{"report_id":"18c3dcaf-f6d8-4742-b139-6f58100112dd","version":6,"status":"done","tags":[],"date":"2026-04-07T11:32:39Z","url":{"schema":"https","addr":"rewards-x.com/","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":0,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"final":{"url":{"schema":"https","addr":"rewards-x.com/","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"title":"Elon Musk — Official BTC, ETH \u0026 DOGE Giveaway!","dom":{"size":141941,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1033)","md5":"0a74373cb89c018b3f4c27bd5a140c65","sha1":"1cfd31382bc720e922581cc027de764a5c379c05","sha256":"f52dc9cead1bb73d0fc1b53f05f975b1fb713b5214727f6680a1525d61c2154f","sha512":"2d071ad066802d089069e93766f59e1f028312eadee598cfe24e2c973b8e117c68e4c6bd3e5c45e9031979724ad190fb8e70dc34b3a3d326effa3227761786f3","ssdeep":"3072:q/0PgHhPgzUIiPgvPguPgNPgwPgdPgvPgp:q/3IP","tlshash":"9ad3712b19f202166943a0b86beb5695772ad017f90ecda07eec17a0cf97d91cd4378c","dom_hash":"domhashcca94fb1363f03d01971d3aacfd9ce9b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"rewards-x.com/","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":0,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-12T11:32:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"glyph.medium.com","ip":{"addr":"162.159.152.4","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"1998-05-27","domain_rank":187209,"first_seen":"2017-08-01T13:23:25Z","last_seen":"2026-04-04T05:20:49.71589Z","alert_count":0,"request_count":7,"received_data":158439,"sent_data":4003,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"rewards-x.com","ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"domain_registered":"2025-04-26","domain_rank":0,"first_seen":"2026-04-07T11:32:24.525363Z","last_seen":"2026-04-07T11:32:24.525363Z","alert_count":18,"request_count":18,"received_data":2554026,"sent_data":8947,"comment":"","tags":null,"fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"cdn.matomo.cloud","ip":{"addr":"3.167.2.121","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2017-09-08","domain_rank":124973,"first_seen":"2019-09-27T14:00:38Z","last_seen":"2026-04-02T03:13:28.010141Z","alert_count":0,"request_count":1,"received_data":687,"sent_data":432,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rewards-x.com/","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"introduction_type":"scriptElement","is_inline":true,"md5":"ed8b9f54e96cdb12c2ee52842c5aa060","sha1":"68f686c6aaa29101e9180261efd863f1ff031e58","sha256":"4011660deb0b6661a376dd6414fa1e689dfe86767288917e0e5bc1fe5a20289e","sha512":"4c468fa34f5c8b22e07697b48fdbdfe7f7d7bf4480e21840734ed26fa247be635a4a1a131cd39e55d7fcd9867ff13384f4254b690213cc06167640c5b0eb6333","ssdeep":"","tlshash":"f6f0811609af1ffe313b617e7d7e4929b3ab681ea460c4016e41942d6d71d8547503d8","size":559,"data":"","first_seen":"2026-04-07T11:32:27.299452Z","last_seen":"2026-04-07T11:32:41.691153Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/toastr.min.js.download","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f8ab000e6fc6c9f2f25a7d6355c1905","sha1":"b9c927f53682569f8f2743404ae0bb2ff7b00bf0","sha256":"e815910819bc5456b3c1cc082f1d6f39ff617b26ed5caf0504b2bd8cb4cd4800","sha512":"05aece6cd779bdd371a61863638d7586785bfdc512b3b650a3c7343b21f096816f7f62773ac1ccef77395e67586ffa6163bdffc5d20391071185caca4c9eb09d","ssdeep":"96:NBZ665+Pu1NtTAn2/OeVXhI8KaPQNW4rW/kI75dRSVhfrZc:nZ6u8cmnYRR8IvRWrZc","tlshash":"47b19884b121bbca1b7360b8515f0006d2bb6362cdce54413a3ea58cbf70d0896b7fd9","size":5292,"data":"","first_seen":"2025-01-07T17:13:59.99571Z","last_seen":"2026-04-07T11:32:41.685083Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/jquery.min.js.download","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-07T19:36:04.981538Z","times_seen":137569,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"introduction_type":"scriptElement","is_inline":true,"md5":"b7020f3b5e15a84f60636952d1122258","sha1":"648cae8fce91fa410f4b3c3f47fe3291cba7483f","sha256":"c63b8c75251bc5e477ec08b620368aa80630e409665c79a1b4d1b476b0d08914","sha512":"0813bee7a48e08f46f9fa1f527598b1fd666ea87baddcb5d8e0e7c4e04029b02e05db94d0d692c5d285be1cb402b3e61520ec6bbeb36fa8083a6d7e97a6daf69","ssdeep":"48:OCd3VSDJ+pPeptcKOY3VSDJ+pPeptcKOkWsG6G+nCWsG6G+nFBGadPoxswJwxkBD:sgKWgKGdwObxFyOY0AhphpFCz8","tlshash":"5e81d13f39e218310abb71ef379fa3987420411b1944da1d3dac86644fd4d668476b9c","size":4191,"data":"","first_seen":"2025-06-25T19:23:49.04544Z","last_seen":"2026-04-07T11:32:41.691729Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"introduction_type":"scriptElement","is_inline":true,"md5":"c02a4b1d11e6e1a302efd35f0bef6f98","sha1":"c3099b3f63787f41c8cf8b08a0d525c833ee8f10","sha256":"7f79ac93dd9484b4311653191a40d98c49d2a2a5092ac4a44f868c28260615ff","sha512":"24061304bbf30567fff0bb5b8f0477d20c38ea5e1391d32b9cbe7bbb7d07cb1b57c1d031cddba5d0339ce14e3ea2fc4b3f318bd9d7366949409d9d2a3b632536","ssdeep":"","tlshash":"c9e0ab299ce706384cf63a441038ca3930fc38a0aaa3d05b525cc82ccd39fc50c00aec","size":424,"data":"","first_seen":"2025-06-25T19:23:49.04686Z","last_seen":"2026-04-07T11:32:41.692253Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff","fqdn":"glyph.medium.com","domain":"medium.com","tld":"com"},"ip":{"addr":"162.159.152.4","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"medium.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 19:59:16 GMT","end":"Wed, 10 Jun 2026 20:59:05 GMT"},"fingerprint":{"sha1":"09:82:33:43:6A:B0:29:CE:52:C2:78:BE:56:C2:66:69:2C:93:77:4D","sha256":"96:A2:77:A3:57:AE:2F:B8:AC:84:4F:CC:90:D3:13:81:B2:E3:67:90:0A:1A:95:7F:7F:03:DC:28:0B:46:B1:01"}}},"request":{"raw":"GET /font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff HTTP/1.1\r\nHost: glyph.medium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rewards-x.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: application/font-woff\r\ncf-ray: 9e88b6005b7b1a30-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid\r\naccess-control-allow-methods: GET, POST, PUT, DELETE\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\ncache-control: public, max-age=31536000\r\netag: v2-b492c44\r\nexpires: Wed, 07 Apr 2027 11:32:18 GMT\r\nx-envoy-upstream-service-time: 26\r\ncf-cache-status: HIT\r\nage: 9\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nset-cookie: _cfuvid=qUj_Z4WOzGO.MV7lEOfR32UeKktBWcEsEGSC3JW6hJY-1775561538630-0.0.1.1-604800000; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":12773,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 12773, version 1.1","md5":"a10bcd51793a7ec7a51e3a79e3b3c568","sha1":"2921ce36c9376a6666773963df4ac22695ce0ac4","sha256":"8f6e7bfd316a160cd611c23c79c3d0cf8fcbfe22e16592f4afffd03eedf45756","sha512":"1bfef32414a9290b1cbd6874a3ef6b5811a724eba6c65c32ab0a0dbac137359d3d0b43b540ec66fb70b02d0ca8ceb5094ab13bb98e119c909cd9f1313f75f583","ssdeep":"192:z2dUEgZHiEmGwl5O288i7vLQaaMZW1Jv0ivSAvzafG+7TWWKT/XBx3sscHF1m7G:zaUdZHwGwR85fQqQv0cSgE7Te5ZZcWi","tlshash":"2a42d150acfe0d01c428fa31c485bf9f2655d1c115b9f79e765828b81d3f7c28776a26","first_seen":"2023-04-07T18:04:24Z","last_seen":"2026-04-07T11:32:41.673683Z","times_seen":2344,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":45,"dns":3,"connect":1,"send":0,"wait":20,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/unbound.css","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/unbound.css HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nexpires: Thu, 07 May 2026 11:32:18 GMT\r\ncache-control: max-age=2592000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19440,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bae59c8c360ca3174623d1fb058be5b8","sha1":"21ae681a1421f0f4ea1d3013ee5430399d7dae00","sha256":"45dbf060ec052a3b0ca5ae7211eaa27c950db65b019aa456e1e686a85f8a327e","sha512":"55e67eee7c669c45bf877f69ea7848b46ad660597da7ce607e90739b517a72822474a4cc81f85a413d8eaa9b7fb8b283c35e6425b69a82f20fd6a23c933f28dd","ssdeep":"192:edwdBjDdLNdLsI6dsdviuea/4dMdXxBd6d3aadpd0OEdWdjDyd1dQRddwdpD7djb:emnr2iwmBkHfqMUn2KbBeuHyu","tlshash":"b1920db1785461009d975e4b7bcb7c8e5c0ed4763314d42bafae48c09ea7aa353c4b8e","first_seen":"2024-02-15T19:50:00Z","last_seen":"2026-04-07T11:32:41.674222Z","times_seen":2365,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/z.png","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/z.png HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: image/png\r\ncontent-length: 810859\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nexpires: Sat, 06 Jun 2026 11:32:18 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":810859,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1267 x 708, 8-bit/color RGBA, non-interlaced","md5":"24648145341946c09ef0f8c58443268f","sha1":"226c1ed1b58366b3159d0feaf5cdbddf872b0ae4","sha256":"b1b4b7fcb7ae75f14f055dfe0dab2c1304b4b443e62197e03652db6cb693243a","sha512":"f6b600449cced29a0506ea8bf2964d385cb5ecb5cfff91f946ec61f0ec947fb948033b739c4902fd24a0d94d9478fde4847ea8b5e89a8d1bcdea7a6cfdced6c1","ssdeep":"24576:20U4yyZgBOlZvp5NnBD/KOMBASSYbADXz/NOTd:20fgB6P5NnAOMBASS6ATzgR","tlshash":"900533746859b6d100cea870df320291562b8339ceff02eed91945288def5cde5b637a","first_seen":"2025-06-25T19:23:49.032958Z","last_seen":"2026-04-07T11:32:41.674731Z","times_seen":7,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":232,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/8tuxA1BE_400x400.jpg","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/8tuxA1BE_400x400.jpg HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 29714\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nexpires: Sat, 06 Jun 2026 11:32:18 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29714,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"041a7d834efc70a7d3b28b7366153847","sha1":"6b5ccef1e8afd9cb640d2a16040f9be4ee88b462","sha256":"ba7cf5546e82274177be212f0c61e36ebb66f689297abdc459de15480ffdb8a6","sha512":"71ddec3a5e052946df57954fad49d2352506516c6ef28aab6d6febe46c25edcc66c48aa6630f85de419a0dd536ba34505b40e27b6af3201b3b01e61875084971","ssdeep":"768:wGOwgIHsN18qhO97/waCuR/xMYM4B/xJMoMhV:wGOwgzN1Y97oazRJMYFB/1MhV","tlshash":"09d2e1a757de144ace8bc67a764a1b92f39cde5531f8193f749331ec57026000a4fa93","first_seen":"2025-06-25T19:23:49.013654Z","last_seen":"2026-04-07T11:32:41.675405Z","times_seen":12,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/aoYh_1c0_400x400.jpg","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/aoYh_1c0_400x400.jpg HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 16659\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nexpires: Sat, 06 Jun 2026 11:32:18 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16659,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"1214d8bc067f3ccd66c337cb4b2f333d","sha1":"938aa50c365c367ae0037130d6074369923b3996","sha256":"edf4cbf4fa78fbb713f2bb7040502840f08cde6add37bf09add8adba028fa344","sha512":"53e9066c91dbe6aa710bcc7c9d1bb6c2b44fe35f1ac2cab81011c2e8eb78d0dc11794fd08d6bfc1c4ce14b28b0140f0873dcb2aa0ff406bffd5e116a28a10aaa","ssdeep":"384:sqRDK8wBowbGVu0q39qWfBS9IS6CEyVQAQMCoyYlS:tRDnGgWfo9IzxymN56S","tlshash":"c572d1964bed9845e89c86f078a4e370b6802a946142d3dd2872a07c137fcfd4cde1de","first_seen":"2025-06-25T19:23:49.006388Z","last_seen":"2026-04-07T11:32:41.676098Z","times_seen":13,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/oBSlDe-Q_400x400.jpg","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/oBSlDe-Q_400x400.jpg HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 29636\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nexpires: Sat, 06 Jun 2026 11:32:18 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29636,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"ccd355360a6b9e66e1bbf5e7390252d3","sha1":"e605dfdf265e4bb9adb3be70094b7da6f817b1ec","sha256":"c3584bfb7303530d33ed90b97a002c8a172346dd253444a7216a5b0cb00ba746","sha512":"fbc28a94678c7c185a2080e85373a4a1b495c4cb473459ae08f52d8b072ef42a9523e1346a36f05c3de10194f1e460f522f0adc9945007b6a387a14b67f95f89","ssdeep":"768:f7HW+creVWzI+5kRkcbEpjTO8QA/KSB06+dn5okwJNMq:D2Nr9zTkRkcoEcMdWk8v","tlshash":"94d2d0818319e5e6f6ce573e009089b13c22cb1ba3dc971961cbac2f6b796565f843d8","first_seen":"2025-06-25T19:23:49.01741Z","last_seen":"2026-04-07T11:32:41.676611Z","times_seen":23,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/dWwL6xdj_400x400.jpg","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/dWwL6xdj_400x400.jpg HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 21430\r\nlast-modified: Mon, 07 Apr 2025 06:30:06 GMT\r\nexpires: Sat, 06 Jun 2026 11:32:18 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21430,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"8873b0d60a280f7fa5c83563ab208c05","sha1":"3bb7f71b48bd7cdabd59160af74530b162fc9d8c","sha256":"d1317f50fbdac4c33d710c272c5242f883cc0b1afc2370c942ebd2628742a340","sha512":"8c7bd932bdf6ef897271de2e6227f1d6b07316b22db6c9089749bc7cd94c1d6e43f66b0dbbcb407e5c1815102ce656e90dbcb042ad04dd2e5bb6e5a042f7321a","ssdeep":"384:sjoqaQJmeQStNiaCM7kWRP4bJOlM3ypNtp9Qx4km/U1+Cu0i87Y/:abJddaaCM7zRP4KpNtfQ6n/U1+Cu0I/","tlshash":"88a2d062735802ade66e3937b2824136fc54dd1ad62f225b9dc019f563729e8cdd30e3","first_seen":"2025-06-25T19:23:49.040107Z","last_seen":"2026-04-07T11:32:41.677134Z","times_seen":13,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":160,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff","fqdn":"glyph.medium.com","domain":"medium.com","tld":"com"},"ip":{"addr":"162.159.152.4","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"medium.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 19:59:16 GMT","end":"Wed, 10 Jun 2026 20:59:05 GMT"},"fingerprint":{"sha1":"09:82:33:43:6A:B0:29:CE:52:C2:78:BE:56:C2:66:69:2C:93:77:4D","sha256":"96:A2:77:A3:57:AE:2F:B8:AC:84:4F:CC:90:D3:13:81:B2:E3:67:90:0A:1A:95:7F:7F:03:DC:28:0B:46:B1:01"}}},"request":{"raw":"GET /font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff HTTP/1.1\r\nHost: glyph.medium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rewards-x.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: application/font-woff\r\ncf-ray: 9e88b6004b591a30-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid\r\naccess-control-allow-methods: GET, POST, PUT, DELETE\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\ncache-control: public, max-age=31536000\r\nage: 173328\r\netag: v2-cf896f3\r\nexpires: Wed, 07 Apr 2027 11:32:18 GMT\r\nx-envoy-upstream-service-time: 47\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nset-cookie: _cfuvid=LaJLomHKBCMI2Lu0DU3UahZ_WbMVgcAcRtoFdSfnzfo-1775561538621-0.0.1.1-604800000; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":19133,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 19133, version 1.1","md5":"fc901ce068d502b527f6e697e158d7c4","sha1":"0b4d922e2db262d464aed02375d5c6c7d192463e","sha256":"78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d","sha512":"8b64cc97314fc0a4569ca002938c1c71cb2cc33380f059704294b2c723f852ae58c3777486f08ba2b7f3f17a3b9432e620ebfee3e100a72d72796ce5f07338d8","ssdeep":"384:pyTUg7TUMgaCO0bj0w3ic0ZcS+7JUwvZY0cSgE7Te5ZZcWi:Cf7TVga500w3p0ySmbRY0c/EmDti","tlshash":"0082d092e92f2f9cea1c90781d865fb753f142f21ff6828e2b5c107c5616e509272d2d","first_seen":"2023-05-01T18:03:27Z","last_seen":"2026-04-07T11:32:41.678012Z","times_seen":211,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":40,"dns":1,"connect":1,"send":0,"wait":18,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-normal.woff","fqdn":"glyph.medium.com","domain":"medium.com","tld":"com"},"ip":{"addr":"162.159.152.4","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"medium.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 19:59:16 GMT","end":"Wed, 10 Jun 2026 20:59:05 GMT"},"fingerprint":{"sha1":"09:82:33:43:6A:B0:29:CE:52:C2:78:BE:56:C2:66:69:2C:93:77:4D","sha256":"96:A2:77:A3:57:AE:2F:B8:AC:84:4F:CC:90:D3:13:81:B2:E3:67:90:0A:1A:95:7F:7F:03:DC:28:0B:46:B1:01"}}},"request":{"raw":"GET /font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-normal.woff HTTP/1.1\r\nHost: glyph.medium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rewards-x.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: application/font-woff\r\ncf-ray: 9e88b6006bbd1a30-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid\r\naccess-control-allow-methods: GET, POST, PUT, DELETE\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\ncache-control: public, max-age=31536000\r\netag: v2-8e059b2\r\nexpires: Wed, 07 Apr 2027 11:32:18 GMT\r\nx-envoy-upstream-service-time: 25\r\ncf-cache-status: HIT\r\nage: 9\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nset-cookie: _cfuvid=7H9dVN.ITqAsnPwxED8gpZmubi03xXRhDvjUdpcaGec-1775561538634-0.0.1.1-604800000; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":11964,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 11964, version 3.1","md5":"89f0d35c6c6cbbccb460ab2fa02f5789","sha1":"cd071b8d8b6e14454f1882397fada44b20418add","sha256":"d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213","sha512":"697cfe3f6fa6fde1f4f4c386f66072beb1155df30026a68c80ef2262a50f87cb65941e0759a763aff802cdb62204af99c405bbd169174de0fa9bcc9b388c1010","ssdeep":"192:+E1/w4A7+YGmAs95F6Y4v1ZQ9MMSgh/eMT8H+n3HySiQrEiwjO6L2lspMNT5JnON:RdAe45kdvTLng5eMTM+n3HdREI6CldJ0","tlshash":"bc32d06cab1fbb89cc566472960629ecb2c5414e7fa54a2b2ce060cfdc0768f03491f4","first_seen":"2023-05-01T18:03:27Z","last_seen":"2026-04-07T11:32:41.678496Z","times_seen":348,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":52,"dns":1,"connect":6,"send":0,"wait":14,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/IMG_7687.MOV","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /IMG_7687.MOV HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:25 GMT\r\ncontent-type: video/quicktime\r\ncontent-length: 22920835\r\nlast-modified: Thu, 03 Apr 2025 08:52:10 GMT\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\ncontent-range: bytes 0-22920834/22920835\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":983040,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"1c373c25d3242ebdc9ecdee351535149","sha1":"273d189bf75bcc40483a7be090a2f11d261df962","sha256":"6c41144935f25eef4e4db6556aefb8694a769f06a12da88230d486e6d92b5f53","sha512":"4a1a3ec40777f42e3444ce771a0fdfe68e0ab7c6da98d4143740e2b20c0357fc30688a6ceae773bec0f605247817376589ae47ae1530dd8bf99d5182ab74a3ad","ssdeep":"24576:UwNcJrbHst34P0KaxkH+/F2ID+d3Di61KCaiP:UwNcJPpHeVD+tDvQCVP","tlshash":"0c2522debe858410f385e63ec9d1951b8796c8e0dd81d24f388d02469f60ee61f7e8b6","first_seen":"2026-04-07T11:32:41.679515Z","last_seen":"2026-04-07T11:32:41.679515Z","times_seen":1,"resource_available":false,"data":null}},"time_used":7229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7196,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-normal.woff","fqdn":"glyph.medium.com","domain":"medium.com","tld":"com"},"ip":{"addr":"162.159.152.4","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"medium.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 19:59:16 GMT","end":"Wed, 10 Jun 2026 20:59:05 GMT"},"fingerprint":{"sha1":"09:82:33:43:6A:B0:29:CE:52:C2:78:BE:56:C2:66:69:2C:93:77:4D","sha256":"96:A2:77:A3:57:AE:2F:B8:AC:84:4F:CC:90:D3:13:81:B2:E3:67:90:0A:1A:95:7F:7F:03:DC:28:0B:46:B1:01"}}},"request":{"raw":"GET /font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-normal.woff HTTP/1.1\r\nHost: glyph.medium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rewards-x.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: application/font-woff\r\ncf-ray: 9e88b6006bd41a30-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid\r\naccess-control-allow-methods: GET, POST, PUT, DELETE\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\ncache-control: public, max-age=31536000\r\nage: 538098\r\netag: v2-b156742\r\nexpires: Wed, 07 Apr 2027 11:32:18 GMT\r\nx-envoy-upstream-service-time: 46\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nset-cookie: _cfuvid=_lQ14W5tkaBkF0V0tMcyOD52FjN46wscNjHSFgve1Ts-1775561538639-0.0.1.1-604800000; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":12504,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 12504, version 3.1","md5":"530bb34973f5bb8e7ce60043732819d7","sha1":"50f4bc85b71fe4b49b586490bcbe03c1d6e0ce75","sha256":"b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f","sha512":"f81175b13042754177ea6c7bedcf6115665de450e6fea5ce7f4f6399befbc328647543057e974c6e91c077d7b555e240ee84f0e032a02c80675594082f19928b","ssdeep":"384:j9BT/bl+QkqbifHZ+in3Xi3g5ATDbvIZc:9+ubSG3g5GbQC","tlshash":"5042bfd864712d00c7f2af3f9a07d258be9846d26c2ee93e264918d50a87b0817f75e2","first_seen":"2023-05-01T18:03:27Z","last_seen":"2026-04-07T11:32:41.680433Z","times_seen":102,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":52,"dns":10,"connect":7,"send":0,"wait":31,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff","fqdn":"glyph.medium.com","domain":"medium.com","tld":"com"},"ip":{"addr":"162.159.152.4","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"medium.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 19:59:16 GMT","end":"Wed, 10 Jun 2026 20:59:05 GMT"},"fingerprint":{"sha1":"09:82:33:43:6A:B0:29:CE:52:C2:78:BE:56:C2:66:69:2C:93:77:4D","sha256":"96:A2:77:A3:57:AE:2F:B8:AC:84:4F:CC:90:D3:13:81:B2:E3:67:90:0A:1A:95:7F:7F:03:DC:28:0B:46:B1:01"}}},"request":{"raw":"GET /font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff HTTP/1.1\r\nHost: glyph.medium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rewards-x.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: application/font-woff\r\ncf-ray: 9e88b6004b5f1a30-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid\r\naccess-control-allow-methods: GET, POST, PUT, DELETE\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\ncache-control: public, max-age=31536000\r\netag: v2-b492c44\r\nexpires: Wed, 07 Apr 2027 11:32:18 GMT\r\nx-envoy-upstream-service-time: 24\r\ncf-cache-status: HIT\r\nage: 9\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nset-cookie: _cfuvid=LaJLomHKBCMI2Lu0DU3UahZ_WbMVgcAcRtoFdSfnzfo-1775561538621-0.0.1.1-604800000; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18049,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 18049, version 1.1","md5":"5e3467a83ecea165121694bbb615c4ce","sha1":"96c8ea612ce4511ef9a8936f4dc5f691e3a2707e","sha256":"f3272b23b3153d341155b472f35f887eb89608ded27fa536d709622ef421fa95","sha512":"5eb2d621d58a5909805a1251664655cdf2b52b07f4ef09df053205601413a32e4d754bb539b04b276cc012ee23466b7defb8ae9ab837f44e490c2e37478395ac","ssdeep":"384:rmK5T7IBy6HmoqM3KBFYUsTyArV9AAG17ZCT0cSgE7Te5ZZcWi:r35T0LG1bBFgTbT7c7K0c/EmDti","tlshash":"8682e0709dfe1628e94cfa3b504a3887caf512cd0e49e4ef28463270bdab5975a07d94","first_seen":"2023-04-11T14:22:15Z","last_seen":"2026-04-07T11:32:41.680916Z","times_seen":2096,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff","fqdn":"glyph.medium.com","domain":"medium.com","tld":"com"},"ip":{"addr":"162.159.152.4","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"medium.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 19:59:16 GMT","end":"Wed, 10 Jun 2026 20:59:05 GMT"},"fingerprint":{"sha1":"09:82:33:43:6A:B0:29:CE:52:C2:78:BE:56:C2:66:69:2C:93:77:4D","sha256":"96:A2:77:A3:57:AE:2F:B8:AC:84:4F:CC:90:D3:13:81:B2:E3:67:90:0A:1A:95:7F:7F:03:DC:28:0B:46:B1:01"}}},"request":{"raw":"GET /font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff HTTP/1.1\r\nHost: glyph.medium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rewards-x.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: application/font-woff\r\ncf-ray: 9e88b6006bd91a30-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid\r\naccess-control-allow-methods: GET, POST, PUT, DELETE\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\ncache-control: public, max-age=31536000\r\nage: 966476\r\netag: v2-df9ba7f\r\nexpires: Wed, 07 Apr 2027 11:32:18 GMT\r\nx-envoy-upstream-service-time: 62\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nset-cookie: _cfuvid=gcX9NaHimNtNlqN.xH.p3owlLtAaQGwJKeLp99a4vHk-1775561538638-0.0.1.1-604800000; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":18889,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 18889, version 1.1","md5":"3c8358244cc8a9de7cbde6fb38a1e642","sha1":"3abbec75d399ba6c7eda47c74ad8309b23f4a1f4","sha256":"65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444","sha512":"b556f28c5968bc0f8f0d4e08f9c8e82b1dd8b76a4388e0396b8cb89c27b5eeae24b411638a39dc9b98ef5286408b83c47cebeb951b4bc7c0b0abbc17e0cd8568","ssdeep":"384:EL6XQ01lYzCp3WilZgEV0a98bBWiupi/5H0cSgE7Te5ZZcWi:46j1yE3WilRV0KYupiB0c/EmDti","tlshash":"c982e2f04f71270aebe1ac37f9a06d027d5a5d9a6475114b7449181e973ec214772ccf","first_seen":"2023-05-01T18:03:27Z","last_seen":"2026-04-07T11:32:41.681449Z","times_seen":419,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":51,"dns":9,"connect":6,"send":0,"wait":30,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/logo.svg","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/logo.svg HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nexpires: Sat, 06 Jun 2026 11:32:18 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8763,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"909edce442a66a89a7cc7995dc4f2bf9","sha1":"858ea0ee836b8cec8729406c55b35e7d0adad2d2","sha256":"7de942a07a949b626920ed00a558000f43242398bcb7f3102bfc4b43419bc414","sha512":"e3e64b7af9eb4a4b72f166c6b4afa9a8842b693edf31e9336f92ed455b1807c344b6341c27de2a88f503413f61c0d77a5d0ed9fe5ff06db073c5f078f8790c45","ssdeep":"192:5BLWnLeseEY+IQdvg32fBcW1U723vR5rjcBx:5BinlLvoHWO7YjcD","tlshash":"430284bc0a9c5bece804894edb22759c3ede306f5bf649b4c4865d23269640cbe93129","first_seen":"2025-06-25T19:23:49.037134Z","last_seen":"2026-04-07T11:32:41.682052Z","times_seen":25,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/photo_2025-02-25_22-49-02.jpg","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/photo_2025-02-25_22-49-02.jpg HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 25877\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nexpires: Sat, 06 Jun 2026 11:32:18 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":25877,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"1305a71c19b63ebefccb713343aeabd8","sha1":"8adeac10c16f822968154e91eaeea99e4ef51fee","sha256":"28d998b999e7bd279ed23530f73fbeef41ab5b416501d70c82f000c65676bfaf","sha512":"852087d5cf7c51a0fc1d74948105f6cbe4715d030c878d0068828f3615517df1cd6a201564d33a22e529779ccadad54f8276a9730ce4e0059dad9874ca9d3078","ssdeep":"384:sY5OHRlB5jKZY5tCkRS7LTywDw/2hdi1Xm2q3alDiCTTg16LEP75e2uSWoKV:Kz3UUOLpDU2hdEmF3alDisTg16LcY2zG","tlshash":"81c2e03033a91201f88eecfa53229740daf9fb28e4539596e9014ffb9256cd445366d9","first_seen":"2026-04-07T11:32:27.269442Z","last_seen":"2026-04-07T11:32:41.683095Z","times_seen":2,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/jquery.min.js.download","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/jquery.min.js.download HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:25 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":87533,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-07T19:36:04.981538Z","times_seen":137569,"resource_available":true,"data":null}},"time_used":7207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.matomo.cloud/25elon.matomo.cloud/matomo.js","fqdn":"cdn.matomo.cloud","domain":"matomo.cloud","tld":"cloud"},"ip":{"addr":"3.167.2.121","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.matomo.cloud","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Mon, 21 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:9E:B2:8F:2C:21:F3:D8:CC:C3:78:9E:88:F2:FC:72:0C:FB:68:3A","sha256":"D7:E0:95:8B:B8:35:19:48:30:B8:87:D2:5F:82:0D:1D:DF:65:27:5C:9A:83:C6:2B:1B:9B:3F:9C:32:70:25:3C"}}},"request":{"raw":"GET /25elon.matomo.cloud/matomo.js HTTP/1.1\r\nHost: cdn.matomo.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: CloudFront\r\ncontent-type: text/html\r\ncontent-length: 0\r\ndate: Tue, 07 Apr 2026 06:00:39 GMT\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 02 Nov 2023 02:17:11 GMT\r\netag: \"d41d8cd98f00b204e9800998ecf8427e\"\r\nx-amz-version-id: x8CUW72Cdy4wRBv1lXTNc2XlWFvGGyiM\r\naccept-ranges: bytes\r\nx-cache: Error from cloudfront\r\nvia: 1.1 ca0f77e7d535ced1a10fc8b8f87def9a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: GcxS4TOIx2g8Hd4kiII9zpH8NAfeNMRVtRxMhFgEhkFfYmR3sJ_VjA==\r\nage: 19900\r\nstrict-transport-security: max-age=31536000\r\ncross-origin-resource-policy: cross-origin\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T19:38:09.321414Z","times_seen":13472693,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":1,"connect":3,"send":0,"wait":114,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/toastr.min.js.download","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/toastr.min.js.download HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:25 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":5292,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4971)","md5":"2f8ab000e6fc6c9f2f25a7d6355c1905","sha1":"b9c927f53682569f8f2743404ae0bb2ff7b00bf0","sha256":"e815910819bc5456b3c1cc082f1d6f39ff617b26ed5caf0504b2bd8cb4cd4800","sha512":"05aece6cd779bdd371a61863638d7586785bfdc512b3b650a3c7343b21f096816f7f62773ac1ccef77395e67586ffa6163bdffc5d20391071185caca4c9eb09d","ssdeep":"96:NBZ665+Pu1NtTAn2/OeVXhI8KaPQNW4rW/kI75dRSVhfrZc:nZ6u8cmnYRR8IvRWrZc","tlshash":"47b19884b121bbca1b7360b8515f0006d2bb6362cdce54413a3ea58cbf70d0896b7fd9","first_seen":"2025-01-07T17:13:59.99571Z","last_seen":"2026-04-07T11:32:41.685083Z","times_seen":23,"resource_available":true,"data":null}},"time_used":7198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glyph.medium.com/font/8e059b2/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/source-serif-pro-400-normal.woff","fqdn":"glyph.medium.com","domain":"medium.com","tld":"com"},"ip":{"addr":"162.159.152.4","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"medium.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 19:59:16 GMT","end":"Wed, 10 Jun 2026 20:59:05 GMT"},"fingerprint":{"sha1":"09:82:33:43:6A:B0:29:CE:52:C2:78:BE:56:C2:66:69:2C:93:77:4D","sha256":"96:A2:77:A3:57:AE:2F:B8:AC:84:4F:CC:90:D3:13:81:B2:E3:67:90:0A:1A:95:7F:7F:03:DC:28:0B:46:B1:01"}}},"request":{"raw":"GET /font/8e059b2/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/source-serif-pro-400-normal.woff HTTP/1.1\r\nHost: glyph.medium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rewards-x.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: application/font-woff\r\ncf-ray: 9e88b6006bc31a30-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid\r\naccess-control-allow-methods: GET, POST, PUT, DELETE\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\ncache-control: public, max-age=31536000\r\nage: 359\r\netag: v2-8e059b2\r\nexpires: Wed, 07 Apr 2027 11:32:18 GMT\r\nx-envoy-upstream-service-time: 26\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nset-cookie: _cfuvid=5cCpY3yHq4Apy1F0hO1zNXZYEyTNVkgQmqgPu1S4d3w-1775561538642-0.0.1.1-604800000; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":58012,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 58012, version 3.1","md5":"5c4c3c5d189c69d7bd8ee2ddd8a72e7a","sha1":"c57263a999f2dd8b13b78f718af33a51350ae39a","sha256":"202a8c194cdbd74e42b1fc8c8e48b741204e6c7b368af1147740855268887dbe","sha512":"2695cd6dfca919c3feb8f5a0ec521ea5ec427d79ca2c05f059a100603196b93580585b8558de893fa7cb35be22fc49545bce4a9d255a0812d93718ee07667963","ssdeep":"1536:z62MzXVUR0hYmMbm8M5eO9WDj23PjQvHM813Gl:z62kVUR0hYmMC8M5mD0PjQvj1C","tlshash":"324302ca047c8f8fe318bcf59c4cf7549421e6f516e8b1f68a0063b9a9daaa1531d1c3","first_seen":"2023-04-07T18:04:24Z","last_seen":"2026-04-07T11:32:41.685576Z","times_seen":2227,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":51,"dns":1,"connect":6,"send":0,"wait":35,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-07T11:32:17.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 01 May 2025 05:56:34 GMT\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: UPDATING\r\nx-server-powered-by: Engintron\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":141889,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1033)","md5":"8a647721f6afe41433881ff826a700a2","sha1":"5d9e49d92825fc26ac226103fab62773eb8322a5","sha256":"da9b82f2f699d44874d61c103b7d776099ad78568061041c4ad88ccad3beb0b6","sha512":"1b0213097f02ccb1ec33c4e6b037c078fe0e79cde549c970bf7683961b6ed0b91dbe34f9b657e334ec7befd075c353305ee651e9c8ca36257211255626f0dbed","ssdeep":"3072:R/TPgnkPgTUIFPg8Pg7PggPg5PgYPgUPg3:R/7Ic","tlshash":"cbd3612b19f202166943a0b86beb5695772ad017f90ecda07eec17a0cf97d91cd4378c","first_seen":"2026-04-07T11:32:27.265048Z","last_seen":"2026-04-07T11:32:41.686144Z","times_seen":2,"resource_available":true,"data":null}},"time_used":398,"timings":{"blocked":169,"dns":1,"connect":53,"send":0,"wait":54,"receive":0,"ssl":118},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/toastr.min.css","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/toastr.min.css HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nexpires: Thu, 07 May 2026 11:32:18 GMT\r\ncache-control: max-age=2592000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7990,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (820), with CRLF line terminators","md5":"286f488b8aeab9778f68d13592ea9362","sha1":"0f0503aeb154fd7e3aa3cea4e8ba3302db88c6bf","sha256":"13e1c08919426283404693bf1c3aa53cd5f1d81fccefe00648f23fb1c9cb03ad","sha512":"b909917867a7302991905acd6ebe980c00bb3ef55e92a46b4e5bb65d33f1b5fc80b2b02583bf0e23d79fcc90ac079229ca1eda3f2c6416dd46fdba3e77604d1d","ssdeep":"96:Wl13uasgZHvwNACYeIFHSpZIJWQ78GhJZCjtQJWP+zLmlD6JWKG8CzyQJWVMz2wZ:Wz2AoNACYeQeVY8syVttlGPVMnoIfM0","tlshash":"e2f1a624cb433609aab2466dab694106ef165163cbcd189d3acf925cdff7b908c70f48","first_seen":"2025-05-05T03:54:27.327178Z","last_seen":"2026-04-07T11:32:41.686714Z","times_seen":23,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/x111U4OZa1.jfif","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/x111U4OZa1.jfif HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:25 GMT\r\ncontent-length: 53942\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53942,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 228 x 492, 8-bit/color RGBA, non-interlaced","md5":"278d26775c11c971df7cc39ff27eb986","sha1":"a81a2e82b2bd3740198716742826565c1b2e9519","sha256":"40213f6aa127fe4847d57104e65358015010dd4a64f16ae9d74df505e8f57d50","sha512":"d5915605afff5559297dca3e485e176e5f990b7f4ffeb3c936ceb96b36b02531c3609cb855cad244cbfed7c6aa7cc8c75988da25b19acb13f06fa7a9e7d14971","ssdeep":"768:Ege5c9ktJLCn8I1RNHhhXZNq74qNu63ViLXwbs8R3nt/cD7CBxWHgXbpzPFbMWSB:Ep5cWtJLC8YHhhbqsYuh4t/pX3pnN3c","tlshash":"ca33f1da6e6cc4e6c4ed151eed6c8ae71ab5d9d0c610eb6b083c0ef2b7912f68c41c45","first_seen":"2025-06-25T19:23:49.038605Z","last_seen":"2026-04-07T11:32:41.687709Z","times_seen":9,"resource_available":false,"data":null}},"time_used":7141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7139,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/SFqoKMXN_400x400.jpg","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/SFqoKMXN_400x400.jpg HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 28306\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nexpires: Sat, 06 Jun 2026 11:32:18 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28306,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"ba7fecb8ccf9c7cace8b7f6bb0aa882b","sha1":"1777072bb96a67a8e369dd067d144721b06457a7","sha256":"5d6e0127fb6cbd43b5c3657c9acafc90a777f0ace136e7a996927d5dc947a0cf","sha512":"a69206b6fe52953b174c31adb4bb6c3dae6bc51c489a7973d013d64c5eccf5d4a93178393981033c65214c0c306aee99df7cfe16f2c56a2474b7f9a72b85ab73","ssdeep":"384:sUsVRiTr3KgGs6LRxDs2bl3wpA9frigv60h+gyCVv3TzkSqdcnjSYfVm:iMr3KgGptxDJbJwpcOqhBv3TzkOnjSqm","tlshash":"81d2f176cb0ca2d9da4e7372630c6ba5743a3ad10f0a6334a65a085cf3349cd1cd5b9d","first_seen":"2025-06-25T19:23:49.034413Z","last_seen":"2026-04-07T11:32:41.688229Z","times_seen":10,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/GR4VOP4Y_400x400.png","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/GR4VOP4Y_400x400.png HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: image/png\r\ncontent-length: 20144\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nexpires: Sat, 06 Jun 2026 11:32:18 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":20144,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit colormap, non-interlaced","md5":"0f19f56324be03ff5a2201984bbffb07","sha1":"3d0893b93c7581a70876637f0db215ce8a26726d","sha256":"18b83a9dc5998bcd4e6f651be238c83fb877dba1413608383ae190e79b261020","sha512":"e7e67783877b7595240ec6f2defd719a788725a795ce4ed4065138c95204c4ed17e12d63ff15e5e145c3687815c7f3f435c93cda80e27aeb2ca09b6c35ad8822","ssdeep":"384:oyyyl9guTfksQUCY7L3T3DmqkEnjfUIaKJnSOFNv4SmlyRDaHAbn99zjTQsKUSti:+QCe7L3TTmqrTaKJnDv4jlyRDKen99LD","tlshash":"5992e183877df97adee181970b3e191104a54f63019beb62a8bfcc54cdaafe18c50790","first_seen":"2024-12-14T17:23:34.683326Z","last_seen":"2026-04-07T11:32:41.688822Z","times_seen":26,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/x111U4OZa.jfif","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/x111U4OZa.jfif HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:25 GMT\r\ncontent-length: 232571\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":232571,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 346 x 446, 8-bit/color RGBA, non-interlaced","md5":"17bae658f9b0c3aa3d310564d99ba629","sha1":"2651d86ecaf2155c8e02a6b314902801e7f7da1b","sha256":"8e72250e6f63552d76642d109deb29c8f67a05782b6ca2972c52c3918e09e02f","sha512":"3b9826d3fa1d6aea42a02fb9f9aa01bfbb3fdbb25dfb46978369afb37c55c713ce3b878f2eb447178ea35102c4ff38adaf6e40fd97216b83d4a8195db6dd5b65","ssdeep":"6144:ukrYPwyH9m4VrlHOYhDQqy08qyG9g5Um1kP:RrY5x4wDRydmmw","tlshash":"5d341241b4d4511c664f8a11d06b88f1922e32e7337a9b73503eb6b96c3ab57f8c9c1b","first_seen":"2025-06-25T19:23:49.027997Z","last_seen":"2026-04-07T11:32:41.689332Z","times_seen":10,"resource_available":false,"data":null}},"time_used":7219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7210,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-x.com/Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/hleMFwew_400x400.jpg","fqdn":"rewards-x.com","domain":"rewards-x.com","tld":"com"},"ip":{"addr":"176.123.0.55","port":443,"asn":200019,"as":"Alexhost Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-x.com/","date":"2026-04-07T11:32:18.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.rewards-x.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 02:31:05 GMT","end":"Fri, 29 May 2026 02:31:04 GMT"},"fingerprint":{"sha1":"68:A6:A2:BA:64:D6:AD:16:49:9E:63:3F:D6:C5:C0:95:D1:E9:46:B8","sha256":"EF:E2:FD:49:D6:1F:97:00:BB:43:17:90:29:1B:B4:CF:5B:79:3F:AD:CE:DE:B1:67:E2:11:C6:33:09:D0:F1:DB"}}},"request":{"raw":"GET /Elon%20Musk%20-%20Official%20ETH%20and%20BTC%20Giveaway_files/hleMFwew_400x400.jpg HTTP/1.1\r\nHost: rewards-x.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-x.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 11:32:18 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 23895\r\nlast-modified: Mon, 31 Mar 2025 14:26:04 GMT\r\nexpires: Sat, 06 Jun 2026 11:32:18 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23895,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"fb26da61686a808692a7d88d152edc49","sha1":"e330ea5bb65901037ad535ab1699c0b755ea5f6d","sha256":"f31b2ab36d56bec41c4fea060ca6dad386473f3031c7b737bfdea97592d8df03","sha512":"3cb908e37efae49b3a173f34f3601dbfc79b39defa2cf801b3be7963c8e6c130631db52f201020bf2a2958e916dd272e6ddc3fb0fba10acac6bb6f9271799ae4","ssdeep":"384:sH7uf3HROE/y2q3d8LCCKCWTBSp74CGXGiMjyKZf1iZQoBtsJz9cCrjxieiZZjyO:IqxgNmjUBSprE7sf1itsJz9prjx/i3jj","tlshash":"09b2d19c7775d3e9ea1c47382bf5aba396a47d1954fda315088221483f3c0e21632add","first_seen":"2025-06-25T19:23:49.015719Z","last_seen":"2026-04-07T11:32:41.690262Z","times_seen":14,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"rewards-x.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}