":"2026-06-08T19:06:55.46548Z","times_seen":869,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rthrthrthdad.info/assets/Poppins-ExtraBold-DQUrO0Zp.woff2","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:09.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET /assets/Poppins-ExtraBold-DQUrO0Zp.woff2 HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/assets/index-D0HcX8zl.css\r\nCookie: __ddg8_=23ozaDD4qlZUhjfF; __ddg10_=1772295429; __ddg9_=91.90.42.154; __ddg1_=U2znE0xupr5HTPWijePB\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=tC8VbbNclr0xWpCo; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg10_=1772295429; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\r\ndate: Sat, 28 Feb 2026 16:17:09 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 51852\r\nlast-modified: Sun, 22 Feb 2026 09:13:57 GMT\r\netag: \"699ac8d5-ca8c\"\r\naccept-ranges: bytes\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":51852,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 51852, version 1.0","md5":"074a29ef3487239ba8de6fee8e166446","sha1":"908d12639ffd702683b487d953f0ac76993e6810","sha256":"080c3ac8109e8ce6cfc83cc38acc485bf45341fdfe5b9516d0253fca5a7c0739","sha512":"92742cd48da058fc75b244a17545f93324f1e28dadb22577f01c6b9f0038fff661652cbd239f4b9673de4e8b5f22c7240e5378d9b1c8de801344bf9de6c1b5cb","ssdeep":"1536:OqfP/1mgYED8D+6T+/cTxhElWT0qVJhsZcwz:OYzDDh6CUTbElfEJhsuwz","tlshash":"1433f12b6dec801b7e85e1be3f01a880a177091b3fd3447d2e18d65d5a3aef655c4a90","first_seen":"2024-09-19T22:29:04.835122Z","last_seen":"2026-06-08T03:52:39.342876Z","times_seen":459,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":78,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rthrthrthdad.info/favicon.ico","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:10.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/\r\nCookie: __ddg8_=tC8VbbNclr0xWpCo; __ddg10_=1772295429; __ddg9_=91.90.42.154; __ddg1_=U2znE0xupr5HTPWijePB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=KDJVMDYEfZc3Pwwa; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:10 GMT\n__ddg10_=1772295430; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:10 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:10 GMT\r\ndate: Sat, 28 Feb 2026 11:58:43 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 22 Feb 2026 09:13:51 GMT\r\naccept-ranges: bytes\r\nddg-cache-status: HIT,HIT\r\netag: W/\"699ac8cf-1fb\"\r\nage: 15507\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":507,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"665d1062665aa3d004a3d5cc3571a6dc","sha1":"783f15566dee8ebe5f7bd3dd460b409ab6d00cb3","sha256":"a2b6b47251c215cdb5b3b6985a58896d53fcebdc5cd29994fedb3d2a87c16ad4","sha512":"e90acfc86f458a55182f8c80cf4f4912634441afd0fd86f226b6b6644ff62357efadba7950de5e5775f198d71ea87a4b0043910fd78cb0177646c19743922f91","ssdeep":"","tlshash":"56f0054a5d0084264330835d1cc1f8489087fb05b689894094e6e07ddc95b8d8ddb87c","first_seen":"2026-02-28T16:17:40.601606Z","last_seen":"2026-02-28T19:43:22.152624Z","times_seen":2,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rthrthrthdad.info/","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-28T16:17:08.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=5PaItspnqCfRCe0e; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:08 GMT\n__ddg10_=1772295428; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:08 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:08 GMT\n__ddg1_=U2znE0xupr5HTPWijePB; Domain=.rthrthrthdad.info; HttpOnly; Path=/; Expires=Sun, 28-Feb-2027 16:17:08 GMT\r\ndate: Sat, 28 Feb 2026 16:17:09 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 22 Feb 2026 09:13:51 GMT\r\netag: W/\"699ac8cf-1fb\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":507,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"665d1062665aa3d004a3d5cc3571a6dc","sha1":"783f15566dee8ebe5f7bd3dd460b409ab6d00cb3","sha256":"a2b6b47251c215cdb5b3b6985a58896d53fcebdc5cd29994fedb3d2a87c16ad4","sha512":"e90acfc86f458a55182f8c80cf4f4912634441afd0fd86f226b6b6644ff62357efadba7950de5e5775f198d71ea87a4b0043910fd78cb0177646c19743922f91","ssdeep":"","tlshash":"56f0054a5d0084264330835d1cc1f8489087fb05b689894094e6e07ddc95b8d8ddb87c","first_seen":"2026-02-28T16:17:40.601606Z","last_seen":"2026-02-28T19:43:22.152624Z","times_seen":2,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":152,"dns":107,"connect":21,"send":0,"wait":164,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rthrthrthdad.info/assets/index-BMNde1Ag.js","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:09.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET /assets/index-BMNde1Ag.js HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/\r\nCookie: __ddg8_=5PaItspnqCfRCe0e; __ddg10_=1772295428; __ddg9_=91.90.42.154; __ddg1_=U2znE0xupr5HTPWijePB\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=MCWkMgvgfapFbV1x; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg10_=1772295429; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\r\ndate: Sat, 28 Feb 2026 16:17:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 22 Feb 2026 09:13:57 GMT\r\netag: W/\"699ac8d5-657e0\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":415712,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"90a7e51b9f5478d7fa2ad10ed344cfa9","sha1":"01086da47737a9e3dfc5790fdb6043be5fb9e665","sha256":"bbcce9d6bbdce6ba35dc3022500f0d084bcd49c55cfeed13adcf3b340b2761b2","sha512":"7d83e31a4e9b72975db633e17adae6fbd7aa2fa284cff31ff44a9008a5a55fd5f0bc91499714e2ed0fdb7144310b633bf48a8299783c9ca02f73fd7eecb879fb","ssdeep":"6144:LJBzpZ/rfoxZelIhIZKYvRRvDg8zmC8JIHmELcQ+Y1S:NBzpZkmlqIZKYvRRvDg8zmJIH3+2S","tlshash":"7d944c98325670ad93f339f4586a1401b13d1fb9f50ec4d4b1fc6caa3aa3c5486a7f68","first_seen":"2026-02-28T16:17:40.604393Z","last_seen":"2026-02-28T19:43:22.153291Z","times_seen":2,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/telegram-web-app.js","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:09.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Mon, 11 Aug 2025 13:36:48 GMT","end":"Sat, 12 Sep 2026 13:36:48 GMT"},"fingerprint":{"sha1":"85:08:98:2F:A3:60:90:21:E8:78:21:C8:A4:96:E1:A2:E6:9D:2C:64","sha256":"49:35:FF:BC:17:D1:E9:B3:15:37:E4:67:C2:3A:A0:69:6C:37:DC:52:3F:7C:02:D6:30:C4:6E:45:7C:CA:F0:D2"}}},"request":{"raw":"GET /js/telegram-web-app.js HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 28 Feb 2026 16:17:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 29 Jul 2025 14:26:51 GMT\r\netag: W/\"6888da2b-1bd46\"\r\nexpires: Wed, 04 Mar 2026 16:17:09 GMT\r\ncache-control: max-age=345600\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":113990,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (768)","md5":"70dbd7ade763706614c7ee99973dcc9c","sha1":"0b980ef4fe3e17d253fc2cdb672f1208736b733f","sha256":"b47f6cb105860d35b4ae512c22696a33157a365f4c885a33488f22ea8a3b6a03","sha512":"03c1f60831856975b61bea126ead239f116235fb0422178425d6b8c86553a3548d487c919f0f3f81e14de201680f63b7be24106589faffd8f3c56b28c2d19b45","ssdeep":"1536:pO5TpRdo54F0WN2Zbjcn9cF9KTfVjLo03ueLE+wFFz1NIVIB/MGYV76/xHK8ITrm:s5TpRdccKFU76x1H","tlshash":"6eb32e4d6cb3612285b3b1bf8b5f924172759883301def20794d9b646f80e7c53eaad8","first_seen":"2025-07-29T21:33:08.487755Z","last_seen":"2026-05-12T02:27:32.127067Z","times_seen":3808,"resource_available":true,"data":null}},"time_used":410,"timings":{"blocked":190,"dns":30,"connect":23,"send":0,"wait":25,"receive":0,"ssl":137},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rthrthrthdad.info/assets/01-8miA9wtC.gif","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:09.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET /assets/01-8miA9wtC.gif HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/\r\nCookie: __ddg8_=DRTNkoisKdsKbZ8M; __ddg10_=1772295429; __ddg9_=91.90.42.154; __ddg1_=U2znE0xupr5HTPWijePB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=VAYull80cZqQ2fdB; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg10_=1772295429; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\r\ndate: Sat, 28 Feb 2026 04:35:14 GMT\r\ncontent-type: image/gif\r\ncontent-length: 2201559\r\nlast-modified: Sun, 22 Feb 2026 09:13:53 GMT\r\netag: \"699ac8d1-2197d7\"\r\naccept-ranges: bytes\r\nage: 42115\r\nddg-cache-status: MISS,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":2201559,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1280 x 1280","md5":"6954a4272e3de0ff7cd67ecaff7e0d77","sha1":"b9367f9324b4f03658bd2cb1eb591850867fff18","sha256":"369e2002cd255af642df28b3e473d45ac3a4fb26933596125640fb28ae4b78c5","sha512":"1faf3ce2b2622591c61b77a0d0587f9323cb7de5b3e129941d6104119beb87d39a2fef659df70f66931d01990d39b0804bfa18f656c6d6e4dcf03a85bcc32436","ssdeep":"24576:4vNQ4LStAirAq4XnckHU8uMGppMPgZZtpYGe:MNQ4wAirAq4lGnMIP3i","tlshash":"272533470c2dc8f2d2a90df80cb652592cef7de56c18d8327398afae1d664ec7860d64","first_seen":"2026-02-12T23:46:26.86073Z","last_seen":"2026-02-28T19:43:22.154822Z","times_seen":4,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":201,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rthrthrthdad.info/assets/gho-Qzd5JJ6y.png","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:09.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET /assets/gho-Qzd5JJ6y.png HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/\r\nCookie: __ddg8_=DRTNkoisKdsKbZ8M; __ddg10_=1772295429; __ddg9_=91.90.42.154; __ddg1_=U2znE0xupr5HTPWijePB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=3U9v5fclXKByd2NY; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg10_=1772295429; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\r\ndate: Sat, 28 Feb 2026 04:09:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 315512\r\nlast-modified: Sun, 22 Feb 2026 09:13:56 GMT\r\naccept-ranges: bytes\r\nddg-cache-status: HIT,HIT\r\netag: \"699ac8d4-4d078\"\r\nage: 43631\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":315512,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"b7ac361ab463dd69fec5ea640e15ec9e","sha1":"7cae10f4c42c98b80e64b2d77768ffe23182842a","sha256":"f0ac4d596a7d969cd26c256da7135671028c08695fdafc443ff840b847273500","sha512":"c8105b2445d94d4f1d7f4c7eaedfde289c4eae473b4150ff156be713edef3d9fe3f2683261bece48da24f07a3647f24aa54573a20ead8660abb6af7fd7541b17","ssdeep":"6144:382NX1U/bpSVvlHJBifBs4yJoJpWfBmfGMDCkvw//yIau2YP3:382ugLJAUJoNbDCopIaVo","tlshash":"7e6423afff4d819087a8ac79089a1e1099097537fa3a321db457d174af6e0b726d13b0","first_seen":"2026-02-12T23:46:26.881852Z","last_seen":"2026-02-28T19:43:22.155731Z","times_seen":4,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rthrthrthdad.info/assets/power-IMHfvxoW.png","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:09.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET /assets/power-IMHfvxoW.png HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/\r\nCookie: __ddg8_=DRTNkoisKdsKbZ8M; __ddg10_=1772295429; __ddg9_=91.90.42.154; __ddg1_=U2znE0xupr5HTPWijePB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=23ozaDD4qlZUhjfF; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg10_=1772295429; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\r\ndate: Sat, 28 Feb 2026 09:13:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 281257\r\nlast-modified: Sun, 22 Feb 2026 09:13:57 GMT\r\naccept-ranges: bytes\r\nddg-cache-status: HIT,HIT\r\netag: \"699ac8d5-44aa9\"\r\nage: 25398\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":281257,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"f3680db40fc418883df04ef7ab45b8ad","sha1":"ade933f62caf37985cd83fa594c3788e9fa396ee","sha256":"e766b3889c72377688ad2ffec9837089e71a2789d85f0b759a333b257fa1fc4d","sha512":"27ffdcee201ac203fef0c439d704e354431db15ddd3d32022805857b6844fc1ba58da2e193fd19acb46292b8203601e955548be7a08b6ccb982e9f0e195fa87b","ssdeep":"6144:fr7WXEBYu7QYQDfitL7pWfOgm+oGjtyNlly2r88nM2Q0UYsJ1FWpfia:fwECu8ZK7pdgma2C2q2EYi1cpKa","tlshash":"635423a661c887f0e57a904cfbd4b0402684fe61c3b276ca83ac7eb5890e44df556bf5","first_seen":"2026-02-12T23:46:26.883386Z","last_seen":"2026-02-28T19:43:22.15026Z","times_seen":4,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rthrthrthdad.info/assets/Poppins-SemiBold-CNA5QnUt.woff2","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:09.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET /assets/Poppins-SemiBold-CNA5QnUt.woff2 HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/assets/index-D0HcX8zl.css\r\nCookie: __ddg8_=AY91LpSOngLwe8Wp; __ddg10_=1772295429; __ddg9_=91.90.42.154; __ddg1_=U2znE0xupr5HTPWijePB\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=FJaBBclO276Bg1rl; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg10_=1772295429; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\r\ndate: Sat, 28 Feb 2026 16:17:09 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 52384\r\nlast-modified: Sun, 22 Feb 2026 09:13:57 GMT\r\netag: \"699ac8d5-cca0\"\r\naccept-ranges: bytes\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":52384,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 52384, version 1.0","md5":"b2079efb1aade1ae13de98a0dfed26f9","sha1":"51356c5a162501b4dc46a1d7f750c7139eaf9be8","sha256":"eba54248f2258cc394d5695bbde0e1717a9a9b10c99ebd89f75064a7662de6c5","sha512":"a6e9255e7fc312f0d3c963506e91e4a4f08103f740ba7de98ba7383e393583997bc613573cc4b7fc2782ad2aee20117dde0d2f045692d8b8dd48762d25d01ebd","ssdeep":"1536:Tr3DTEqMA2yBGzhBDbjeuV5X2rGwQCBOJR:TDXErA2lpXeSl2rGgBGR","tlshash":"123302ddcdb95d26d6d6891e607d1dfaf1f6b23491462ac40fed210e7ab278403f0125","first_seen":"2024-08-28T17:06:51Z","last_seen":"2026-06-08T18:11:58.542022Z","times_seen":650,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rthrthrthdad.info/assets/Poppins-Medium-DTH7hWNJ.woff2","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:09.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET /assets/Poppins-Medium-DTH7hWNJ.woff2 HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/assets/index-D0HcX8zl.css\r\nCookie: __ddg8_=AY91LpSOngLwe8Wp; __ddg10_=1772295429; __ddg9_=91.90.42.154; __ddg1_=U2znE0xupr5HTPWijePB\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=XtLm6qFK4JuZU02n; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg10_=1772295429; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\r\ndate: Sat, 28 Feb 2026 16:17:09 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 51748\r\nlast-modified: Sun, 22 Feb 2026 09:13:57 GMT\r\netag: \"699ac8d5-ca24\"\r\naccept-ranges: bytes\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":51748,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 51748, version 1.0","md5":"f2d67670f9ebb5996106265b689de4ef","sha1":"27173fbaba5261a0aa1aa32266a831f33614aefd","sha256":"7b34a8e96e8da704b88bffb6bfd85a9fc162d97f06a9d131924c3331d7390d5c","sha512":"a8293b86e5a7fb001ba66512c0ff12e935f94f7ce0410a95a4c46afe0ff1da54fac0629e0503552526238b03bb1d3eadb7a45b07ca4116a34d715237dd5d8a21","ssdeep":"1536:dytYI5TgoZwpdejpkC4EZFXkxbfOPAkXb7z/XI:dytYXHPej2HED+OokXHz/4","tlshash":"b933f2bc04f78122dd9fb9a49905e7319ceed6d405bff989e28594ebc8702025e3a41d","first_seen":"2024-09-19T22:29:04.903272Z","last_seen":"2026-06-08T19:06:55.464334Z","times_seen":364,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rthrthrthdad.info/assets/index-D0HcX8zl.css","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:09.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET /assets/index-D0HcX8zl.css HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/\r\nCookie: __ddg8_=5PaItspnqCfRCe0e; __ddg10_=1772295428; __ddg9_=91.90.42.154; __ddg1_=U2znE0xupr5HTPWijePB\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=r4OzZ0TytFo0a0Wo; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg10_=1772295429; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\r\ndate: Sat, 28 Feb 2026 16:17:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 22 Feb 2026 09:13:56 GMT\r\netag: W/\"699ac8d4-c45a\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":50266,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (50265)","md5":"1f2c23a752e203ca5e9617f134bca6ad","sha1":"d1b678e80dc0f4cac81b49a2d0e98a8009d30c3c","sha256":"b1cffb7e37ec7b2d819db82fb777faf74b49114f2b872c5e69c5006de7907718","sha512":"619536e2323ec4911bd6331f5a7c7b14ca9d0a9f4da0f77744eb7334dc7412cb4f4579401f5e03b0bda4b39c01c316d825b00e68ca258c7f5f99969b8571f9ba","ssdeep":"768:pxi378vt1WO46iZNOnFkssNpnu0Hj0Xjxgj0/IhpuV:pM7zHgtgj0/ipuV","tlshash":"82336460b269d83bfc23b0f9a79cf81ca119f1cade6557dcba42210257c37f61827a15","first_seen":"2026-02-28T16:17:40.614283Z","last_seen":"2026-02-28T19:43:22.154179Z","times_seen":2,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rthrthrthdad.info/assets/logo-bravo-CuGXsXOD.png","fqdn":"rthrthrthdad.info","domain":"rthrthrthdad.info","tld":"info"},"ip":{"addr":"186.2.175.27","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rthrthrthdad.info/","date":"2026-02-28T16:17:09.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rthrthrthdad.info","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Feb 2026 08:39:19 GMT","end":"Tue, 26 May 2026 08:39:18 GMT"},"fingerprint":{"sha1":"C1:EB:46:BC:0B:5F:7E:EA:82:6C:5F:FF:92:9C:11:B1:D1:E5:D1:05","sha256":"CC:C9:80:69:95:1C:46:B6:18:E2:03:D0:DD:ED:D5:41:AB:A2:89:B2:0B:7F:99:AA:54:EB:B7:60:7D:8F:38:82"}}},"request":{"raw":"GET /assets/logo-bravo-CuGXsXOD.png HTTP/1.1\r\nHost: rthrthrthdad.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rthrthrthdad.info/\r\nCookie: __ddg8_=MCWkMgvgfapFbV1x; __ddg10_=1772295429; __ddg9_=91.90.42.154; __ddg1_=U2znE0xupr5HTPWijePB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=DRTNkoisKdsKbZ8M; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg10_=1772295429; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\n__ddg9_=91.90.42.154; Domain=.rthrthrthdad.info; Path=/; Expires=Sat, 28-Feb-2026 16:37:09 GMT\r\ndate: Sat, 28 Feb 2026 08:42:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 27476\r\nlast-modified: Sun, 22 Feb 2026 09:13:57 GMT\r\naccept-ranges: bytes\r\nddg-cache-status: HIT,MISS\r\netag: \"699ac8d5-6b54\"\r\nage: 27250\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":27476,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1712 x 584, 8-bit/color RGBA, non-interlaced","md5":"4584171e8a006e3c6f2d51b68fa32967","sha1":"b243995c1ea501238fb65ee80bb2989c6f4db8b8","sha256":"d43338dee3d36c2b01de5be5c5f01d994cd07ff3f210b737025fce5935e635b0","sha512":"08cb3f589d4aa0498a945b00ebd99ad3aae1017d2d84e290938a1b2ed8bcc235ea6b9b738715a4f4d578dd3b3dec63f17281f5b00a1724712a2bf0365342a3cc","ssdeep":"768:X4WChiKGGpPah/wjmNfMtbzYhHjOClg6Djyj++L:aiKLp6Niz6DOClgzxL","tlshash":"4ec2cf3ffc8b8480d91c9032186acc9c7eb993b982461bdb6b11ed75dfc11a9d8540e6","first_seen":"2026-02-12T23:46:26.859457Z","last_seen":"2026-02-28T19:43:22.149616Z","times_seen":4,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"rthrthrthdad.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}