{"report_id":"04125a70-b979-4a4c-8d48-f8f4599beee8","version":6,"status":"done","tags":[],"date":"2026-03-19T16:51:14Z","url":{"schema":"https","addr":"prvr-rewards.xyz/","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.43.76","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"prvr-rewards.xyz/","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"title":"PRVX | Distribution","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"prvr-rewards.xyz/","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.43.76","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-23T16:51:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"prvr-rewards.xyz","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":20,"request_count":20,"received_data":5224956,"sent_data":9572,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-15T22:19:58.945817Z","alert_count":0,"request_count":1,"received_data":10794,"sent_data":475,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-15T22:16:12.279722Z","alert_count":0,"request_count":3,"received_data":148101,"sent_data":1668,"comment":"","tags":null,"fingerprints":null},{"fqdn":"presale.alexbeckertoken.cc","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-09-02","domain_rank":0,"first_seen":"2024-10-20T20:21:41.614725Z","last_seen":"2026-03-12T20:03:09.136309Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":462,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"prvr-rewards.xyz/123/jquery-3.6.0.js","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a750b5e10f34fe9be3d2b152dd12aa4","sha1":"4c7631e6cb74b97f42f146067ffc24c47b329763","sha256":"29223fdf1c42ac27b10aea5dcd02513f507a22a83ed8d03e5f6bb7f1c41daaaf","sha512":"0e003607f4ed747440d2d38b09a30a8fcb9d6dcc65f80ef56abf712674eb83592f45a4bc41d8a136350796a0b0f5cd972f9ca8b45516794644636f4385ec2ffe","ssdeep":"6144:9aaKxfbLY8Cv4okFFmwiFbP6s3JdB/HD0KUWrE4/Xp89ZwvY1Z5COsi2+pHeJwn1:FOiFbP/j70KUWrE4/589jjbvHeyb7PV3","tlshash":"f054b4d9734f116f4ba233aae43b5149ff7dd1b0520550acb58d997c24a081883bafbe","size":299461,"data":"","first_seen":"2023-03-07T12:22:54Z","last_seen":"2026-06-13T11:37:43.490051Z","times_seen":2078,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/chunk.47.2ghauuvt.js","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eba5611ba4b706a4c1365a8508e69a6b","sha1":"7a2f80031985324b767c45b339b355d2626b4969","sha256":"89dd870a32f56331493537a930be9ecc95233edd06ac7f0b63e8cb112bb48a70","sha512":"7e8ee792d304e324dcc72c2ebb949b177407f52bdf7e5ce7a65627d257a0e2e066b5775657b8633fcb1f95ac277565a8c124acf14858652a502ad2612f6eed4e","ssdeep":"1536:dmO9IPeLqG8cAxHnihJ4MqEWJVoNqf3yyWx+:dmO9IPAacKHiXf0oO39","tlshash":"d41461e5db87c0ac8d5910ded473f841e0685927ce6cf493aa6edec27519f22808b17b","size":208305,"data":"","first_seen":"2026-02-16T15:03:14.731838Z","last_seen":"2026-03-21T18:07:36.565724Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/830e8a07-1b84-43e8-8f6c-d1a2dbdbf204","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"7df73988252e4e56e97ba60a379b1adb","sha1":"71fcb419a05752a6816ec8cb8d6ff66f2b286575","sha256":"795b58fa3e79ac5f0fe3f40fd1a8780febc568757a02fb88cece17317ec0a0d3","sha512":"76bbb9908159d4a89749d84c7cfc019cebaecb2a738e68d09f3e7194cd362e8991548472274377a2b829abdeccdd6a077443dca3c4c9f205ccf78d4a3568702e","ssdeep":"768:FVX6Xl2NCM1idz41CAr7cC2Iq5a87XZUXfl2rsi14UcCs+Wl4:FVLCl","tlshash":"6ca333131cbe346b048f4b63f5295e47af5ffa43da16624cb2bc26852fb7d56c982204","size":107243,"data":"","first_seen":"2025-12-16T18:55:46.047375Z","last_seen":"2026-06-12T10:52:23.92013Z","times_seen":454,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a9e3f632be9238b847fcbe67c3abb41a","sha1":"72f916b7074574967321c4467aeaf54daed2ed0d","sha256":"8647e955556a870555f00cb33aceaf2c7d4eff3d4ad1456ecd30949cc9010fc7","sha512":"9e80458fe22fba7558288cf13e075cb38eea93aa88e83b35ad9045f96b7bc3663fe2e08414f8e7f55cb32fa8f06e118a3c10483f2a90c5a426a908dcb19628f3","ssdeep":"","tlshash":"b7d0a7a62c758d3067a8025f61b7d394266165906a12a60081ddcc3a5f20fd344f1a9c","size":236,"data":"","first_seen":"2024-12-13T17:42:20.448064Z","last_seen":"2026-06-09T03:33:23.056069Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/123/toastr.min.js","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1515ed21d8bd30ca0fae0970f85a7fb3","sha1":"b7808c728fe5fcf884620df5e2154ce988e920c7","sha256":"f2bb0e8511764611ff0081b549ff188c326c7376bf86e28513782b0a48f9c7aa","sha512":"38ba3736b75c78b1c2149cc18022eb235144c162d3fd9d817318e05be6359e7d192fe81b0546b54bd4e9ab56c601c1b87d7b152dfdef3c4646e6a342e7a3f6dd","ssdeep":"96:IVkLdCZR1JHduRv75dR+FIEHXX9oxNDP9mA1UZsEyHGJAcCwV02UfrwH:ekL4BtcvvRqIQcNa74ccrwH","tlshash":"09b19384b220bb8b6b731169919f144b937673b2ccce55007639a5987e7082c97b7fdc","size":5544,"data":"","first_seen":"2023-03-07T13:20:43Z","last_seen":"2026-06-13T16:46:40.412455Z","times_seen":456,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6195e50b8549b1f808f3930656233a5d","sha1":"09d735de888484534a9ef43a43e295ce728670c0","sha256":"3643aebb306a21d1053729c91ccb3095987d6ce7be1c3a01d8e2452f15a841ee","sha512":"3461c2b9cd5d0e6728377755377cbc232644e6dad34d086502ed337b1f4ee633dba4b9c93bfd0f35f470d5155f344d2462bd9b518bae31ecdf2c87abb7b89f74","ssdeep":"","tlshash":"1351e40db6d21592aa1362244f3f0605367b93136016cf0a394ff7915f9ae3ad85bcf9","size":2670,"data":"","first_seen":"2026-03-19T16:51:21.360226Z","last_seen":"2026-03-21T18:07:36.573375Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d4073ee2e8bf2e16a9bc9b30cbaa9d7","sha1":"e7bfc7590f0d4e41644e34218110acc6924f83ac","sha256":"dc1dcc8ebef937ed52d1f03a62b69f75b0dc4d850acbbcd1001a845f8bc21a6f","sha512":"3e597ee6a7c521b2db6b2d66659c4d81e571a1538fe4131601d60d12215c818d5fe3d5d7735a4133413e14e7094bc5ceffcd7155d40dc47a05ecbe695b90873d","ssdeep":"768:8u0z06eWU+tR/fDpr9h4KRawDJimJLSaF0mOxpT6L:8Bz0CU+tR/rpr9h4KRawDgmRlHOxpTO","tlshash":"e6e292c234d6712d437af474142b75cab6bebd49304c4f059224e9e8ad713cc6d9bea8","size":32989,"data":"","first_seen":"2026-03-19T16:51:21.32898Z","last_seen":"2026-03-19T17:29:45.329818Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"32a0d1842f86762c4e6e64da6f14e8d2","sha1":"bc4e9ecab82f60bb45b5513216ebf0ce8564dd6d","sha256":"b7089cb55a1252cb44ec11b9ec33a639c539bb8def3dd33c00119e15f6ff7629","sha512":"ba26daf960750301ec4dbc656b97e55d7e3d6b3a4096e4cf0d78f2b233ddb030272c482627c5489b80fa4d391082ce8f0a40c3855137ec5a6e4a87f34c744057","ssdeep":"768:Sq0ViI6CbuFd8blevqNlVT4lhnnx0kqviX4:Sq0Vb6Cbu78wAlp4Jx0hA4","tlshash":"a4c2c88579d9b0694375f6b1113b39ca73aebc85b05c8a068314e8e87c313d86f7bd98","size":26732,"data":"","first_seen":"2026-03-19T16:51:21.354156Z","last_seen":"2026-03-19T17:26:04.486169Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/123/saved_resource(1).html","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a9e3f632be9238b847fcbe67c3abb41a","sha1":"72f916b7074574967321c4467aeaf54daed2ed0d","sha256":"8647e955556a870555f00cb33aceaf2c7d4eff3d4ad1456ecd30949cc9010fc7","sha512":"9e80458fe22fba7558288cf13e075cb38eea93aa88e83b35ad9045f96b7bc3663fe2e08414f8e7f55cb32fa8f06e118a3c10483f2a90c5a426a908dcb19628f3","ssdeep":"","tlshash":"b7d0a7a62c758d3067a8025f61b7d394266165906a12a60081ddcc3a5f20fd344f1a9c","size":236,"data":"","first_seen":"2024-12-13T17:42:20.448064Z","last_seen":"2026-06-09T03:33:23.056069Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"prvr-rewards.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js?","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-rewards.xyz/123/index_1.html","date":"2026-03-19T16:50:49.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js? HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9dedfa75ad636e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32989,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (32989), with no line terminators","md5":"4d4073ee2e8bf2e16a9bc9b30cbaa9d7","sha1":"e7bfc7590f0d4e41644e34218110acc6924f83ac","sha256":"dc1dcc8ebef937ed52d1f03a62b69f75b0dc4d850acbbcd1001a845f8bc21a6f","sha512":"3e597ee6a7c521b2db6b2d66659c4d81e571a1538fe4131601d60d12215c818d5fe3d5d7735a4133413e14e7094bc5ceffcd7155d40dc47a05ecbe695b90873d","ssdeep":"768:8u0z06eWU+tR/fDpr9h4KRawDJimJLSaF0mOxpT6L:8Bz0CU+tR/rpr9h4KRawDgmRlHOxpTO","tlshash":"e6e292c234d6712d437af474142b75cab6bebd49304c4f059224e9e8ad713cc6d9bea8","first_seen":"2026-03-19T16:51:21.32898Z","last_seen":"2026-03-19T17:29:45.329818Z","times_seen":4,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/123/styles.css","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /123/styles.css HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\netag: W/\"69badfdb-75670\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bZrWRyUfCOd6RgTtv41w6MGEAcZ7qJYXY5FgYbd2gNMWDZtcpU7pWeheACWmPx%2FzSYXc1u9qY5J%2F7%2B2mzQIgvdbpXMPR8FguH6EM5Jkbs5w%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dedfa70b85c6e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":480880,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20196), with CRLF line terminators","md5":"04571f9334a9ec7d194aadf0619b97b0","sha1":"217028f2a47144021542a5bd3da227fa6b95c238","sha256":"5170301acec4e30a994bdbb46e99ab410f0e3203e629b4ec775a2c05000a65c0","sha512":"1497f5dfa87505a51e50f9d66da6975dffa8f01d5da34f27f4fc07dbf98f76a2593578556cff347cc863dd66824ba2f3a2f4c6b8d1866bdf543b731bfdddfa58","ssdeep":"6144:/S6XuVsQboD9yIyYMN6el5gTVyF24buT+:TeWQbo5y0MoeTgx/T+","tlshash":"c9a43b295a111512b733cb3c2bfd5244f7944817ee8349bd7add1a808ff21b8b962e8d","first_seen":"2024-09-20T21:38:21.078438Z","last_seen":"2026-06-09T03:33:23.036953Z","times_seen":77,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":82,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 19 Mar 2026 16:50:49 GMT\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-06-13T17:36:49.813069Z","times_seen":30185,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":50,"dns":0,"connect":7,"send":0,"wait":22,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/becker-logo.jpg","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /becker-logo.jpg HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 44916\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\netag: \"69badfdb-af74\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o6OJI3nHQg%2BRSBjQoPy0vQAjIk6yH5gUN2xawy%2FsTaGndwRxNd%2B6nq4u6w7vryujjTPu95QvVT0EuzYLN338dJMcOApl5XygcF9Aao2mpuI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dedfa70c8776e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44916,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.3], baseline, precision 8, 400x400, components 3","md5":"023462c67f5210da2074aad0ed6ffddd","sha1":"09b061bc27e4bd4c19393b6b6d2ca5a697574470","sha256":"559523cf02d9171a2f4064cccdf3b5d12114df7df7a9cee4f2448ec72f17dda6","sha512":"cd0baf32e0e4696175cb1d0bcf011495cd9479dcc9c7329fb3f77ac31f872617f006bfe6f815d38d0aa6f0f2acb07a17bb46d9f60e9d529daab31cb2ced5d495","ssdeep":"768:fcQDqITWp7lHqm6YB3ogHGkfPKk3jVhT4t2lpHWeRs4Z1YihC8c1lacxU:fcpIE7X6g3ogmkljVOIb2qn1vbcDtxU","tlshash":"de13f128ab0512d5c6578d30d0b32adea64f7974c5bd234eaf811936d4843e6e184eef","first_seen":"2026-03-19T16:51:21.336684Z","last_seen":"2026-03-21T18:07:36.555119Z","times_seen":4,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/123/jquery-3.6.0.js","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /123/jquery-3.6.0.js HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\netag: W/\"69badfdb-491c5\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XuB2yw9WZFgLLIBXUwqz9ThAxwD5D4rhKuPCl4IrcPxZfZIeozL5gQyZNiL0QYvkhJuvlX1XfnWJrXpm8SZCQraRDA%2FHu%2BZCqz6KYNulFXs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dedfa70c87d6e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":299461,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"8a750b5e10f34fe9be3d2b152dd12aa4","sha1":"4c7631e6cb74b97f42f146067ffc24c47b329763","sha256":"29223fdf1c42ac27b10aea5dcd02513f507a22a83ed8d03e5f6bb7f1c41daaaf","sha512":"0e003607f4ed747440d2d38b09a30a8fcb9d6dcc65f80ef56abf712674eb83592f45a4bc41d8a136350796a0b0f5cd972f9ca8b45516794644636f4385ec2ffe","ssdeep":"6144:9aaKxfbLY8Cv4okFFmwiFbP6s3JdB/HD0KUWrE4/Xp89ZwvY1Z5COsi2+pHeJwn1:FOiFbP/j70KUWrE4/589jjbvHeyb7PV3","tlshash":"f054b4d9734f116f4ba233aae43b5149ff7dd1b0520550acb58d997c24a081883bafbe","first_seen":"2023-03-07T12:22:54Z","last_seen":"2026-06-13T11:37:43.490051Z","times_seen":2078,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/sprite.svg","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/sprite.svg HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6vtQ%2ByJmNMBqNZeu2F2Gclh6xKVEx%2BG%2B8cXGph5OuGc9ayaM2ild2wEougqyTqQ4P2QG7ndHuzDdl7ITbYNUDK8FWk%2B2qbAZJAsxskCWQHM%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9dedfa70c8846e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35638,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7736)","md5":"b2255f7c2cb475c3983e94826c0c99ac","sha1":"cdf505eba742d49174d985b9e0885c71f86907a7","sha256":"561b0527861b36c7df8cf1a65c43b657e1da32822da250f7a244e6327e2e34b0","sha512":"e72d8f59a27e687ddfb8f1ada63ca0e0b4c934d2201c06f340cc46e22545e4eb7dfe6384b2e2e122f3d8209fd5ff43f98159afa9c21c5dce978a900841a5cebb","ssdeep":"384:tol+zaVxs5ndk0jbOov/IXRUZ7oluhedr3dlmhJA3:rzaVGkYv/Gwxgr3dlD","tlshash":"aef2840f9a6384197c1394f6b7da7695b2369047cd2aeda9bdce2100cfc93b46dd2318","first_seen":"2026-03-19T16:51:21.341759Z","last_seen":"2026-03-19T16:51:21.341759Z","times_seen":1,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/powered_by_meta.png","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/powered_by_meta.png HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nwUBYFS7k27WQ3lsCUT3tDk7P1lFf8c9GX5poJSd87cPqoZRr0IJLhmnuHRnUYqJBps8Fzm10%2B5ccP3ojshmMgVDVpqHR1Aa7tYw5SlkTfA%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9dedfa70c8896e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35638,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7736)","md5":"b2255f7c2cb475c3983e94826c0c99ac","sha1":"cdf505eba742d49174d985b9e0885c71f86907a7","sha256":"561b0527861b36c7df8cf1a65c43b657e1da32822da250f7a244e6327e2e34b0","sha512":"e72d8f59a27e687ddfb8f1ada63ca0e0b4c934d2201c06f340cc46e22545e4eb7dfe6384b2e2e122f3d8209fd5ff43f98159afa9c21c5dce978a900841a5cebb","ssdeep":"384:tol+zaVxs5ndk0jbOov/IXRUZ7oluhedr3dlmhJA3:rzaVGkYv/Gwxgr3dlD","tlshash":"aef2840f9a6384197c1394f6b7da7695b2369047cd2aeda9bdce2100cfc93b46dd2318","first_seen":"2026-03-19T16:51:21.341759Z","last_seen":"2026-03-19T16:51:21.341759Z","times_seen":1,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://prvr-rewards.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 16 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 255182\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T17:34:01.852112Z","times_seen":209940,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":56,"dns":0,"connect":8,"send":0,"wait":9,"receive":10,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/123/css2","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /123/css2 HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 2421\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\netag: \"69badfdb-975\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LGBR5nOT8pZea0DiUxdvdWPCqykJtXh354BhslNMD2pR7vmpXjNicuXbH%2BrJuIe%2Bpt9D0F0G42sXCSiNXwH8Fyg1BFFsuqzdlre8WcRBQzo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dedfa70b8606e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/123/toastr.min.css","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /123/toastr.min.css HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\netag: W/\"69badfdb-fed\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZAr6%2BejggUJJFur2wgHjbWBz86vNBbJzO%2FHe2tyD38OO%2BXY2L%2B3aCjW5ndYQV9qARJPPA9SjzVYjxx7NK4O97ZuqAsmRvvoKwxuCjQJFxX4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dedfa70b8646e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4077,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3790), with CR line terminators","md5":"7bb5a088537dfb8154a867fde2e73704","sha1":"53bf6a20858090281d87c9f9ca6b2696d502855d","sha256":"f51995faee855b1f8c0174398f957dc33a368423abd98da8cab4fcfab87e377a","sha512":"f5b06972fddbb702dab54c3c34b3acc5c62b5235c6b13bf911e84bb564bdca126168b1628e684caf4b52f82ffa9634491903b3cc5034d016d9aa0276178e0e68","ssdeep":"","tlshash":"ae81c011cb80332dbea3961ef455664a2609e1b3e6ee5eed651fa5bcc3c27d41c33284","first_seen":"2024-09-28T07:03:36.213793Z","last_seen":"2026-06-09T03:33:23.045374Z","times_seen":77,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/123/toastr.min.js","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /123/toastr.min.js HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\netag: W/\"69badfdb-15a8\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NBwYpvXYWTJJvj6nBjiWLzBln3cXSKw3GIoc%2BO5pFrI9Fi86DWHe8XjZYKscJ2AtjMNyLX1Oz5RkA9szOTerDWEDWAxtrQMunXbXP6vZNkQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dedfa70c87f6e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5544,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5215), with CRLF line terminators","md5":"1515ed21d8bd30ca0fae0970f85a7fb3","sha1":"b7808c728fe5fcf884620df5e2154ce988e920c7","sha256":"f2bb0e8511764611ff0081b549ff188c326c7376bf86e28513782b0a48f9c7aa","sha512":"38ba3736b75c78b1c2149cc18022eb235144c162d3fd9d817318e05be6359e7d192fe81b0546b54bd4e9ab56c601c1b87d7b152dfdef3c4646e6a342e7a3f6dd","ssdeep":"96:IVkLdCZR1JHduRv75dR+FIEHXX9oxNDP9mA1UZsEyHGJAcCwV02UfrwH:ekL4BtcvvRqIQcNa74ccrwH","tlshash":"09b19384b220bb8b6b731169919f144b937673b2ccce55007639a5987e7082c97b7fdc","first_seen":"2023-03-07T13:20:43Z","last_seen":"2026-06-13T16:46:40.412455Z","times_seen":456,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/powered_by_meta.png","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/powered_by_meta.png HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nage: 0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JB9pFZlcG20GOhfmGiD9Z5jxdWxiiV2Wf0uB8njikBJJl06rL7AmWrBt55l%2FZH7k2QoTTrhWLXpCQj%2Fnh1pnaYdZh1w474lrikhyGYcuDdI%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9dedfa7419676e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":126175,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7736)","md5":"5d54e54261a152ddf823e8bb3b63fed2","sha1":"01d6681cb8a3bb34179b234e11646fb6a48dc41a","sha256":"f69072d9b131600c00b5811081cf5746f18bf5669050a8e1c7e481ce0e222e42","sha512":"703fb93a1e95fa1a6d7d59e00a598918e5bfa1e5c860ab187dcf5102a44ef4fbbe1f717ef6798bbe565f0d6b56b21f0accc64c4edaf4c2ab6c18a8466cd5d323","ssdeep":"768:rzaVGkYv/Gwxgr3dlB/ioD2L6Ujw3Vv8ZvRujjUPEJfJmrzyFAgFvqU3rwIC43Kd:rcs/G+gBl8Zpbg2J1lKi1TXBnDR","tlshash":"ddc3841bb9904218790381ba1dff7b5e3935a0074d84ef9bbdcd2560df8b2a3e891764","first_seen":"2026-03-19T16:51:21.348089Z","last_seen":"2026-03-21T18:07:36.550103Z","times_seen":4,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://prvr-rewards.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 16 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 255182\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T17:34:01.852112Z","times_seen":209940,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":90,"dns":0,"connect":11,"send":0,"wait":8,"receive":5,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/secureproxy?e=jscdn/getFile","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://prvr-rewards.xyz/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://prvr-rewards.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"i26j21cuqog7erubli03\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:50 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SEuCvmWs3zjbEQxjpdc2v4KKJaeBxEPKvG8ImocUihhNL2JxIbOcUPylKhTQ6pgFE4EF0cGJcY8DyTJw9hsuRIN8K4Kt56nSzrnV2%2FGlhlg%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: 9dedfa745a3c6e70-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3548872,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4b547db9e06e84c2cf57f4067aed0bd2","sha1":"837d2ec0db646dd5f006ef11eb12ebb5e213fb05","sha256":"215fb7f08038a1a49a86442496b3d24fa11b85bdb1fe0a6af955d135bb235154","sha512":"31969160b680dd661a4aeb4fe2340d33b543be407beb62344f6b134221e5c30bd1fee87d086ecb98b1b2c97ce9375276ab3e2f71aac925c38b66918ed1be494d","ssdeep":"24576:hFQlg6vCCCgvnQsyjCq4rCMBZ849RxN4soD5JaHTRsq4B4:cgKdWdMhfxNeeHFVP","tlshash":"e12523546c6a51ea474c266b31b74e2e62a06f0404e6a0cbda54ddc23e7ffb1c38f46d","first_seen":"2026-03-19T16:51:21.350436Z","last_seen":"2026-03-19T16:53:38.183509Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":861,"receive":422,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"presale.alexbeckertoken.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"presale.alexbeckertoken.cc","domain":"alexbeckertoken.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-rewards.xyz/123/saved_resource(1).html","date":"2026-03-19T16:50:50.021Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: presale.alexbeckertoken.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/123/index_1.html","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /123/index_1.html HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kFFw7h7Inl0Te84F4G%2BRPfKA2QsddH6o80ul6YdMO06uUk026K8meiZgOZYv2dI8NHtv1oYgHJrzvA6mGGOPxK97FCu2k8zeEhSVFwrk1Hc%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9dedfa7409496e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1510,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (1431)","md5":"7ac863c20d80c754ff2fdf93ca02c1b1","sha1":"ebbec8729a0a4183f564ddfa1624ab4cd89429bd","sha256":"c350fa88b72d686b998af69bcc3a95567d0233a8478c39c0e7ee10a664aaddd9","sha512":"3a0af7592404e133ff8608a0150d0654263a4f136e969b182bc5e0450f4b6a5207e1d0909fa271508a4de07d1ff70f3e55f32d290403f15d7fd160fa5c283efc","ssdeep":"","tlshash":"613185b67e1950308695618631bef36c38329224ba029040c2ece878cd9cfd718afdbd","first_seen":"2025-08-14T22:48:24.824269Z","last_seen":"2026-06-09T03:33:23.035415Z","times_seen":67,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-19T16:50:48.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:48 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bx99BBgqcAYTQqGXtVH%2BCbZxc1UeeeVI3Wqzrg%2BJ0zTBLXmkHpxCXLdSRXXgrZh%2F0yp%2BHZpcLMQkC7eRsnj%2Bf0kpSaRB0EAKRiRc%2BVvMZnM%3D\"}]}\r\nage: 21286\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9dedfa6fb8fa1ecb-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":126175,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7736)","md5":"5d54e54261a152ddf823e8bb3b63fed2","sha1":"01d6681cb8a3bb34179b234e11646fb6a48dc41a","sha256":"f69072d9b131600c00b5811081cf5746f18bf5669050a8e1c7e481ce0e222e42","sha512":"703fb93a1e95fa1a6d7d59e00a598918e5bfa1e5c860ab187dcf5102a44ef4fbbe1f717ef6798bbe565f0d6b56b21f0accc64c4edaf4c2ab6c18a8466cd5d323","ssdeep":"768:rzaVGkYv/Gwxgr3dlB/ioD2L6Ujw3Vv8ZvRujjUPEJfJmrzyFAgFvqU3rwIC43Kd:rcs/G+gBl8Zpbg2J1lKi1TXBnDR","tlshash":"ddc3841bb9904218790381ba1dff7b5e3935a0074d84ef9bbdcd2560df8b2a3e891764","first_seen":"2026-03-19T16:51:21.348089Z","last_seen":"2026-03-21T18:07:36.550103Z","times_seen":4,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":80,"dns":55,"connect":8,"send":0,"wait":21,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://prvr-rewards.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 16 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 255182\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T17:34:01.852112Z","times_seen":209940,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":103,"dns":1,"connect":21,"send":0,"wait":9,"receive":4,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/becker-logo.jpg","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /becker-logo.jpg HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 44916\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\netag: \"69badfdb-af74\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S6t0DDjK3jbgu6iA%2BaADibaZAT5feW6%2FylxLUOEBjObaJbhQzyv%2BZmrRbUrSlKmp7ZWKM761U%2BG6x60hjdojWPfvhFpGEfm1e7s%2FYjA3zBo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dedfa759d486e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44916,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.3], baseline, precision 8, 400x400, components 3","md5":"023462c67f5210da2074aad0ed6ffddd","sha1":"09b061bc27e4bd4c19393b6b6d2ca5a697574470","sha256":"559523cf02d9171a2f4064cccdf3b5d12114df7df7a9cee4f2448ec72f17dda6","sha512":"cd0baf32e0e4696175cb1d0bcf011495cd9479dcc9c7329fb3f77ac31f872617f006bfe6f815d38d0aa6f0f2acb07a17bb46d9f60e9d529daab31cb2ced5d495","ssdeep":"768:fcQDqITWp7lHqm6YB3ogHGkfPKk3jVhT4t2lpHWeRs4Z1YihC8c1lacxU:fcpIE7X6g3ogmkljVOIb2qn1vbcDtxU","tlshash":"de13f128ab0512d5c6578d30d0b32adea64f7974c5bd234eaf811936d4843e6e184eef","first_seen":"2026-03-19T16:51:21.336684Z","last_seen":"2026-03-21T18:07:36.555119Z","times_seen":4,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-rewards.xyz/123/saved_resource(1).html","date":"2026-03-19T16:50:50.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/123/saved_resource(1).html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Thu, 19 Mar 2026 16:50:50 GMT\r\ncontent-length: 0\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9dedfa76b8b26e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26732,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js?","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-rewards.xyz/123/saved_resource(1).html","date":"2026-03-19T16:50:50.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js? HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://prvr-rewards.xyz/123/saved_resource(1).html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:50 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9dedfa76d9076e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26732,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (26732), with no line terminators","md5":"32a0d1842f86762c4e6e64da6f14e8d2","sha1":"bc4e9ecab82f60bb45b5513216ebf0ce8564dd6d","sha256":"b7089cb55a1252cb44ec11b9ec33a639c539bb8def3dd33c00119e15f6ff7629","sha512":"ba26daf960750301ec4dbc656b97e55d7e3d6b3a4096e4cf0d78f2b233ddb030272c482627c5489b80fa4d391082ce8f0a40c3855137ec5a6e4a87f34c744057","ssdeep":"768:Sq0ViI6CbuFd8blevqNlVT4lhnnx0kqviX4:Sq0Vb6Cbu78wAlp4Jx0hA4","tlshash":"a4c2c88579d9b0694375f6b1113b39ca73aebc85b05c8a068314e8e87c313d86f7bd98","first_seen":"2026-03-19T16:51:21.354156Z","last_seen":"2026-03-19T17:26:04.486169Z","times_seen":5,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/chunk.47.2ghauuvt.js","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /chunk.47.2ghauuvt.js HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\netag: W/\"69badfdb-32fb1\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NV3QJvGplZtlE1n15dJRdkvvso2gj5E12kEbj%2BwI4eohNIoIO12B7Poigm8iPGJigpyIihnn9JZFlZsH1qtsrbIcIV1ug7VREBhxgFFMq4Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dedfa70b8696e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":208817,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (52762), with no line terminators","md5":"eba5611ba4b706a4c1365a8508e69a6b","sha1":"7a2f80031985324b767c45b339b355d2626b4969","sha256":"89dd870a32f56331493537a930be9ecc95233edd06ac7f0b63e8cb112bb48a70","sha512":"7e8ee792d304e324dcc72c2ebb949b177407f52bdf7e5ce7a65627d257a0e2e066b5775657b8633fcb1f95ac277565a8c124acf14858652a502ad2612f6eed4e","ssdeep":"1536:dmO9IPeLqG8cAxHnihJ4MqEWJVoNqf3yyWx+:dmO9IPAacKHiXf0oO39","tlshash":"d41461e5db87c0ac8d5910ded473f841e0685927ce6cf493aa6edec27519f22808b17b","first_seen":"2026-02-16T15:03:14.731838Z","last_seen":"2026-03-21T18:07:36.565724Z","times_seen":14,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/sprite.svg","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prvr-rewards.xyz/","date":"2026-03-19T16:50:49.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/sprite.svg HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nage: 0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f6JPTeo2y4n1KmJ%2F4KoxLrqGKubl%2BEhD8NAuF%2FLXKj0f5POqjxeNGdAZxPTl8obOte2evKbPqai19Dfd2qZ6RUZYiRChfo8huoOROKEFlz0%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9dedfa7419616e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":126175,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7736)","md5":"5d54e54261a152ddf823e8bb3b63fed2","sha1":"01d6681cb8a3bb34179b234e11646fb6a48dc41a","sha256":"f69072d9b131600c00b5811081cf5746f18bf5669050a8e1c7e481ce0e222e42","sha512":"703fb93a1e95fa1a6d7d59e00a598918e5bfa1e5c860ab187dcf5102a44ef4fbbe1f717ef6798bbe565f0d6b56b21f0accc64c4edaf4c2ab6c18a8466cd5d323","ssdeep":"768:rzaVGkYv/Gwxgr3dlB/ioD2L6Ujw3Vv8ZvRujjUPEJfJmrzyFAgFvqU3rwIC43Kd:rcs/G+gBl8Zpbg2J1lKi1TXBnDR","tlshash":"ddc3841bb9904218790381ba1dff7b5e3935a0074d84ef9bbdcd2560df8b2a3e891764","first_seen":"2026-03-19T16:51:21.348089Z","last_seen":"2026-03-21T18:07:36.550103Z","times_seen":4,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/123/saved_resource(1).html","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://prvr-rewards.xyz/123/index_1.html","date":"2026-03-19T16:50:49.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /123/saved_resource(1).html HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-rewards.xyz/123/index_1.html\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 18 Mar 2026 17:24:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tebZhwHmTFOSWkD%2B5BsSNU0ntB%2BNZEwv8wZaScEYZ4tHRzF%2FAqvE5NYqyN8tnuh8ZLwWc%2BjNfsbAFx%2FT2B54oWKZn2BBd3rBPANitquI5Z4%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9dedfa757cf66e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":507,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (464)","md5":"f2718e61138ef0530f5b6c285a3ab392","sha1":"050f5abfcde20b35cf02cda68ce79493aa71e946","sha256":"5b47e35bb125f373e1324ecf6a05860779edb8b6b50383d33fa5e870a5ef464c","sha512":"dcaf7c003a81fdd8ec642ce3b73a875c0a996b5ae8ab9d71ef4cf2b989fa3e1155f73fcb3b97b9fd0adefb414a548191d0b37d99035b2a78decdb869e48557c3","ssdeep":"","tlshash":"89f00ef72c2ac82123b00386a0fae25c05205150b502c941c1e8e87d1e48fda98a3a48","first_seen":"2025-08-14T22:48:24.827007Z","last_seen":"2026-06-09T03:33:23.036174Z","times_seen":65,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-rewards.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"prvr-rewards.xyz","domain":"prvr-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-rewards.xyz/123/index_1.html","date":"2026-03-19T16:50:49.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 16:56:04 GMT","end":"Tue, 16 Jun 2026 16:56:03 GMT"},"fingerprint":{"sha1":"B2:4A:D3:2B:FA:E5:2A:25:5C:56:0D:C2:DC:71:90:71:9F:21:D7:2E","sha256":"3F:9D:00:88:9A:C8:E5:D5:21:3C:1C:4A:3C:FF:3C:D2:E3:D9:94:5C:D0:AE:09:85:BF:D9:64:EC:36:15:85:EC"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: prvr-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Thu, 19 Mar 2026 16:50:49 GMT\r\ncontent-length: 0\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9dedfa758d206e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32989,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"prvr-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}