{"report_id":"1e06f522-c94c-4a00-b637-2f7232dbb2ff","version":6,"status":"done","tags":[],"date":"2026-01-07T10:22:29Z","url":{"schema":"https","addr":"cashinronex.net/","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"cashinronex.net/","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"title":"Cashinronex - Oficjalna Platforma | Trading AI 2025 | Ponad 10.000 Opinii","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"cashinronex.net/","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T10:22:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"cashinronex.net","ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-28","domain_rank":0,"first_seen":"2026-01-07T10:22:30.466633Z","last_seen":"2026-01-07T10:22:30.466633Z","alert_count":58,"request_count":59,"received_data":2900470,"sent_data":26776,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-01-04T22:27:18.120727Z","alert_count":0,"request_count":1,"received_data":260066,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cashinronex.net/","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3d55c512d6c7136956121b4934fc2ef3","sha1":"eda64499c2251027992890cfdd0508ce4ed66162","sha256":"3097c84c489a39c0bfbf9e06204208486a28fde41dc93693244183abd081782a","sha512":"3d3776f783465f95e5e44f0d5719645406d7341d5b757d440c7c2d81df80b41f5cd44ee6de6fe1c8364905d05cdd3e6c39d5f4c7d435b1d43f99350f9bd0178c","ssdeep":"","tlshash":"c3a0021501512554631720901125c3992679a067ac49923a765e57404740415c528401","size":68,"data":"","first_seen":"2023-03-07T12:55:41Z","last_seen":"2026-06-06T06:20:23.23349Z","times_seen":722,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"074213368ac12eba67a8cf5dc670b47a","sha1":"ba1e986ad6eccad975272d9134bbfe3fcfe4b12f","sha256":"53bf8dafac28b94de938df72826e74124331075361e5feef682af2e77b6f93c4","sha512":"0697d62f2480a65c40c057f930653fff4929fd41d603865b9b45c0e6585ecfd6f3abf2526efc60778fc7c243da823d3c4629184319e06c7cfa6faa63c0e12884","ssdeep":"","tlshash":"30112b0404720034c63394eda7cb1e9d753162ab7489a79e3a8ed30c3fc66d6caf52e6","size":1021,"data":"","first_seen":"2025-09-02T04:43:32.350335Z","last_seen":"2026-03-09T06:21:12.150379Z","times_seen":629,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/js/intlTelInput.min.js","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ded1964f38ab9678f3995424b7fe0290","sha1":"694f129bff8b5eb6848206be283a11217f49bf21","sha256":"2bb01a8c21190373220870f7665e507b1e4d81538e6860e3ba36f5531f0a5203","sha512":"7d05d325f41e7fed4c5a251588783d3e79bf31eb177b7d450fc7c48fdb2f67fb1c00d667336a874716c0f95683b9aba9d8a3a71601de2e82072f3d7451cd3602","ssdeep":"768:c603Xlqn/kiIzJT9FSRzA4xXnT2nYdn24X686LOpQ9PVigsv:cDiIz8A4knYd+Vsv","tlshash":"ddf2f9ae7371573766be82fa70e64503aeae35458604443d38ac8ecd0b88ed171f6778","size":35491,"data":"","first_seen":"2025-09-02T04:43:32.265236Z","last_seen":"2026-01-07T15:45:42.769997Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"aef91076f883db5d82859841a71c30d1","sha1":"04cea57f4e97521601e4e011bfe183d0507496d2","sha256":"2a7c96529e64ab018efbe5e2b3a126191816b62767db1bf346e20a2df17697d2","sha512":"d36f4f651b5db41f2041ec8e821c495dae80edaa970298859f52f089b6c21b2fcde6e7e8c9b125cac279bfc44c8b78fb5be2c7f83865fa16147a08948aa65050","ssdeep":"","tlshash":"4021883123361171d2bb606b67cbb3293522a0173501d58c7e0c86884fcad5ef5666d8","size":1381,"data":"","first_seen":"2025-09-02T04:43:32.352172Z","last_seen":"2026-03-09T06:21:12.151256Z","times_seen":633,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@23.0.12/build/js/utils.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6eae88fad6fe723d8c8d2386a63dd152","sha1":"42046e250c7f2eeff4619a89b0be7b83e01e5edf","sha256":"a4000409a897003b1c5a8e1f9f32e18a11b022452151cc47c17ecdcb76d5223b","sha512":"d356bd87f7170499fbf445353afeda69dbaccc391eb41826290a30752475735a27d56ce1d642af1dcb02f93a1405926a440add5cb38000b7d112cab0f918bd6e","ssdeep":"3072:9klM0hpJjFs3OwPss3MwPKm7i9T2xFM8Mp2xHsNBWUsD56kmLNTg/QKWVRphmVEw:9klMipBKxxFM8Mp2qbZQ","tlshash":"1144f1ebd63c9737a1e97b35968eb3cd5a8cbca3c848567826c3b54f52784e0706c205","size":258914,"data":"","first_seen":"2024-07-10T10:54:41Z","last_seen":"2026-06-08T02:38:41.482731Z","times_seen":1674,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"c92a10324374fac681719d63979d00fe","sha1":"aee655773d856fb038536adcfd6472fc7543463e","sha256":"158a323a7ba44870f23d96f1516dd70aa48e9a72db4ebb026b0a89e212a208ab","sha512":"d27859c90f5748d3ec0ef6d4ef49c1755d6ce1ac8035cd4f7dba41b8dd7d440ad8fca164ccc948b5630ef90346ff9279e35d31887e724ab6e0284300a80eb61f","ssdeep":"","tlshash":"8430000000000000000c0000000000000000000003000000c000003000000000000c00","size":4,"data":"","first_seen":"2024-08-20T00:14:53.541497Z","last_seen":"2026-06-07T08:16:34.757425Z","times_seen":27513,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"cashinronex.net/css/styles.css?v=01","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /css/styles.css?v=01 HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: text/css\r\ncontent-length: 956\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"c67-64238343bfe1c-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tpWZmToLBGosRrBJA2Ny9MHzaXQDthv%2BTbIhp3do9k%2Bnq0tvnAFu%2FJFLox2Rp12Fv1qLMcSQHL%2BIRtvwEnGu1o7vQ8xdNEB8IaUV6J%2FGeg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba2bb725bbe783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3175,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a7bcd1c97a642e3ba1aa56fc190274df","sha1":"00493642cb61f1400562455a55dde50333b4448c","sha256":"8e7f617969f8aa2a4d08878377cd35eb66aa17bd229562cd3a5c86bdb9b6cf90","sha512":"9098c5ce966b5edae9b80710270c641179ba70bcce2256a68b94c0b3630cff6d2d246387e2c83661e5585fb9f76fe646e6c20ade3d59f3faafcd23b57524809b","ssdeep":"","tlshash":"7f61ce53da994846761bc66922cad780339c5841cc07ee75ffd0201cadc87a99ef7b8c","first_seen":"2025-09-02T04:43:32.311331Z","last_seen":"2026-03-09T06:21:12.069854Z","times_seen":579,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/stars.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/stars.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"89b-64238343c3c9c\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1yHIn42%2F9PMQrTYDVeWvJy%2F6pA7C7mYzJ0955QUd76huoIaEKtyMnZWjbXLAr9R9%2BmbgXsZWzomsgCpuBNdyn3KXK9ZjGhZPzmX0QI%2F6AQ%3D%3D\"}]}\r\ncf-ray: 9ba2bb726bd4783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2203,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b5f46c787a1e0651d75603195a101a46","sha1":"2e1b5eab0082dd1cde7729696f9aaea6ae00e171","sha256":"adfbc7c2eb5a7bd50ba738a956c98508155e845bee22dbd4ae2b6a28e5f82c52","sha512":"8c928c3cb1ce4c6e4a78af922a97367600a7ff1c6f84fd57c9919f807c06f8fc98be8572822376ca5efa53dec6eae031fe52c12029698321d197bcc838434ccb","ssdeep":"","tlshash":"844104a0731c93f49056f7f4fd29a96635203d7e9b8887f4c2d12a80d4b72a9d58fd88","first_seen":"2025-09-02T04:43:32.301529Z","last_seen":"2026-05-29T07:06:51.963635Z","times_seen":1254,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/user-7.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/user-7.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 5552\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"15b0-64238343c3c9c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=50COVT5G%2BLTu5zFLDkoDBAGzomxEcqEZ0MJBxFNmD%2FuH8JhjXKvkWf%2B5t%2Fu1R6Qv%2F%2FUCBRFsRjEv6BjZWmztdU6Iyla6WNACkiVl%2FAarVg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb728bed783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5552,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"27470bec9f071ad8fbfff2b5cb912ea4","sha1":"1a52e1c82ac31158da0d0d641e2169a8ceb1b7ce","sha256":"7e1f70cc3d6d6e8b533fe17264755bb6a15b520870812a802ac8f54f1fa0e357","sha512":"4bcacd7eafe5962dfc3d70266a978409b63f4ab08781bbfa25ceec2f7fdd60f331500f04f99cc51b2fca6ee3132a903d7bc61d3518101e3bb11d370a841c88ed","ssdeep":"96:iQb/w/YtmuTEwoLPRpH4r8TLL2jNyzgT0WclbVYg2QphfgTrTs3nyCspeUs5Yd86:NESTEhzRpH4YbSNXT+VYgdurTaVsxUYR","tlshash":"3fb19eaf9f5b2a6fe2c2e73b155c356a121f534de218897d16a0a262472c3887e27084","first_seen":"2025-09-02T04:43:32.325136Z","last_seen":"2026-03-09T06:21:12.126626Z","times_seen":573,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/user-8.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/user-8.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 5798\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"16a6-64238343c1d5c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=itRqqwBonYmjC55LBCaOdFTyz5tgprCroPEZFUxMs%2F%2Bkr7L2EHDMVrVY2wNVUIdtgrNVlGoVya4BifXuzIG7c1WER8bcvPmuwz4mfwqDIg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb728bee783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5798,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2ee770495b413c5926e83c67358c66dd","sha1":"f48986b91a75699f6e3307d39d424fc54c2ffd42","sha256":"a9213d53d2261af8ca283f6aa9a226bba48af80850ae213973337304a5a61171","sha512":"38ae1cecb17ae918791b720ae6d5e0f2e16513c0298bc3a211db332ace13ae85a294e1eefb4df97435bd56fbcdcbbe33f3f8d4bda3b923bd9a6dbc6bff4cbe1e","ssdeep":"96:Trj9Ugl+x7tyV7/DATNYm3UiaB+2P8cjo/AbnqrTOsgGdVPt7B3Qvo7ms:TXuycg7/DCYmEiag2P8cjoIWrvFT7ms","tlshash":"03c18e2c626e7e458f9d23fc3e85bc625c02224b6ec28c491ba4f55f6f8439143f018a","first_seen":"2025-09-02T04:43:32.317254Z","last_seen":"2026-03-09T06:21:12.096913Z","times_seen":573,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/fonts/EncodeSansExpanded-Light.ttf","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /fonts/EncodeSansExpanded-Light.ttf HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/fonts.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: font/ttf\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"27738-64238343c1d5c\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V5w1%2FxZatL%2B9cBqlyG2Gvz7WeYoRMVVoXhsu5Tu1nXLYic37rt5iEGp5zhjerfvH9Bt2zdDU6B%2FRv%2BF3TJQ3weqWYXmo%2B%2FGSAVjwAC5dnw%3D%3D\"}]}\r\ncf-ray: 9ba2bb739c31783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":161592,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 16 names, Microsoft, language 0x409","md5":"97a2a619bcef5d92ac7f66e17564887c","sha1":"2c6e03389700c030149924e5fdde5f0e9754cced","sha256":"875d0d2122e8bb59c73e1e03d3757b382046266f658df35c0053797e954295bc","sha512":"0b3ae4d454cd5d25800d242177e45719b1b4cd16393586b83d93f94072b026c5a9c3258521a08052f699b59564385d593f07182718e5aa1da9b3a806c69ad051","ssdeep":"3072:ZrdeC8OMvHv5MXeEr2IAEmbYMRbc+LkPjcHHgRlbf:Zrd++XeVgYooHHOx","tlshash":"dff36c0ff7a3db19f5150e35997c83d572e6f8512f22c64ba54cbe68d4870f408c62aa","first_seen":"2024-06-21T13:38:29Z","last_seen":"2026-05-29T07:06:51.969459Z","times_seen":990,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/btc.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/btc.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"567-64238343c3c9c\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5%2B1vSU8TMnSaFpIZAARp2JT%2BREDEtamFC1itKeBkCrjPdKFEcRdvbQnxvJQMoJyZS3v8P1lln6nOAuTvQv7X7FgV4Tddut64BTblTsauRA%3D%3D\"}]}\r\ncf-ray: 9ba2bb725bcb783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1383,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"08b899edc5746ab897190fc4caa0a883","sha1":"24da4aad4cd7ed97d096df6c277c6e7e185a2130","sha256":"5a837ec546b5cc6b85ba9666c287c5183c4ad87e22d4670f891bdd60297b0bae","sha512":"892ec9c3514f9cbacedc42f87ef287a468867ce3a6bfc73610aaaea7b6503339055d15cd4dacc8d9d18ba23f883d7f3f41b1229d77981b0b8ead8135caed9d3e","ssdeep":"","tlshash":"3b2120f1b3ecd5c59a8857f0552d78b17d3230f1ad1ad12c86f07fa1325a42e0928cc5","first_seen":"2025-09-02T04:43:32.272741Z","last_seen":"2026-05-29T07:06:51.962009Z","times_seen":1254,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/pros-3.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/pros-3.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"6d7-64238343c2cfc\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AF8dPlt6JvoqGqJvmIHUzcIn0rf4tvtwLT5fxzNlHYNKxry84OCar9eGe2hLQsAutrc1Z3X9l0YZjqbOruG%2Birf%2FpjTON5R9GYlqmVnXZw%3D%3D\"}]}\r\ncf-ray: 9ba2bb727be3783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1751,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"77cc23f4dfef3fb494da063dbffc4fb0","sha1":"5497f0fa1d50011c7d90ab2f3c9107fdb6617906","sha256":"6c79187930a4abc56242352b5d4d5a5e68e7a6837c129e4021ade79165774cef","sha512":"9998ae9c90a9a7a002c388e1bf176ee2730c6806e545707820f118ae4808994ae1552977dacefedf49e6e425b31819097e0be659b99e73a6bddcbf80594cfdfe","ssdeep":"","tlshash":"9c3123dc2178c39cb40679680786b8b13c5b99cd95a74845d3b3be12e88845d5e748eb","first_seen":"2025-09-02T04:43:32.34178Z","last_seen":"2026-05-29T07:06:51.939805Z","times_seen":814,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/bittrex.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/bittrex.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"328-64238343c4c3c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XnlIhi7Ij%2BbSSXnF2N3LxvY9pcHUB7oFuvC%2BD7d6I4dRDPx7KaIVnzZ4rlTXjx9U8IfIRoRkh7m2gfWRhpqMUpF76rLlxHMNi9sW63RiNA%3D%3D\"}]}\r\ncf-ray: 9ba2bb727be8783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":808,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"df280930bc74ed9797630ef8fc49d3ae","sha1":"90880c4fea185cf1c65916a7f2c946e030170499","sha256":"bd78df4c565f16b918144f647ff9bb0dd258d448fc1c27079e93a0a7a073c994","sha512":"9b85a6a0ed231f251557790380bb6b203ce6b66e55a7bcca005404183c9a9882fb38637ee2b48c8742af5c9875f0f195beffe909ae992476e26f8058171569b9","ssdeep":"","tlshash":"4601f1f4f62c924d0e08534d2b7835395194b3d8c3c64b5d3940633b6c8d4271eb32e8","first_seen":"2025-09-02T04:43:32.308504Z","last_seen":"2026-05-29T07:06:51.9426Z","times_seen":1248,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/js/intlTelInput.min.js","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /js/intlTelInput.min.js HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: text/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"8aa3-64238343c4c3c\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qHB4pMRORdFuMhzpyxkLPt8psUI7EjSDWj9RJdtIjMlbKnLKssAikG%2FdJYqzveITxAgntpeGINgdzudz4Bu8SR2eNmANBoDIcuZ1ZovxkA%3D%3D\"}]}\r\ncf-ray: 9ba2bb728bf1783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35491,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (29515)","md5":"ded1964f38ab9678f3995424b7fe0290","sha1":"694f129bff8b5eb6848206be283a11217f49bf21","sha256":"2bb01a8c21190373220870f7665e507b1e4d81538e6860e3ba36f5531f0a5203","sha512":"7d05d325f41e7fed4c5a251588783d3e79bf31eb177b7d450fc7c48fdb2f67fb1c00d667336a874716c0f95683b9aba9d8a3a71601de2e82072f3d7451cd3602","ssdeep":"768:c603Xlqn/kiIzJT9FSRzA4xXnT2nYdn24X686LOpQ9PVigsv:cDiIz8A4knYd+Vsv","tlshash":"ddf2f9ae7371573766be82fa70e64503aeae35458604443d38ac8ecd0b88ed171f6778","first_seen":"2025-09-02T04:43:32.265236Z","last_seen":"2026-01-07T15:45:42.769997Z","times_seen":26,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@23.0.12/build/js/utils.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:08.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/intl-tel-input@23.0.12/build/js/utils.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nOrigin: https://cashinronex.net\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 10:22:08 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 56438\r\ncf-ray: 9ba2bb74cb1b783d-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 23.0.12\r\nx-jsd-version-type: version\r\netag: W/\"3f362-QgRuJQx/Lu/0YZqJsL57g+AeXt8\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230139-FRA, cache-bma-essb1270040-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1653282\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=VJtwGaIBA6Du6gdfGPpUI67Qx2sLI9MV57ino3R6dHgRRD5p%2Bw3Voox9aeJMUb1Lp90VHYQUqcIWGrCU3sLNzfqxSmQ2nRGndTzwbNLjNRH8BLLmEKaKPbRJuRiX1r0W1jI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":258914,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1903)","md5":"6eae88fad6fe723d8c8d2386a63dd152","sha1":"42046e250c7f2eeff4619a89b0be7b83e01e5edf","sha256":"a4000409a897003b1c5a8e1f9f32e18a11b022452151cc47c17ecdcb76d5223b","sha512":"d356bd87f7170499fbf445353afeda69dbaccc391eb41826290a30752475735a27d56ce1d642af1dcb02f93a1405926a440add5cb38000b7d112cab0f918bd6e","ssdeep":"3072:9klM0hpJjFs3OwPss3MwPKm7i9T2xFM8Mp2xHsNBWUsD56kmLNTg/QKWVRphmVEw:9klMipBKxxFM8Mp2qbZQ","tlshash":"1144f1ebd63c9737a1e97b35968eb3cd5a8cbca3c848567826c3b54f52784e0706c205","first_seen":"2024-07-10T10:54:41Z","last_seen":"2026-06-08T02:38:41.482731Z","times_seen":1674,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":14,"dns":1,"connect":1,"send":0,"wait":10,"receive":5,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/binance.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/binance.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"d34-64238343c2cfc\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hufAM66h6%2FTG7tL2Vj0BJ%2F2wgf%2B%2BGwBerLxQsXTWqKPizIIXG6koBdaGTTmiQknCWo9nn9pklFArQ6NDqPDW2NPLvorXjCkvFvtuP%2FbrBA%3D%3D\"}]}\r\ncf-ray: 9ba2bb725bce783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3380,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"286147a6a8b43aa9f703eb3b278c669b","sha1":"a23688139388df4ef861c249ccfd8bd48aa2eff2","sha256":"1b4f876a5cc0b5da87f17a7ffb330ce2c5002c414036ddff7803da78ec725865","sha512":"1e4b9065bb362a10ad591f82fe88d373c5c82f582cc5ae6c03c87fe1f0cd3f61b71942fffeb119ed7700ee95e7b91845d16ee94443af3dd9960cd1c0c10fae4a","ssdeep":"","tlshash":"a56193a513a9c2e4b4056bfc8f0a68f23fa728f7ad27c51953d12941e8a067c8c75dd3","first_seen":"2025-09-02T04:43:32.294472Z","last_seen":"2026-05-29T07:06:51.955631Z","times_seen":1249,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/header-avatar-2.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/header-avatar-2.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 2276\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"8e4-64238343c3c9c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o8qD4n1ilchaHCzZbzKsh0yZJmRkEoOoSwlfXPW6F8D%2FlJ8ETutEARWigZlnTbujmWPBXB0wkz%2Fl0f1NRmqT0iBohMFqyTevoWDoWbKRCw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb726bd2783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2276,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f002c455a1cbb7ebb9f0e367f5a1aeff","sha1":"108acd639aef6dfb2988dbe90017ee4e693846ad","sha256":"3687604fcb1bd6ec80db705d104ab28909dac30e35be40ca3ef55146223af35a","sha512":"7c2b8f1cfc72675366802a003974b8d88fca624431736e4271dedebe9aba73b06cc1652fd6701a4d5fba09f55f6ed56abe021b07b4ce46c6cdb8c0939f0e2e9e","ssdeep":"","tlshash":"e3415cf92594b03bc0f4583a0c7c661a4ffa49e2534e0e360f5d9b6a19212325cd382a","first_seen":"2025-09-02T04:43:32.312857Z","last_seen":"2026-05-29T07:06:51.956939Z","times_seen":812,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/info-arrow.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/info-arrow.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"1e0-64238343c3c9c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4m16cg8QVfb2oC1GI4zFIC63n6HfpAxrIMFEmbXHFb4IeGdwzivHPKdxb7SIayuP6T%2FiIYEAjwf1YYkDUAcW1QUjBoV975hLQel%2FnqMKWg%3D%3D\"}]}\r\ncf-ray: 9ba2bb727be9783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":480,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7000561a2a36f6e67dd92e77cbb50d10","sha1":"0059c6b703952d15dc05cad181c1999380a9454a","sha256":"b05aa3927b700369237f9d2ff209fdf0f4867935cbee04cd1bbbba66231cc7e6","sha512":"8c7cedcd717b2ae9b6b59fec21c9aefabb935218e3f158f81b653b5224094bbecac514b5dfe11f4c3763914860064afbf742aca3cf7f1824a358c185ca5f0d0a","ssdeep":"","tlshash":"9ef09ea730841086e00defb4f02c544636c31cc3b488412cdd4c660ab6e47ba2d40e54","first_seen":"2025-09-02T04:43:32.262978Z","last_seen":"2026-05-29T07:06:51.93455Z","times_seen":883,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/header-bg-mobile2.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/header-bg-mobile2.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/tailwind.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 25708\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"646c-64238343c3c9c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vRtkVhyYZkgHaINIQYE0TDolkgRkFoRGzvHRvKgmMAxs8eCPxt%2B9g4rdoueoSRvae6ATX4BOsPDg1FKzlyQCpZdNY5Gh6cwqN7%2Fn45fAJQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb738c23783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25708,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d8179eca6cacb540539cd9b74f711fdd","sha1":"5cba7acc82732a756054aa3529eac3cb85a3557a","sha256":"6efc83b8bf5e579eec51195c4eba7f58df2487f8d195f07d59b0741bd6ecce39","sha512":"ece42e75e994510373393c040d56edd7f44b5c3612c1b5552e3ca7111abc0312096792b5e8defafcbece652da2f21a3f8ec439db2426e31ab20ce06dd24487ab","ssdeep":"384:p2ESfIf9teHWKyJsBp1p4RrCGUWRsLGNr+pQNCc4b+cMVOARGCU2VW7Cr8xYySTz:0ESATO1SaWR/NBaiuwVW+VQUDr4Y","tlshash":"c1b2e183f37074daa07597f892717d2a79a8039013b98b9c3687391fe53a510779d2d8","first_seen":"2025-09-02T04:43:32.280027Z","last_seen":"2026-05-29T07:06:51.941443Z","times_seen":861,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/fonts/EncodeSansExpanded-Regular.ttf","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /fonts/EncodeSansExpanded-Regular.ttf HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/fonts.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: font/ttf\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"27510-64238343c0dbc\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BczA39omuSKT%2B18hcYWpkyMyTME6wMQWy77AJ3mz0XdhQYGaBisPAkoCWVfbV5y2St3%2FIL8N3G3vMfuPCHa7bUpbE6wASQoug7eraoyhpQ%3D%3D\"}]}\r\ncf-ray: 9ba2bb739c32783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":161040,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 14 names, Microsoft, language 0x409","md5":"09cef80beab41395b7406d15baf9a43b","sha1":"bf3eaf32c0a00c48e6bd5c173692c09bc6228b4a","sha256":"ef2d88cf3791a898cca0511f6866297247381a8147dcc60634204f1aaa37fe87","sha512":"8f5a3c30637653391455a5e079da16c34aa09d222d58b28226e9999e9363323ae3e3728abd2d376c9ecc40326bc325c63d96173329386f1ecd4d700f1f4f8eb7","ssdeep":"3072:8lOLJC8OMvp5WToy4PgIAgD5MCZy0BbKTtdSVJaXTkZ5IOgf3r2m/XpA/t7Tv2ul:8lOLh8TtguCy0Bbf5IOgf3rHpAFv20TT","tlshash":"eff36c0bf7a3e709f9551e74646883e572d2f8516f32c74fa448bfa8d4870ec08c62a9","first_seen":"2025-09-02T04:43:32.305054Z","last_seen":"2026-06-05T03:14:32.729902Z","times_seen":856,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/css/pages.css?v=01","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /css/pages.css?v=01 HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: text/css\r\ncontent-length: 1615\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"1916-64238343bfe1c-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Swp5oYLtUtRP2xjzFR1lELNJXZtGWDw9NVAk2d9V7HEm%2B6V8IuOtLtIic2du39h0Vo06gmwFFvKt3LMHnZ9Xq0Q2QwLGsECvgvaH%2FZZN9g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba2bb725bbf783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6422,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"b985752a6456e5b6947b5ee56325176b","sha1":"bc4092c92fa46606908a987eac017ff6cd3676f0","sha256":"b78c49c755c54e520a60184f8bf3c8dd403d8440d35f4a2cc549989674f59620","sha512":"5156b4d3620167250dff740242e3a039f1890b1750053fc1b951ddc782891379b4b78143c261ddacd04e9218a416aa9ce2c99fe40480d9a438dbc643a07fa0da","ssdeep":"96:byCddaEOGKH994xXsBOcevcRBbw+oN+uMJMzMJxsvB/rlt4xkt4su4OB/06LaChz:F2THhvRBieMwx2NNm+J4lfZ9D3","tlshash":"57d1459397b56048782a98a5a6a37f64222c8043d14ecdfcbfd6349cffc81d15961f8c","first_seen":"2025-09-02T04:43:32.299549Z","last_seen":"2026-03-09T06:21:12.138203Z","times_seen":524,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/usdt.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/usdt.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"df9-64238343c1d5c\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Abc4HEXWnrigjRa6y4qoiOhPJFkTwHuQRYlAdn%2F9YcNhQcJ%2F1t%2FeDkEia%2B7muPaCMMq5iVJCwVhwMavuPI1m37Ny%2FTcYZSsJwoxJnMxqLw%3D%3D\"}]}\r\ncf-ray: 9ba2bb725bcd783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3577,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"908ac595c69379ce8ce688a04dc020b5","sha1":"8fea3ba2ba406c0a875388c4dc75481af957a326","sha256":"b7ef94d66bc1b27c90dd4bb1887dfb58335df07576bee8eeee3c459d53fc543c","sha512":"fd52eb012b199609a0edd27ac2d9f118823d76afd5001b1c8373d6c7f96d20696b349e59409dcfc79a638f09292cd75c14a598369681ef0ac4e962b063c69a1d","ssdeep":"","tlshash":"7971e8e96398b2f4e607abe4ca37a871356758f57f12c48cc2847845e21856d0c9adc7","first_seen":"2025-09-02T04:43:32.333256Z","last_seen":"2026-05-29T07:06:51.947534Z","times_seen":1253,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/fonts/Inter-Bold.ttf","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /fonts/Inter-Bold.ttf HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/fonts.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: font/ttf\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"4d4a8-64238343c0dbc\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UPhbD2QSiwjJvuj6w09tC6ppR98w4o22cZvo3%2F3OrCHOUv5CWixuUWgES6vjawrwN9Be%2Bx8pUXKt0I9d5BZJNp1IZyk2DoLYeaxgUrEisA%3D%3D\"}]}\r\ncf-ray: 9ba2bb739c2d783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":316584,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 16 tables, 1st \"GDEF\", 50 names, Microsoft, language 0x409","md5":"ba74cc325d5f67d0efbeda51616352db","sha1":"47ff07c75746682133b81e7ac0537ce50a4c9916","sha256":"412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32","sha512":"0e1b968a789e9a4d3149e9bf539f12800b9e808b6d1829841e74a122369110b369b36dd10231fd9fe68523475305e398aad0927fe14247cbe75256cdd17953ad","ssdeep":"6144:x2RouaT1miEEE1ipnQzkghLs7J28i9Bpu:siomE1onQzkgRs7i9Bpu","tlshash":"5b645b13f323c31dca122d3a8b93c7a07367bc512b13e10ab7643a55c99b5b85e9b5c9","first_seen":"2023-10-31T18:47:11Z","last_seen":"2026-06-08T04:19:50.243215Z","times_seen":2536,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/fonts/Inter-SemiBold.ttf","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /fonts/Inter-SemiBold.ttf HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/fonts.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: font/ttf\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"4d33c-64238343c1d5c\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e%2F04UsU4oa5katiyrZJdJDAXkgfgLTT034MLNAJi6vESVuARnHRNRzQd%2BPIBq22euIJp73kHSDTFs6QKaMuKJSaFKHyNNk1eHKi2VA8qLQ%3D%3D\"}]}\r\ncf-ray: 9ba2bb739c30783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":316220,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 16 tables, 1st \"GDEF\", 52 names, Microsoft, language 0x409","md5":"465266b2b986e33ef7e395f4df87b300","sha1":"5e0c44e57e7e090252d79f622899e67585bb892c","sha256":"b0b540e69bf6717016e33874670e09acf4bffc2ca3f4c1cf174a4ff696308c65","sha512":"b653746094471135e0b4cb286b45c4fe2b146a877ed3ad03bf1c116f0413c0c2e66d9245651349dcf1c322b71071b499b83129d88a17b25f3ca7b18d5a5428b6","ssdeep":"3072:tYR7HDJwbA5Maf/j41tIW+8EziE7/VgC+zvVF7ALp5p28gzEPuNOVKpxG6IXfsCQ:qR6aT19iEjAa5hgJRLQCo4TJIwH7","tlshash":"0d646a07f363831dc9062d3a47e3c7a07367bc917a12e10abb283799c98b5b45d9b5c9","first_seen":"2023-10-14T00:46:20Z","last_seen":"2026-06-06T16:09:05.402698Z","times_seen":2888,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/fonts/EncodeSansExpanded-Black.ttf","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /fonts/EncodeSansExpanded-Black.ttf HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/fonts.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: font/ttf\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"276d8-64238343bfe1c\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TyttR7xP4%2FAyFf5BHzGcxMviTc9pbj9hV4gKoPfhMkMLvaTU4q9qg9E2xdSfLesNnDioTMXi%2B989cduTQpJbv1J6iTx85EuQ9CAPQKlcOw%3D%3D\"}]}\r\ncf-ray: 9ba2bb739c2f783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":161496,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 16 names, Microsoft, language 0x409","md5":"8d733c894ca18c1e271b8e648b605601","sha1":"ec5db396305437bdd280d2c5a857a507027e8d56","sha256":"de952ddb6b905cbddfca787502eadc44720735bbceb916264de6c427e58e89b9","sha512":"f4842689b731e5323b4d163abca8145971f1eb6fa30e88f1ca2d8467961342c90437a4965332eaa8ce74e75307ed0094164fd52913b3650838660ead87ec8e49","ssdeep":"3072:HokDRrC8OMv4GeLUoBhQI1LZrx0NrqRKoC+b1WxxEriV:HokSd1LZF0NrCKn+hZWV","tlshash":"f8f35a0bf783d735e9151e36a46893e573d6f450af36c38fa144bea8d8c70e428c52a9","first_seen":"2024-06-21T13:38:29Z","last_seen":"2026-06-07T05:41:19.535369Z","times_seen":1020,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/flags.png?1","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:08.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/flags.png?1 HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/intlTelInput.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 70325\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"112b5-64238343c3c9c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oi9DQ7YUT07gKqWEe7ghJYMCgmPQ6PSetcH%2BSbTX%2FfgCluvu9Msdb1ulry4qsqvxdc%2BbrU5Rduq1CPqV7ti273hmd%2FOedKr1HQUZ6OwKwg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb743c57783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70325,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5762 x 15, 8-bit/color RGBA, non-interlaced","md5":"0b1ca148890222235a0f9903636ca21a","sha1":"b451b4db431749cc40cc2a5f271f9807ca21f1d3","sha256":"54dc5bc49fbe41359681fa0af8add039fa1383a4f4eade34f7a0a5a257dd1caa","sha512":"37553ab4cecdb30b631d883dc0a1afe4b5e81b921fa2fb8054a63fa054c2f57954dddebfee1a5b676f97a392b954aaa553a803e6e9abeedd56f87da0b58a8475","ssdeep":"1536:3Cc3jdCcCx1zjonyR5/Gm5mwoKVehnITl1G/Ghdfal4pMy9c:SczdzCx9jonyT5mwo1hIp1hQ4pMOc","tlshash":"966302b241c2a627f87cb972b955522b673bfb30d280780a00cf15b6979517f04e3a3a","first_seen":"2023-09-16T21:00:24Z","last_seen":"2026-06-08T02:38:41.463374Z","times_seen":5820,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/css/styles.css","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /css/styles.css HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: text/css\r\ncontent-length: 956\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"c67-64238343bfe1c-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q8Z76LTu4%2BysLf%2F0OoKJMdpk1mXF0%2BIsVLMk5VeYqU3H5jV3Ld4U0R1CqnQRPDBGJ9WOrmdfAahks1WAYLeglrEO0WnN93ijZgbarT1eIQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba2bb725bc0783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3175,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a7bcd1c97a642e3ba1aa56fc190274df","sha1":"00493642cb61f1400562455a55dde50333b4448c","sha256":"8e7f617969f8aa2a4d08878377cd35eb66aa17bd229562cd3a5c86bdb9b6cf90","sha512":"9098c5ce966b5edae9b80710270c641179ba70bcce2256a68b94c0b3630cff6d2d246387e2c83661e5585fb9f76fe646e6c20ade3d59f3faafcd23b57524809b","ssdeep":"","tlshash":"7f61ce53da994846761bc66922cad780339c5841cc07ee75ffd0201cadc87a99ef7b8c","first_seen":"2025-09-02T04:43:32.311331Z","last_seen":"2026-03-09T06:21:12.069854Z","times_seen":579,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/logo.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/logo.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"3c7-64238343c3c9c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0Ao8%2Fwi%2Fv0FPMfv%2BZnZlHavkDIH5cJXxqpAHrDEwp%2BLsjI1hPwm%2BnHAP6GEfi71fGR9asU5Pp%2Fiw0Z4a1g6izZTkrI98J9d1IbUPIr%2B6vg%3D%3D\"}]}\r\ncf-ray: 9ba2bb725bc3783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":967,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"eb176596f021b1c2691f508e1f933b61","sha1":"fa38852591f0366651c4ef73a5d1933b62dc5478","sha256":"c359491b578fb6929a58d33b785a6d4679c555dda092945365a97813292558e4","sha512":"1234af6b2c78c4009051a0f01da71bbc9a144bae061457bc215572ba1ccfde9b5bb83d80b5e516df16c9db676cba2ff706f8294460bcc564ab528ecea2f688a5","ssdeep":"","tlshash":"6f1157c131cc95884e48831b5b0e657b622b30e8a11942c4b9603b0bbdc9bbb1ca9bc9","first_seen":"2025-09-02T04:43:32.306896Z","last_seen":"2026-06-07T06:12:22.187532Z","times_seen":1259,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/user-6.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/user-6.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 5244\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"147c-64238343c3c9c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IXKWVT82Lp6jcp2mHAXppHmZzGFxYhFYSjLpfTZr9UR0rayzLvRB3qRcxAYS4UzNh5dper0Ox7WOPg5zc%2FLxmbVGvg%2BAwxB65C6Z9hZaYg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb728bec783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5244,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e0d456ca39c3ceb6fef7ba18596ff0a4","sha1":"f7af1c6c1b8a072b157b008934a40eb9cf32bd1e","sha256":"da44b1fe0c069950bfecd801f6de0de6571c34de7d2412405c8436c13259eeae","sha512":"e48f815380255e85a7e03e302ef8d96efde07d8dcae440f3235a8fbbdc441601951f481f573fccf2838158e27ab6468fa13bf5984bbfbca3b87aba7c71d9ae33","ssdeep":"96:pIH4oJRXEbKgAOkB9igtod9ApERdqkC94bpZyV07uqkckCVyK:GzXEbRjkB9igyd6psqkCCNoV076UQK","tlshash":"10b1ad11b5a34f94f8cf0a70883df720bac4808e2b2ee7950e7133a242294233426df9","first_seen":"2025-09-02T04:43:32.329512Z","last_seen":"2026-03-09T06:21:12.086219Z","times_seen":573,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/comment.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/comment.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/tailwind.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"93c-64238343c3c9c\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=91Sf%2BffEdu3r5d98OB9iDAfeOdF%2BNCvD4gdaXAPRPF4KI5KbMJzZBuerAafcaSRk0bUYEKWWx42hgrZz%2B%2BlV05zOyUstQqwL0Dlh0aNMiQ%3D%3D\"}]}\r\ncf-ray: 9ba2bb739c29783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2364,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"03dafba01023fde082ffa08cec31dfd6","sha1":"bd202e2efecf4fcccbdea6ed2beb3c1d246a8e98","sha256":"0d1664b6b5351ca740502fc40a1fac93071f77f3dc3e3ba1acc32c696757fbad","sha512":"6da0a2071f09b1dd1462f9737d29271b241ea9dc471c072a2de131a1be356110286b1a72c3e4649f560003783538463a08c16c8b19164d74cf34f0e1b25dc302","ssdeep":"","tlshash":"1941eef0e25c90e95405bb78ce7b17e173733dad2ad0c2849370f9266a949fa9c5c983","first_seen":"2025-09-02T04:43:32.337995Z","last_seen":"2026-05-29T07:06:51.93407Z","times_seen":1248,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/user-4.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/user-4.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 4458\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"116a-64238343c1d5c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=krUs56tTFlLD9YwQjr%2BDUIhqJFbHe345Op%2FexxeJvLYiQbbdfqXk806tnaxac%2BjUKftE800QGH9M6nQMFcB9MYXD5Q2rWldPXjYMicZTGQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb727bea783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4458,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1b6521cc4283ef332bb2691783bb2124","sha1":"f4215511f86aa4e109db5c37661a85944184aef0","sha256":"f78c11fdcaed17dbc72681122cfd87919dc38489442f873c9e425b95036d74ab","sha512":"c6843d77382e21691ed745be283b7a031591921373305e0e20d99492797400e5f4e4a7eb555d3001f4982d538adca2c4b9a6297961a2642a632ce6e89c06f424","ssdeep":"96:KgNOagNgN1ImO7BohzCNmFXJMK+pdOaiSpbXHqOx:GarImO7B7IuKKfXKs","tlshash":"87915cc273c7c0a2b8e98d9853f98679459a7841c2facbae45c2fdba6478974059e804","first_seen":"2025-09-02T04:43:32.330871Z","last_seen":"2026-03-09T06:21:12.120913Z","times_seen":573,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/ltc.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/ltc.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"408-64238343c2cfc\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BZW%2BKCk2Cs5PSYqw7SnfYre32OEUo9DHIah72h2xP1P%2BIIP%2FYc6L%2BItiiqJ7bk3YEGziBtCLyz%2BmuGlFAjtosgZfr6FABp9Lp4Ad0OvV4A%3D%3D\"}]}\r\ncf-ray: 9ba2bb726bdb783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1032,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c4a6bbd896e770e829a30e835714ac49","sha1":"7a9fe65f4227ee71070e76c345eef4e1f77850d6","sha256":"32d3294815fc7a945762273c76564c434e395d8ebe6eab2e9edc8e3cb74076b6","sha512":"cd82a14c15b0307501bc59e5b0bf4dcf3edb39a0bcc51b42d5f439ad23847da574e357b1e4edccda6d2f17e57332709d1b1f5fbbf43019614f4ca1ec494360cb","ssdeep":"","tlshash":"8911ced0b7a977f56484c338826c3071647b3cee1a215d784ee43841752140ecc52eac","first_seen":"2025-09-02T04:43:32.275483Z","last_seen":"2026-05-29T07:06:51.964142Z","times_seen":1252,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/person-2.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/person-2.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 84624\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"14a90-64238343c2cfc\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LUgxAKkOICefki0esq5BekhVl%2FcWCTqtOkZUXOWKcgmXRJrY7g%2Be32lQkW%2FUN3rlGVSY4nDIASzonXDY5Wf9oqv0TVBi5%2FdatZc30p7D0Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb726bd9783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84624,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e9a447f5ac2c7d878048d8680ac54463","sha1":"eae55831d39a88bc347cc4a4028a0158b0c15425","sha256":"986e8269a8c9f2351fbe62d473e8c5f6e56627b62872220637f574b3aa01d591","sha512":"130236f3dcba0a4dbdfc787b3eb894e3a7c9a58b55dcd5373daab97d47c2e5165b52c66b17f7e5a0e76e27651b30e63ce94639eab32601b8da3d243a955d46a9","ssdeep":"1536:zmZXyUU1+Vw/VwRWYgbf8Lh6zGwNL+IxcqU94cvZ+8qAGrQbvw:zehU1+VYsCgl6zgHqxcM8qpew","tlshash":"f4831220379a84e1983bc17894fd5cf46b1118afe5731bd17b580a7b17cbaa78682863","first_seen":"2025-09-02T04:43:32.320966Z","last_seen":"2026-05-06T12:51:42.494576Z","times_seen":61,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/eth.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/eth.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"480-64238343c2cfc\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=12x91qYv7O2ncquXo241XbEPGu19HmWeKihl0a5i6gw4%2FbcvfSSkMSUA6o0wjn8gWXqSiwIgkmkfXiVtfVEGzazr53%2BFWojGoOswGS7%2FeA%3D%3D\"}]}\r\ncf-ray: 9ba2bb726bda783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1152,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"30dd3d2d238cd83055f0f9855f05c381","sha1":"e90b769cad3df8e832f314f95c1e96deebb5f9c2","sha256":"0e0cdeb30eec14f0abd375dac24b6eae25880840a9ece62b3d7c50fa778fbaa8","sha512":"52caac7d6efdda42b7fe943275b0b37983eee7850123df5092c449c767a1c93319152acdae90c1c33f9efc3e07ee60839dd38da9debc79bd967dd9af7fe13b41","ssdeep":"","tlshash":"4e2100d7520c52c01a401ba43b0ff831a756e4e54f8e4cbad648274bb6c8a9f8eb43c5","first_seen":"2025-09-02T04:43:32.286867Z","last_seen":"2026-05-29T07:06:51.966603Z","times_seen":1192,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/user-2.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/user-2.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 5726\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"165e-64238343c2cfc\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yAHNYOQ3ON9t14M1cXQPuXEL%2FvJLrom%2FdtZRTBHd%2FDM4suSB28Hv0EBNVdytYO8thA460suUuKuDPs4NQ4BHL8tRxs%2Fi%2Fo4bWXDEjIASfQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb726bdf783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5726,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8afeb1474b36837c35ee5b897c93b574","sha1":"277ad7a2e3514b2567995fdea9379f6288e7a130","sha256":"403325dfa9d15f89ce62cb56bc00dfaa873dbbc094c0d31868f48b96a59b60fe","sha512":"c869429f49725a2776c7a273ac65825c535f48ccc0c35ebc2f2b13f4a79771a5bf840c7507aa74c4456e863cfaf64acc14808897450465b115baa2f0b051464e","ssdeep":"96:ulMdWkfnanOYw805my+j3OH09aLedsHlUWwzpqm5MD1PkzKqpCfZ:ulMdx5h83y+j35Ce/zpqWMBPkzKGCfZ","tlshash":"dac18ea1f9d5a432f23bf53288a12eb5cadfc25246a7fd086c91ad7219272c033e5458","first_seen":"2025-09-02T04:43:32.243765Z","last_seen":"2026-03-09T06:21:12.080692Z","times_seen":573,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/pros-2.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/pros-2.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"1c0a-64238343c2cfc\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AVU%2BR1ZES6qW3%2Favp%2FYeXbLp%2FFvnPqY2nUWDY5O%2BilOfLAb0QHq8AwIbOuwKD5agijZFUWPvORe%2Bfnz%2FMbxZTxQOMp5uJIgBSU9aiC03fw%3D%3D\"}]}\r\ncf-ray: 9ba2bb727be2783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7178,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5ccb30901fe366e2c16716a76b7d5f45","sha1":"c843a8c141f8b541601ae8a50fc3cfa336d4844c","sha256":"a08ef793cf722e6ad68e787ef6d77a1a7479b4a90ea93c9e9ce04095069fca89","sha512":"ec261437779ed5fe498752027945ad78b84044e60404fc713e0afbe960e80ef184445a8f920853838d13a12e01519c23fb08244c4169df62dcc9bd7d7c59a5b9","ssdeep":"96:VKHrnlEeDv1dv40YDVpMdbZYdBMc5jsRSq8J+org8R0RCeALrS/rw9HO:VKHpnv6DT5XCEdprgPRCqU4","tlshash":"08e185c4372ac3b4f409dafd4219b4757e527dcb761380d8c3ba1d4ab88a42d6da98d3","first_seen":"2025-09-02T04:43:32.249675Z","last_seen":"2026-05-29T07:06:51.9403Z","times_seen":814,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/kraken.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/kraken.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"ad8-64238343c2cfc\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oQzuc9%2Fgu6tY0ot1j1M3V%2BUv3ze3tvGHyS%2FrL2DLG8g9lgjC5rQLolUKsHFR7r9iOD6tXK0NqgeJDbrHQz3kiLYr1pqmkYSJz7ieqjbVnQ%3D%3D\"}]}\r\ncf-ray: 9ba2bb727be6783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2776,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a88d6175c0fdfc14d4998e0aa9ac7959","sha1":"3886985b7a635d4cf8ae3d50db49d63c42dbebd6","sha256":"533b51e295c2ec894de75538b9f6f7ad23b0fb18cb5d55de02ad6eec6618af9b","sha512":"02caefead63c07312097e588f26540e3ae602769a930c25b5c21e59b93d6c788cc13db0d473382f4cf84d4716fccea69e3243ce74946524b0e2b6284ce3d4ef8","ssdeep":"","tlshash":"e25183a8d37ab218f004b7f88b07a8b481826fb42705ca5daffa0c1bd99500e1c75dc7","first_seen":"2025-09-02T04:43:32.260297Z","last_seen":"2026-05-29T07:06:51.968203Z","times_seen":1248,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/fonts/Kanit-Black.ttf","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /fonts/Kanit-Black.ttf HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/fonts.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: font/ttf\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"2a5b4-64238343bfe1c\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iuadU%2B87TeFO5ifwscyghhnAVeuiEADIZE2O8x5YXSKd3JI7c5%2BOGpkR4xyZolM%2FPwkxdNkl6apjZLH2lzMwcCSetTqgMlXafwEKJ1e%2F2w%3D%3D\"}]}\r\ncf-ray: 9ba2bb739c2a783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173492,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 15 names, Microsoft, language 0x409","md5":"98e93fc09832d3891a57162b83ecb930","sha1":"7d7c545de2f02989d1f2a76849291b75f6e6b7e6","sha256":"7f6d2b61aeaa7e6e1d1f0a99fee666c688650f00254786a1f48bfba31ad63aa9","sha512":"41229779be59db29324f4716122da85948f6de5f05de483327b85a888a424527813331a827bb1f93db3ef8e875f706c0658b28126d1058604c8aec953402f2e9","ssdeep":"3072:T1jSTGGQ+BqRF4LwmVIIaVyL1PhllxA4DUgaTABYcaclGT4I:T1xGQ+Bo3VyL1PhllxugDScaclGTx","tlshash":"7a044b07f749d789fe1a5e382769a71ba294f0704f5787cbf08d3679e89a4c01e192c2","first_seen":"2024-06-21T13:38:29Z","last_seen":"2026-05-29T07:06:51.948169Z","times_seen":994,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/header-arrow.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/header-arrow.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"1e2-64238343c2cfc\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OATb8lviCCnlW2gma%2FuFFZv4pywYhdhzo3wPMMFiw%2BE%2B99F8DzwLURtvAEToZHeEHG6zgZG9vf0wKZJhzEVw99WKIhccgNLh2xN3eQwzag%3D%3D\"}]}\r\ncf-ray: 9ba2bb725bcf783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":482,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ef279923440321565d5b5eccf70e2a1a","sha1":"7d3ae164864496ff78f2207f0e5d7cf720117a56","sha256":"1a60f0679cb2ef0cd2d3270f16e34c7897e9998a24dbe1b613364bb4ded1ac7d","sha512":"ed1743bc7a967ce62baa78036d72e2ef91a315323307ce7494c1f16bb56ffa1e7dcf94045598344ce763b03c932d79bad05970e9a98a716a49b0cbcb97642bc8","ssdeep":"","tlshash":"c3f0e2f696591548fe8f09a5d9986c4b056a0adccdcc02c6e5506e105efc0c29cbae87","first_seen":"2025-09-02T04:43:32.334597Z","last_seen":"2026-05-29T07:06:51.949984Z","times_seen":1255,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/user-3.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/user-3.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 4698\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"125a-64238343c3c9c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HlSHCmKZaB%2FTL7ThooSEAAPICY4c97ki0w3kbyFdtFFzG309YuTphs2e1WXQHsKulIW1L1FNrUl3cQ%2BtXdZtP8t6w4hAZWF3%2BZ6q5Qn%2Fig%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb726be0783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4698,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"37f782baa272833a186e89db0e6a8cb6","sha1":"11df9ab035e5cf57d5424edcf3012e40a505b7c6","sha256":"aa1ec252f76f96fd96b2cbbefff750c0e5838096310cae74ebe2edac44b6aa4c","sha512":"10bb562eb4abed5f1d2f3a2e5aa4220a6ef16073bf4e9e4cdd6c86e710aed586714127c7b603cb6f3a8578f936f27b0045090b390fb9718f0ac1cfd3856cf6c1","ssdeep":"96:nQFaJQVmHaGRSDnHO2KqK2DNXT1LgKMSxHh:nuD3LO2Kv2DN5LYSZh","tlshash":"00a18daf78c9f476f8aac13e923bd1e4ec1a491b4b4c6d55ad1436fcc0e244a8485788","first_seen":"2025-09-02T04:43:32.246752Z","last_seen":"2026-03-09T06:21:12.081996Z","times_seen":573,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/bottom.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/bottom.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 99546\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"184da-64238343c2cfc\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7rPyiOAvGmulDVfMKqMyNh7Os%2FQpWh4HDDFBeEtcgx43sWnpxPgAisCEu0pYaAMvlMbSPrEz4A2Wx8ap9TfKmxDezoVPiwYdGs7qyjT19w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb728bf0783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":99546,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"88108cbe23f34dcfcfdb96c13db08e7a","sha1":"39ef779c20c4e99005f542b1fbcd8356569d6628","sha256":"b825967004d9a1b6348da8813f70cebf175be9a8126d7284c3cfd74f8425e5ea","sha512":"88ceb6f3fc031353ad035bf79c82c3b1d1d4aec31508b3a90917c1ff25740e3bbf5d917a2bf5db3de0ea85cbccaa637a6ab4f208171819a2447d3f9c5346d48a","ssdeep":"3072:lYuuo5b/UsbYrEKwSoY31imbmwEmlfn9qKNiXnkW:lvuo5b/lbuEKwCFimbZb9SnkW","tlshash":"1aa3121976f65a96e8541f88edc2a77932b50fe7207370da3028ff36086863d21678dc","first_seen":"2025-09-02T04:43:32.314304Z","last_seen":"2026-05-29T07:06:51.953736Z","times_seen":794,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/fonts/Inter-Black.ttf","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /fonts/Inter-Black.ttf HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/fonts.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: font/ttf\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"4d5b0-64238343c0dbc\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=06Ijmnr%2BnxFj5pZRbA3L%2FM6ctCQTttWBoLNjIjtbrjj7vRWlnSSE7q%2FyzYd7Q46AgqFuUs%2FVpfXNbt9jeBEvvs8wwV%2Fdtc%2B7Vr0QAicfmg%3D%3D\"}]}\r\ncf-ray: 9ba2bb739c2c783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":316848,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 16 tables, 1st \"GDEF\", 52 names, Microsoft, language 0x409","md5":"118c5868c7cc1370fcf5a1fc2f569883","sha1":"f79fa58ace5f55e338c99bf71e7e0702841df6f2","sha256":"4795b76b5b54d140fa17432eb4ee2eb27c63156ca0c8184ed27c4781faafe276","sha512":"1dcbf0476cd7470c359294bb360e141af440e407251646746ff53e57b302a70f4f32b775d16d19219fbf562b9b1ef5e8ee05546bcbd87a2d297541bba11f084c","ssdeep":"6144:wiaT14OiMsRwis9EzgwfxsW4unPLx+0woyN:yWnMr90gquWFnzxCoyN","tlshash":"38646a17f327c35dc5132e368b96c7a47363bc917a02e10afb243a95c98b1b05e9b5d8","first_seen":"2024-06-21T13:38:29Z","last_seen":"2026-05-29T07:06:51.958872Z","times_seen":1049,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/fonts/Inter-Regular.ttf","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /fonts/Inter-Regular.ttf HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/fonts.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: font/ttf\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"4bbec-64238343c0dbc\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R47OUsI9CZTKysvKqEOQr907QIP4crbUNXYdKi8awNr7QoU0YaSsI4lY1UiWxYpIIXK2i2iWzHSBrwO1IaOu8K%2FyYUgKAsQe4RGQifJvlA%3D%3D\"}]}\r\ncf-ray: 9ba2bb739c2e783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":310252,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 16 tables, 1st \"GDEF\", 50 names, Microsoft, language 0x409","md5":"ea5879884a95551632e9eb1bba5b2128","sha1":"cfa780d0b50b2bb7eacb82984f1b18a95aaa40c5","sha256":"3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384","sha512":"f09113b22bab8fb07920453e2cdc3ce678231f7b9f801f44471461697a10a61a9382173e177691f4170a3f9af736a4ee880fb48cc4408c8eea4e3ee850004cc8","ssdeep":"6144:PUWaT1IUkh6w/yOjngZyKMOMxMmABlNGow+BNn6m4zLkA4X:sX+Qw/rgZyKfMxMmABlNG4BNn6m4/kJX","tlshash":"5f644a17e363c31dc5132e3a8793c7a0b767bc513b12a10abb243a55da9f1b41e9b4d8","first_seen":"2023-10-14T00:46:20Z","last_seen":"2026-06-08T04:19:50.248099Z","times_seen":4015,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/css/intlTelInput.css","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /css/intlTelInput.css HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: text/css\r\ncontent-length: 4370\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"5754-64238343bfe1c-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w%2FUM0GT7ZuXVPRDx4OpwTQv4dDLYQWOaI1wHb1uckOAxPcsifRElbJwqcbkh05fLZYonqkAoz4Wc7%2B8hFn5pvPiR%2BIXRVpn7Gon68RKd5g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba2bb725bca783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22356,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (830)","md5":"2900faf324a372f5aeb5bc2d88682085","sha1":"95e348b62b3dc1a20c50be55b4f7c818d38661c4","sha256":"9a6e0d55d9eda948f4a81d55eb91b987d8c294ca4188e66e5def79b2a46c0174","sha512":"38e42b6112506777bb2930ac17bb904a435ba3630634af71e6045420876cc709b8068259d4bff86cd6491c10690337242b4fe08c410327cbf25dc7d61b41021b","ssdeep":"384:vYsXk1kdCqE9y6mporr8LJj0H12o7UA5LQ2jbc:vP0yQd9yP4oL90B7UA5LQ2jbc","tlshash":"94a2b02346b00d3e961dc1fa38a2c5b5773f0c8a35aecc96eed9504a1d87b90e1ebd54","first_seen":"2025-09-02T04:43:32.270301Z","last_seen":"2026-03-08T18:28:53.082889Z","times_seen":612,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/header-avatar-1.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/header-avatar-1.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 2216\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"8a8-64238343c3c9c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cHTjqoW76g4MER9y1xwDqckKUktR7GBIEefpDr8QvVanA1gk9pAvd8s5S24nhlB0d3wQ7kpGM%2FPIOPL8%2BBYrv51NAGpTXWFoeWMEC1oO0w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb726bd1783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2216,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d90034b2d291e94da6d0c65eb0f9f1a1","sha1":"fb72b31d8799e2e1c9cec12adb3c3e6a17422ef4","sha256":"f24ce3fbcc2eb49afb20cbfd787afd1dd2638481df578f3c2d18a72c73a3238a","sha512":"463b8cb134c6f7edcc23335a444e59f279fd31a61376d8f8677143807c76eca430bd2922da414b348784a1196b87171973d2043a68292c29c135bea5f25b205e","ssdeep":"","tlshash":"5f4129cac327d11ac0ab4e35440d0dc1928c8549ea96076caf4bf92b58ca65d3be23d5","first_seen":"2025-09-02T04:43:32.319544Z","last_seen":"2026-05-29T07:06:51.929571Z","times_seen":812,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/payment.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/payment.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"7bc6-64238343c1d5c\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c%2F%2F4fy7pjuh5bSKTv0LVIlmcboM%2Bhn4HhEOWOcqk510y2XBCb621gDYIv0%2BxyHn8YKjXo0rM9qisk5Ko1iz7vd2ZjG1u8RkDjGgtobF6Mw%3D%3D\"}]}\r\ncf-ray: 9ba2bb726bd5783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31686,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9857cd226493e46d1f9d1da264b98ca7","sha1":"91d7efdfb03bdf612c1279b05b55a6299304bb6f","sha256":"8d4f42fb0c221eea7cc3bb6f8f25434a543644d9f20257c749c617c0ac8fbe1e","sha512":"feb167e1811234de452b58bc81647471bebe7bae1c845c73021e0a7c0cd538a28b55ed29c0b15f790266018680a0b4f8394ea193116656b328e3932a11f8e554","ssdeep":"384:3sn7jCC2N62crb+rBEXGZQNM87Rg/BzZQTraKBzBY0XDiu23dMcgjZZLwiywoqok:cn70MSrBEWlxBVMuKBFdTiu9ccXywak","tlshash":"bbe2c7e963faa2d4d58cebd36f94a1393d1320f75eedcd10c3ad4e68aa4486c4c245d1","first_seen":"2025-09-02T04:43:32.335925Z","last_seen":"2026-05-29T07:06:51.930683Z","times_seen":879,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/quote.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/quote.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"ac8-64238343c3c9c\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y%2BDHYdUxeoCtT7eiW3MOFJNExcdofpyEr640ZAU6JHuvJW2mbcT85VdyeWzNJlGJrv5aO%2FDcRZtIK%2BaJ%2BvYhik1m4PUbHgR56bJ%2FS1Qmhw%3D%3D\"}]}\r\ncf-ray: 9ba2bb726bd7783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2760,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"504ce723c76d111e0be511d24721c2dd","sha1":"a1fe51672c966079ca8ccaa11fbe6de0bafa1644","sha256":"a563b73f0268826906bcde897b0a2f55d0d2fa9cfb394e4c151c138f3865202e","sha512":"87a808d4940b03b8e019e3a28be1bc3d866c01323be476d8e2e1ac2d780404bd66046a62855d03ae2c309387f7c18788a5f1d9b3bae538139b5448df459631a2","ssdeep":"","tlshash":"0b513061b3b971e0f215e3f667e27925b95b26622f87c2e4c0d72dd4d87480c5e808c6","first_seen":"2025-09-02T04:43:32.254441Z","last_seen":"2026-05-29T07:06:51.938399Z","times_seen":1190,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/user-9.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/user-9.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 6022\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"1786-64238343c2cfc\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=85s5DEBLeUU2Rkn9zorQPlEB2ciWB4BnH03xkRgWF8akBXisWONH2rsUakirG3qC2AfkPGuPfFB6WK60zoe2v%2Bz5%2BQd6shTYvn97tEqAVA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb728bef783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6022,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4b304bedf039a19df3c86295509dda56","sha1":"5074da65671e25d7e348696aba52f9cfeeee09e1","sha256":"c66ac7538bb1bcebd7f29e5af8f8715d2f8bb8e9064a0881f7b69c9af6d8886f","sha512":"8a863b2faf17d079c6eed6b8a5848aa2b69d42f882c821e4e28a4c2852859bc3f5f06066630a2812554fb2a413972497db008594b058696be60e433377c5972f","ssdeep":"96:c38CNuiWJsLmqZ4F8Yt9Rc5uAgiik2evEhq870wKHuxKcuxE2IP93wLEUlk66RfR:SMi42MvRAmiipCVRwKoS0lALEx3Boyl","tlshash":"cec19d711ff1a028de69ca3544635725fa8481be368737188b3c45dacc34e236ab429a","first_seen":"2025-09-02T04:43:32.288955Z","last_seen":"2026-03-09T06:21:12.103223Z","times_seen":573,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/phones.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/phones.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 62018\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"f242-64238343c3c9c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gVMp2SwqphuZ7zJZLCvRbe8VRyJ%2BVTIa0rbpjApw2k8SuZc3YhtN1eXfdDvYXsOY2BquW23OhBq8liaSXzkJiHt%2Fk%2FeQ1H2%2Bz%2FRfYQfpWg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb726bdd783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":62018,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"88ae8c6bb589750082b5edf16e6a1cd9","sha1":"8c6bb3702f3271c48d86d65d66a557f4f0f6d898","sha256":"36a7d79051bda66b0503bbf3ddcfc8067ee8cdb063fdcd743493ce6af2b54612","sha512":"28786ec8aa25db88a8381dcc2c7f49eacd969d96395d3a25e7a2bdb08ed114ea472c81c938eeaaea86bc5b58147585287afe581e55ce74894c571e03ecd30a32","ssdeep":"1536:GkkVU4uvILYGW4FoHG3xXQWd8jk7IlJ7avfZk8z+M0:RDvNV8xjdd7IX7avRk7J","tlshash":"67530235dff0ad4d85461130018d2cbca9b87e9dfa1fdd618a710cd0d8b6b2b994b1ae","first_seen":"2025-09-02T04:43:32.240085Z","last_seen":"2026-05-29T07:06:51.959564Z","times_seen":805,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/header-bg2.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/header-bg2.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/tailwind.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 39994\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"9c3a-64238343c4c3c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r%2Fg6ppoKle%2Fr0BbLb3Sxj%2BUSda6HLt9xAQ36UFGX6k6WSAGKlCresnsKwdR1M%2Fjl1vfOw29XmY%2FhQ0NJEnPBbD%2BjFrS4FrlICJG%2BTk85tg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb738c22783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39994,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c2004bc1f6298be7aca074e9a961c0ed","sha1":"5b72f53a98833bf6e5504dd6f4d25276b7e78218","sha256":"1ef40994ac3137ec249be87f309eb7daf3273815b9777f117ce3756a73297eed","sha512":"cb88d25b93a5eb666edca7749d9d6888cf6a0e24ae7fbe050a37aa1c8f785c8e86befb7377b4c4df8479e32e1d0b0f6aac90b4f4036ad7b15b15e576a1ca4f88","ssdeep":"768:wbiE5PVNCAPTF26XcQGcimMQxrOVdGNwMg6jKfHj2Jzr7:uZTPEs8mMQ8VKwj6jKfHWzr7","tlshash":"cc03f19748ae16dddc6271363c1ceb21a4b66a059fc21d86c787c6f6c7c3668f14d238","first_seen":"2025-09-02T04:43:32.347288Z","last_seen":"2026-05-29T07:06:51.940947Z","times_seen":798,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/info.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/info.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 59838\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"e9be-64238343c2cfc\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lR15l8CYG65ICBkYSw8IRb7TLSBqbNZ62li9LD7CAYAA%2FC7lJeO41Obor%2Bjy%2B8Efnm5NPMQVsXDl3C91qjMkzz4VKThjvos4rGpSHHHV%2BQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb727be4783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59838,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8955c166ea726f9df674dceb3f9186ad","sha1":"7d642254ba07756830b82c507c49856d91ded48b","sha256":"430789278409c7c3c40c011f36ab5ad7aa9dbb698bf5538b7161b91bee63090b","sha512":"1cc9d6440bcbf856f66eba36f4ba9f2a6a29cf56e340629628061a3cff76ed921adec1fe61e8f513fe4ac37083f4baa450d7e204e939eda5c5fbc27bad0fe015","ssdeep":"1536:I+GXTgppEwC2m78LI1MfqzSS8So+Pd2qoLL0ASZSh1iXmnyqrjR:IhXThtQQuir7dPoLAHZOiXmny8jR","tlshash":"0743023e29de8841c8df2c6d04a8162efa6c9b23668abc7858f6130ed3d5131e7f5d05","first_seen":"2025-09-02T04:43:32.277422Z","last_seen":"2026-05-29T07:06:51.967121Z","times_seen":1161,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/pros-bg.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/pros-bg.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/tailwind.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 40462\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"9e0e-64238343c2cfc\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2K07Ch0saBDgZSwVNtGidWInwDfYDlKMECmJB7QpoOVdKDiycd198l9%2BXEA%2BeT4UhXwP0spx1gx9xGyu35WgZVOd0%2FUWf07bqCJV4KCw%2Bw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb739c26783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40462,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a552bc7ad58597757b953a47ef50de2e","sha1":"ae607ba3cd8f2986ec9f2dee80ae90f28cd1eaf9","sha256":"7af56b3431d35b0264020ac4eaa6ff1ca05a72a64647fdea890e9814597da6db","sha512":"b976c4950c93b9743666efe43261649a885163865793314992bd7990b42afdf4c34703bc01cb8abe742559e270b203a06e1b6f1f184bfdfb8e9062c88f3417b9","ssdeep":"768:euKXMkiH1mxkbLyKMVgJWqHgSSUxyt7tdWbbfNFd93raFCoDHXeX1rFYv:euTkImxcPn4Yyt7tdWbbfNFdl63eX1A","tlshash":"a603e1d097b394eead24862349bcfdc2576e36e18b429b8282c7e54a58378df9532130","first_seen":"2025-09-02T04:43:32.343217Z","last_seen":"2026-05-29T07:06:51.948759Z","times_seen":866,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/user-5.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/user-5.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 6344\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"18c8-64238343c2cfc\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F%2B1d%2BQa9HWRRKkOrldnmmfvnJTbkho84e%2BJQIxryWdOOvyFLMWJGdJDmDpi2xiQJZzcbQGqIbkgWsLW49ymgPzjnA1kF16zjqeVpJzg%2BqA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb727beb783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6344,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"507dc1da713876f641615339555f7b66","sha1":"a750929cfb3a9b0ab2c28980b7ad3a1a48be619e","sha256":"f03aefcceafe0b9a3173328bb15113bf1b6cade7bf190056278a3f467856d5d1","sha512":"cf7f4d6c92807226563f3aabfec4c1116aa88e892d21a47de479f5839d18b91417cdc41d4cd7d9493b29073d2bdc75039d0f127ee4dca6d086772a19e113426b","ssdeep":"192:sVaVWed6VK1viXfbi2uuUF4G0ivNdpiLwq:asd6RiEUF4Jorp45","tlshash":"09d1bfa4d10c47b3f604a53e669df66246b6dc0177400a300a2b0a67b3b7527b7fe1c8","first_seen":"2025-09-02T04:43:32.323787Z","last_seen":"2026-03-09T06:21:12.147507Z","times_seen":573,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/favicon.png","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:08.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/favicon.png HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 953\r\npriority: u=6,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"3b9-64238343c3c9c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v%2F5TMHhen%2BVs3cBEiwTx0K1cpc9u9kx56eoUd%2B0oluU%2FbEJqInYJEcHNePLP4blp5VwBX23m5dswDLFybChEOss3yplJRNLOnXCrF0Dr0w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb748c69783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":953,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 33, 8-bit/color RGBA, non-interlaced","md5":"a2f7ca10e3c4dfd860c8b9f43e9b210e","sha1":"31eb72c55b2a89269d502dddbd5492c83cc2d4e4","sha256":"d7eff8631da5eb23321129952d2774c1c19ce0ea04b41e29b5227386602befc0","sha512":"66fe4e36b00bcec3a96c1ea53f22a19865e8f748672c9473d5de32c531c1734c537a052c24fce2c4a91e984b9f20aa997859d307c88a46601db8489d8d3eea14","ssdeep":"","tlshash":"6911c498bb91707cdfefe10665ab29012ba1623d0ca23c0ebc747321102687cf738302","first_seen":"2025-09-02T04:43:32.309865Z","last_seen":"2026-03-09T06:21:12.076176Z","times_seen":633,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T10:22:07.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3AvLYDJtJnF1l4VogwreA1p%2ByfiwDYSuB1Dz8%2FtzkXegzbsxmNYZhdsJCFClCcl%2FU0nZRdLAy6A1QzPGS3KPms4x9ZWGDpnh5hOra2ISEw%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ba2bb70da555fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58348,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (428)","md5":"b334e1f2b5ed9109ffce0a7ee3294d12","sha1":"4c56e773cca12616c5e1981b1387f546632d2d47","sha256":"320237eeda872b142ff165ebf81cb341c3a6f4b94b59f0d128c6ac8da746002e","sha512":"f5a28cc018ac69767f4aafa8b2f27c609cb11d6d7d5dbabbfba536f20ed4c5d7767f0ab73b1138f929325c20bba2da34c85387d4bbf4da46c7930ff50057e2f2","ssdeep":"768:XYDt4FseGilzq21rrfAUrvAtxHvQZi/RVgT+F9WuKl:ZMqLprfAUrvAvHI0/bgTWWuKl","tlshash":"6143641411f049bb155380d4fbe66f6a7e98eb43c92bd645b2ec06911fc7c86cea326c","first_seen":"2026-01-07T10:22:39.391355Z","last_seen":"2026-01-07T10:22:39.391355Z","times_seen":1,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":28,"dns":10,"connect":1,"send":0,"wait":53,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/css/fonts.css","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /css/fonts.css HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: text/css\r\ncontent-length: 464\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"1565-64238343bfe1c-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LZriH6PmmId58ATbLa70cAkbAmBelZrr%2FLNb02zDtOlZ3drH4iZ6Zjup%2FXRD7ULLOk%2BlUFBd3RUmZgae61OLUgV30sL5ZpemrXmG6i4nSQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba2bb725bbc783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5477,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"95c471e6f19a76e5395eab83459e2a7f","sha1":"d19dcf6489aec3e991abe79997b21c32194ea5b3","sha256":"fd9243160eb2ad2b2a63768ae48566167ea26f1dcd8eb864c92ee02c277ff975","sha512":"2bd49b8d64d58b80f0bccaefed707fe981a9ba6b2d6f21e4ffdc1557119fbd13e178a5c1516c79648b5f0190daf7af4fb03d4d0e451fb2e691b60a8ad30ca101","ssdeep":"96:QGOS7aGOJTGOW/GOLkWGOg+GOxTQGOCeGOw6qGOM1OS7bOJGOWp0OLqOgrOxTxOO:h7qyLkzS38bD7o+Xk8565N7cehe05ur5","tlshash":"33b1c910141ea833aa612eae739b7e148f4d28057155c5ab47b80c7a9cfb63783e5f4f","first_seen":"2025-07-07T11:42:21.410655Z","last_seen":"2026-05-29T07:09:00.69904Z","times_seen":568,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/pros-1.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/pros-1.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"1510-64238343c2cfc\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8LfI%2BaaEeakT37yKfcCLSBkTZ5zqPXOS8gygzoEKmGxHN6cYbEq%2BLTcmyb5BhX8g%2FLkH6l%2Fq6U96J38nafnwhf53532T8g0VGEKkECbwOg%3D%3D\"}]}\r\ncf-ray: 9ba2bb727be1783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5392,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e3e03487987db909519573a44bc1c14f","sha1":"e9fe3cb017ee1eeb06730a1b5481c587763e3135","sha256":"7380cdf722492fa999e321b25877905d77eb7781b3729966d36a4a580b40d924","sha512":"052f13a31dd25a9a6e0c561e9dcb24128fe21cc351a1626943534885190a0869790d1038e29b49041649c72cfdade38ed8e1c0043527ae6d56c26dd2d2d32947","ssdeep":"96:oKyaCV0Ct7eFu8TuPK/MeDurIIzfZUijQuGCZ/gNCjAJNk+n3W4ctX7BTDx:oK00dE8OK/4VXGC9yJG+O7BTDx","tlshash":"25b173c8237541a4f949b6fe071bbc542e4649e8e7118c5dcbd46e0be1420ae2d7aecb","first_seen":"2025-09-02T04:43:32.303241Z","last_seen":"2026-05-29T07:06:51.942142Z","times_seen":814,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/glow.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/glow.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/tailwind.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"2ba-64238343c1d5c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1UR46B9mvMeSuwLHroB1X96H7%2BU1fkD6%2BKLY%2FllSnHnbTMJrMweJkpdDBXaftBGwgF9dpcIZ%2Farcd247WB5z7CyCuFpGG4jFRR2a56q2qQ%3D%3D\"}]}\r\ncf-ray: 9ba2bb738c24783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":698,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5a3f3d58c639d254adbe360efe2cd06c","sha1":"ae96f32b7bd60f327cac97014ac200a03983c736","sha256":"9d8a12463844f53b73f589446f70b027d397ec4b22b1c2d505a00c45ac0ce9cd","sha512":"cfac41234168567ddde2a5ffe3fa450eacb9b7c1f57005f79538c91a2b28741069a0657eb080131f120130b4ced175f998a9c32ce6304895faf46e77c6889b7d","ssdeep":"","tlshash":"29014434e35ce02fd654830dca5540c031fdc0d561d6400175d25f6f58e8853aec9364","first_seen":"2025-09-02T04:43:32.326694Z","last_seen":"2026-05-29T07:06:51.944619Z","times_seen":882,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/user-1.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/user-1.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 4738\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"1282-64238343c3c9c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=khz7VxZoIvwj9HZCRzi3mz4DXxFKaOEcAWV890muS3l7IAJDQWTuT9%2BQYVVKvvYgOv0%2Fhq9qi%2B3zZpYtghO9%2Br%2FyAgcVvFU7z35%2BR6vbHA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb726bde783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4738,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"48927f92646cf9a8686dda3205481e23","sha1":"82690896bea6554784e2c5b96b2d9e786d9e026e","sha256":"ab6494a89374282c3ccf71f698a449fb3ee1417c78731a67cbb281851d229dde","sha512":"fa59164b9d52cd5e2e20be35bbc8277f3e13eb69aaca62a74a3234f231df1906814b49fe952ca8fdceed4ac3aff0f8e41cb4a80d78ff61913ba234db5f3e26d7","ssdeep":"96:TR50CIHUayLuMBFdknzua1x0dpKOS5/V/rqKf6cUsc/NcVW6Ai+IQyb:zVIH7gFGZz4pw/V/V5Uso1di+c","tlshash":"caa18e2b9ec08a57f46f21af9e4a5b398248cc4011547ec18c755ff9e6713cc9718e27","first_seen":"2025-09-02T04:43:32.296543Z","last_seen":"2026-03-09T06:21:12.14663Z","times_seen":573,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/like.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/like.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/css/tailwind.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: W/\"e1f-64238343c1d5c\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l9hOifHEFgYj8WybUB1QIqQrrKnmcXgnztYXpflfO3aqskBoSDtElutQ5jvvzp7%2B%2F3UYQK%2B8QVHbgj2WBt6QX2eiFidoMCmMUUuKyov3ig%3D%3D\"}]}\r\ncf-ray: 9ba2bb739c27783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3615,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2c10ef99921bedb522858b8452a520f1","sha1":"d8950fd5ebd9fc4c9f7030a8ad535a03ea502ac5","sha256":"8fc5c82557271bff7c7974b940f396c0e1510e56e149061ac98368c95138f2f2","sha512":"7a9f75653a67f9d6d57ba07927fd23c238e20b57cb1aa6856d8edeebe8399b6304ae108c8c30804b59bb911fc123df24257c6148a15b94de03317ce9f156f892","ssdeep":"","tlshash":"1f71d8e583e862f9504ba770c9369fa5736b3cf9374a8e8693c8ad8da81500c584cd47","first_seen":"2025-09-02T04:43:32.282519Z","last_seen":"2026-05-29T07:06:51.935901Z","times_seen":883,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/css/tailwind.css","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /css/tailwind.css HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: text/css\r\ncontent-length: 10268\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"e97b-64238343bfe1c-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eWMe7V3RrdFbDaGR94uuV0x0x388uNeVSFwavbic7GZEKvPZBTQFYS7WqB70HCyrJHOsxE%2FFQGYGuxhy0iVVUl5mL0Hp78yMAjGvHD%2FoSg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba2bb725bbd783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59771,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (351)","md5":"982407662691a2963d5f9bf2f56b9130","sha1":"814fc4cba399c3d812c449900822cc6ec7fbcf60","sha256":"7d65253fbf0066cbaf833225e80321ea5e5867557d424cb034b0891366f9b330","sha512":"30b8bef2049812c307de1750ce5f1de7d1a4d3c962938f729f15d032391c0b933aaaee4147ac8c1bbead19bb693c02a57a2d9661021de6ce69509aa07deb5141","ssdeep":"384:wbZfn1j9535QQ/vXPPikKVI9sAmJoF7aATNYxPWrae7yl:wbZfn135JHPKkiAmU7yl","tlshash":"7843761a97e1d6683c7ad1b0a109a4c8763e2195deedcfaef8f01010df84be45da7d18","first_seen":"2025-07-07T11:42:21.482943Z","last_seen":"2026-03-20T23:12:42.294433Z","times_seen":556,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/header-avatar-3.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/header-avatar-3.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 2008\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"7d8-64238343c3c9c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ic8v3i2L8V5FkoegNnKCW2eAs7NFScDVnLGjgicY0bNl7TRy84cOqsFtRz5BsmQ99oswZrxMvYjjJ%2FmqN3K8Hg%2B2kExzD50OLJgGhjDhfA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb726bd3783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2008,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"41ee26398cbd792c2d068501c6fd5347","sha1":"87726c430c3e0306bfa296f1c9fbd6a0f10a1669","sha256":"88da44238d5dc9b340a7763dc85f16be6d31ed02e3913631824731f235a353f8","sha512":"7398a65a212717062749ebf7e94f743cbc52a00f9f0767682684ae74ef74185aa08a1ab410a5d0a4a4b433dfddcd59f71623bc28a708b92e6da2110c9d60bdb6","ssdeep":"","tlshash":"40414aeba80e426fcc9b4272727feeb0087f965c73618c098101012eeda3667474528c","first_seen":"2025-09-02T04:43:32.32803Z","last_seen":"2026-05-29T07:06:51.946227Z","times_seen":871,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/person-1.webp","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/person-1.webp HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-length: 105248\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\netag: \"19b20-64238343c3c9c\"\r\naccept-ranges: bytes\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j5%2BF7lEbGVTYED0Ky3NTYiQyRlH38hor6P0vcl6GmdbHxkpOnTz27EpwC0XedR7SFRupIswjwrYYa%2BpuurhrD8pEiPbMKLrKU2m%2Bf2Ilvw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba2bb726bd6783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":105248,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"677915dc06640a37f743e4613f443b1f","sha1":"1cf5c36dd5d03e50603670f77de332c65c88c955","sha256":"82a587cae4a80666a0fb39db3593bacc8636917b7efd6ab71d3c4e859b761bc4","sha512":"a1a9f9ee60bb5f933adf780e5c11febbe4c24c55a684151c120049af54e7c9aeaeb5089cae17078335035c769d435d7336f62ac257d851d2e8d18faa283b10f5","ssdeep":"3072:cg19OXLfEx0xWeJqeZ2SD87dibfbpTO2Kl/Nz6JUY:ZXfx0xpkuSdibfFA3A","tlshash":"78a313a431f7f9604e844663eb86741886c4f18c3741d28b57f735af9058b69aae33cb","first_seen":"2025-09-02T04:43:32.3401Z","last_seen":"2026-05-06T12:51:42.387906Z","times_seen":61,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/coinbase.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/coinbase.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"3bb-64238343c3c9c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yuWd0phP26lmVb6%2BdaNKBi7MV4BzoRi5FCKbqU4rKfSvnH12lcEL46%2BqPpMeahTmixOpvmmo2BIuOz8pj0MplOat8e%2F5mAHN%2BviABwT4kQ%3D%3D\"}]}\r\ncf-ray: 9ba2bb727be5783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":955,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9f07c782d3f01b7b31901fbb318590e2","sha1":"645433f39d4e78328cdc592a9bd28d57d179ba15","sha256":"de81b810f3c1ea03aca8625d43f24d58ae5cab09cf2c086d662bb438bbeffb56","sha512":"d22e07c679c625f3303deca2624a27dce963d4b13fb16de04477a0b07fdf841f0ac4fcab1d21a79fa74d85518d8eb58c8fcd48f2500b6f580faa895c07cebc30","ssdeep":"","tlshash":"f611e13c9128530c500433a85b76216616b666d8878e8b687111bb633cc945f8ef7bdf","first_seen":"2025-09-02T04:43:32.257454Z","last_seen":"2026-05-29T07:06:51.962679Z","times_seen":1248,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashinronex.net/images/polonex.svg","fqdn":"cashinronex.net","domain":"cashinronex.net","tld":"net"},"ip":{"addr":"104.21.53.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashinronex.net/","date":"2026-01-07T10:22:07.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashinronex.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 14:21:47 GMT","end":"Thu, 26 Mar 2026 15:20:13 GMT"},"fingerprint":{"sha1":"47:B0:68:3F:DD:C6:B8:96:6E:15:3B:43:35:6B:74:4F:91:02:29:9C","sha256":"CB:14:08:CE:06:74:44:02:0C:D8:27:40:55:BD:80:90:5A:CD:49:0E:08:5A:B7:2D:4D:37:4F:00:08:6B:A8:71"}}},"request":{"raw":"GET /images/polonex.svg HTTP/1.1\r\nHost: cashinronex.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashinronex.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 10:22:07 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Oct 2025 13:43:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:;\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"3fd-64238343c3c9c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TLXknQNmAmFoxbF6oZKNS6kRPzqPvh4kW%2BfcMfr1gvi%2B%2FT%2BdL2gsCYkemSQVgAJ%2BJBNZGkCQBZXmYn9X7lSDO6qhddoshNIUqClwAK3tPg%3D%3D\"}]}\r\ncf-ray: 9ba2bb727be7783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1021,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0a93f41c5d779ef0d290e4c54e2438c4","sha1":"e56f962012e24d19748c1d4f34789fab11deb64e","sha256":"c9bb6c3d073015bd7e82cb3c8e1b1e9a3fa9e15d3ade934e21068ecd59424f61","sha512":"ecc25a27648b40e5fb0370597111f401bfec58bb6b74145251062ab6ed8a6a5c9d6e15a5e3fa23687429262adaa83007366839604b4c43b8922dc7c84fa61e6f","ssdeep":"","tlshash":"ed11cefc6728920d4e0897943b6aa866107273d89189c747b5c565af6a8d06f0cba1d4","first_seen":"2025-09-02T04:43:32.322472Z","last_seen":"2026-05-29T07:06:51.951907Z","times_seen":1248,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cashinronex.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}