{"report_id":"472dd339-b860-4856-9cc0-5f7237b4a714","version":6,"status":"done","tags":[],"date":"2026-05-17T04:02:04Z","url":{"schema":"https","addr":"win-reward.com/","fqdn":"win-reward.com","domain":"win-reward.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"win-reward.com/","fqdn":"win-reward.com","domain":"win-reward.com","tld":"com"},"title":"Prime Rewards Day — Claim Your $750 Amazon Gift Card","dom":{"size":49629,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (715)","md5":"c7e3dc134b4994fdf7209560a209ce0b","sha1":"3dd99f8932faef8d641cd46d1ed2c8a1a7f98af1","sha256":"3a24aed38bd3ffcabe204f463fa463e3c2b4bdd8292cae07f7ee485b04670761","sha512":"afeea30f8edd97386bee2f564760a841218947b34f4917288a5c4ebe8a26b06f9888afdf8d27bb5aa360d92ea9ae83611322d0af9caec113c52026779c0d2f85","ssdeep":"768:LrdoJV+ikGvyMiHUvNKzTw6uC7hwX3EBH3oGQV3zb1I:LrdoJV+SKMiHUvMTw6pFH3o/I","tlshash":"fd23e63321a20136b19391e4bb72574b77b1e607d60b4624b6fd0a85cfcedd1dca7298","dom_hash":"domhash145304219e07ee6ab24f1713dc7282a4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"win-reward.com/","fqdn":"win-reward.com","domain":"win-reward.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-21T04:02:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"win-reward.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"win-reward.com","ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":2,"received_data":53575,"sent_data":918,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"win-reward.com/","fqdn":"win-reward.com","domain":"win-reward.com","tld":"com"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"bfc087e266440f36963eb9e42aeea0ed","sha1":"439670963d12d02dd3d0cdb47d336185694d7ff5","sha256":"bc72667fe67f47db5d688e1295a65d95ff58e252d7061f2a821878a6f7380550","sha512":"2d0081901dc27c6e0a1016425a865c1ce78b22ce61b25572b61b69d4f3c261827b47a9d5fadcf67e1e00a564b72958b2adda6cb75142f46bf84de36ccd42f9d9","ssdeep":"96:p+yQEZGLEAKKiIMIS9I32IOTM+21/Pe1tnHLL3lJXd7zYOZVtOhkZJh+8O76:QTEZGLEAKKiIMIwImIOTkMLbTuOZV1xf","tlshash":"d4b1a5abf51b05b47eeba47da71f4380343460071481ea00f05db8151fd5aaa21beef9","size":5133,"data":"","first_seen":"2026-05-17T04:02:09.334242Z","last_seen":"2026-05-17T04:02:11.943519Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"win-reward.com/","fqdn":"win-reward.com","domain":"win-reward.com","tld":"com"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-17T04:01:40.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win-reward.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 20:02:50 GMT","end":"Mon, 10 Aug 2026 20:02:49 GMT"},"fingerprint":{"sha1":"9B:03:F1:6E:BF:7B:12:34:43:54:74:29:05:7C:67:44:28:62:2D:A7","sha256":"83:BC:5C:F7:41:56:57:CE:CC:50:58:CC:18:20:FC:6D:45:92:6A:98:F4:7A:F4:B5:C9:57:72:2D:12:3C:7D:90"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: win-reward.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 17 May 2026 04:01:41 GMT\r\netag: \"2f4c669f87564c9b864aa86edf876077-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRT1HK6E8T5Z591EZH99XNCE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":49297,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (706)","md5":"1355fc2b8e689f7e19dbc20b8917f030","sha1":"f3f2768c9ca71059babdb9fe43c1ff1e0a084785","sha256":"14f74630db3679c385a9452bd4defe534db3586b75cc5cd2703f8f5518585ff2","sha512":"09dfdb27c7f2698c24557e09343a995eec85bb394b2e9ce61f9f8695bac36540032be8a1ddfe5d46ea5ae26d118cf2647de4a131f57082bfe95694793cc692b5","ssdeep":"768:xzdoJV+ikGvyMiHUvNKzT26cOo5GzlE8orxXQNzb1o:xzdoJV+SKMiHUvMT26r/orxAg","tlshash":"d323d73321a61136a493d0a0bb72975f77b1ea07c50b4624b6fd0a85cfcedc1dca7299","first_seen":"2026-05-17T04:02:09.332467Z","last_seen":"2026-05-17T04:02:11.935538Z","times_seen":2,"resource_available":true,"data":null}},"time_used":549,"timings":{"blocked":204,"dns":32,"connect":23,"send":0,"wait":136,"receive":0,"ssl":151},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"win-reward.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"win-reward.com/favicon.ico","fqdn":"win-reward.com","domain":"win-reward.com","tld":"com"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://win-reward.com/","date":"2026-05-17T04:01:41.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"win-reward.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 20:02:50 GMT","end":"Mon, 10 Aug 2026 20:02:49 GMT"},"fingerprint":{"sha1":"9B:03:F1:6E:BF:7B:12:34:43:54:74:29:05:7C:67:44:28:62:2D:A7","sha256":"83:BC:5C:F7:41:56:57:CE:CC:50:58:CC:18:20:FC:6D:45:92:6A:98:F4:7A:F4:B5:C9:57:72:2D:12:3C:7D:90"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: win-reward.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://win-reward.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 17 May 2026 04:01:41 GMT\r\netag: 1778616948-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRT1HKKVM7FH9GD3G2W304XP\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3449,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"0f89e18d0abacb99149c5e59bf69b5e1","sha1":"9e1ebb10be890c5855eec444233c028270d3e65a","sha256":"8514f0009a58c6e0acb5468f88037732b59b70af5e524f452e3bef8fb33effc5","sha512":"5275d80f3f8f1f5e0d1b6b6b0745732a69d669d66dcdab418fc5a2094bffcb81ff1d34252c97c6dffe5470f0d359a3be03cfd3dfe3d729bf186917c8cf21ece0","ssdeep":"","tlshash":"1f61848dc9a7209b5c93643e27eb560a2274a247cd46da4c3fde6348cf492f214d36ac","first_seen":"2024-12-12T10:00:11.490986Z","last_seen":"2026-05-17T07:14:27.995761Z","times_seen":10754,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"win-reward.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}