{"report_id":"5a0cb77a-f00c-46da-ad47-8040cc939134","version":6,"status":"done","tags":[],"date":"2026-04-22T14:49:47Z","url":{"schema":"http","addr":"rewards-pengu.xyz","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"172.67.165.32","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"rewards-pengu.xyz/","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"title":"Claim Your $PENGU | Pudgy Penguins","dom":{"size":160089,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (15827)","md5":"ece662bfaa675677b259ec1a59fe9839","sha1":"d13f41970b0c64582acd48d160f33906d4287b32","sha256":"84799d84c04bfc76aae6e594d36a5a827142abde9a3e3ce01a589baf9b6a4533","sha512":"683e6716a8106d35d5d042f059fb0400e479340b0528deece0136f3584efc690df9a1610aaf9310fc2804d2b76401d679cb5d26038379ba17d603bbcc814fb92","ssdeep":"1536:GzOLBKc4D8LIY6VuBQ2uaM70WJJktoh0GpDcYTYvEZsWpC7ql0T4FmtNa:GzOxCHQEvSNa","tlshash":"6ff30a85b3f453f4b402a3fcc65298753a5328a76a12d658b2fd0d81eb414bdcde6c8b","dom_hash":"domhashedc316f733840cc5538fd0af59f16cb1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rewards-pengu.xyz","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"172.67.165.32","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-27T14:49:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"claim.pudgypenguins.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"claim.pudgypenguins.com","ip":{"addr":"104.20.38.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-05-23","domain_rank":0,"first_seen":"2024-12-17T14:16:48Z","last_seen":"2026-04-22T14:48:39.067539Z","alert_count":1,"request_count":1,"received_data":19613,"sent_data":463,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-19T22:20:23.925162Z","alert_count":0,"request_count":1,"received_data":10794,"sent_data":476,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"rewards-pengu.xyz","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-09","domain_rank":0,"first_seen":"2026-04-22T14:48:37.390115Z","last_seen":"2026-04-22T14:48:37.390115Z","alert_count":22,"request_count":22,"received_data":3317645,"sent_data":10401,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rewards-pengu.xyz/","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a36531a7669d2e7090cf05e26fd6343","sha1":"805dc67d8a225ed44d4819bfb805e6012123f042","sha256":"8f8df8d150d6ab64be83c03f2f6c6412211184cedc0cb9bc5d382b54597bf483","sha512":"ea3e8080edab204413b4077c0e1e20cb0967f4f35645bae00b1d0c84812bb8836260a6ed57cd444bb57d6efe3d879223ba0db8d2e2fe31f06d90f83b5cc48184","ssdeep":"","tlshash":"7a80044504144147045c44c34151d100514d11000141531440c4c70c144c11f01d73d0","size":32,"data":"","first_seen":"2025-07-28T12:33:50.825706Z","last_seen":"2026-04-22T14:49:50.222156Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/_nuxt/assets/index.js","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5775ff83a5b095f87fbf3e41df33cf10","sha1":"9463da9dc1d6c17982311d90d8108d72e99f527a","sha256":"c9104c3599e00e7f81236202478860708c9dc62f295ccd72b5f808b83b7e2f4e","sha512":"e50f343b0a9c0fb4b880d4512a55737140cca9dfa0270a97fd25530986f2dcf7a601be28d9a9f264e63108e03e47f2b8ebfbc3522a4685a5b3eecbf093c5b10a","ssdeep":"12288:QcLIGw/2r3/E3Cgg1XK0S4U9BLHY9mu0eQfogKjO2bXCHeIZB:QCwH0S4MY9f03fZwXiB","tlshash":"9a15d6772148c0b169ed29c43ca0dcab1aa8b6114f285c6864b7bd8454dfbafb345fdc","size":956617,"data":"","first_seen":"2026-04-21T16:51:31.72404Z","last_seen":"2026-04-22T19:06:46.269491Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"9dd4e8f591cc2a3ae2a67d2aeab3aaca","sha1":"4f4a6c8da60a937dc02f7605a4a77d40ee380231","sha256":"6911450be4e2cb249b64c73923277be340ef25ef4ee8ea45c5dd254f4eb0fdf9","sha512":"563aa5d787fc255f75c53b04a5d65267c69aa6260d9671be52239f3e8dd7f2a17cab46d45644aacdeb1522b094d62f1fe70a0836a52b6eeecaaa5e3bd1f4a378","ssdeep":"12288:I6/cHzynjvQX204lHa0I64r0VvEQIfwZnESzzoW:I5x0I6s0VvEjf0zoW","tlshash":"f815c5752248c07289ed01d83c90d1cb2b28ba518fdc9ca868b775845adfb9f6355fec","size":925111,"data":"","first_seen":"2026-04-21T16:51:31.730791Z","last_seen":"2026-04-22T19:06:46.286794Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"65caedbaf6e02f3ae2d968160cb45503","sha1":"7bc3777a515858b72f201d8bcc99abe6bf5f2567","sha256":"c1f41b86bc799911d12f9116a71b90d35b294aaed796ad43a24279dcc914a705","sha512":"0a4bc9cf326ecf322edd9dece3b85bfd9ca2f93476bd885ae5096023c1f1b0fec0bfc2e7f0953ea6d40eb67e0afdd4b8015569b751f8156b5c0dd21449c9c4ba","ssdeep":"","tlshash":"61e0c23e036800300367e0fa654bd782303a500b3289a9eabe1dc6646f0273c8162988","size":330,"data":"","first_seen":"2025-08-18T13:12:54.357525Z","last_seen":"2026-04-22T14:49:50.225143Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"rewards-pengu.xyz/934ca5d86cb8ad40-s.p.woff2","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /934ca5d86cb8ad40-s.p.woff2 HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/15e962c9c86fca1e.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 20888\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: \"680f7676-5198\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\naccept-ranges: bytes\r\nage: 70\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nWjktvLES7QvXGWhX2ychICCcPjqeYi%2FHYGb0m3IIthp%2FDLA0REnYJWlwcaqcH%2FVzH5JhNUfC6A75QHBfZx300FXMtBgNnlXvTVpT%2Ffd7jhOzdCVqQAvyeWJ9YuAY6auajom6Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5da92856ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20888,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20888, version 1.0","md5":"e52aa0b07244c4a3acdee247b1f6e829","sha1":"b7b827fcda2a948e66c45d119ad8d02d66c7a83d","sha256":"fd1d69c9fe04a9b4ed9e78286299b09cbbf23efab96c8ab7fffad59ebf3d6f9a","sha512":"7ecd78194903e44f47dd3b41dcd23c0c785928002fc799e510345a456ea974db609a6ebf8ce46e434946de1ea63313929c89d637cc7b2fbf3042b6440ebbff5b","ssdeep":"384:YgjIF9Spa3GQ4uMEYK6GOaIAGs0R135QgGVmVp3/4Pq3K:FEkaWNdEYI6U695G0BQq3K","tlshash":"4f92e1e4fac80e2680d7ae2d2d05a0909433d051cb5a88ff6d6716691b673b3cd9b638","first_seen":"2023-12-15T11:46:57Z","last_seen":"2026-04-22T14:49:50.136879Z","times_seen":156,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/ethSolana.mp4","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /ethSolana.mp4 HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 96715\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: \"680f7676-179cb\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\nage: 71\r\ncontent-range: bytes 0-96714/96715\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jM%2B9TTfgW%2FlD23j9OE8pP2A7Y1K%2FAKLwFMDnSJz7YpCO4chsRyH59KlcuygF0EDzTp%2BACmr%2Fvd1z2vLqW%2FkwSPYr%2FGV%2FlT0ZhgwhYJAdOwRbg1rpJY%2FFZib3tbHqErHSCW9Fbg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5f8b5d56ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96715,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"f191e78b35b7d70c845c701a201192c4","sha1":"3549cf362fadb3a9d10ad71da755b18cdb1c1555","sha256":"01e4ec0f3bae133ab756c2616d30e2c0c70afc2e1af1b6334d9549534a67dc5e","sha512":"21adce9c3b601a62e5e6e2fd3a195193d43f0c0e5976085a9e09f7afcb00e654fab367e50b821955905f91f1c322954fbb5ac50ad3276356cb3e5fbf05665bc4","ssdeep":"1536:w/yo/WFEbshmvjEaUAEuzvE5wMcJurBd10GE6H5WZz9ZW6pSWXogtB44jBqA7hkN:wKSDwxluQ5w5W10g4z9FSWtSaBqANk+K","tlshash":"95931292affcd1d0c42605b7e265bb1d7f605ca1a31f83d2d1a33910b4b6f550ac3a95","first_seen":"2024-12-28T10:25:20.051004Z","last_seen":"2026-04-22T14:49:50.139349Z","times_seen":155,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/blue.mp4","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /blue.mp4 HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 458250\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: \"680f7676-6fe0a\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\nage: 71\r\ncontent-range: bytes 0-458249/458250\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lv6Qtx7eX54LgLFTbdITVz9NDgaElKowMfM4%2BCyW3r%2Fw1jxPbzsWjjpeFXxJg7GZpyxxPDiYcY%2FuZZ1JF%2FDlEjW5sZDtBUCZbLbrmcWFoFTncHkvCjkcZHH1pZi6KLhCru8UEw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5fab9156ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":458250,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"caba320a1d41b11529caeab98906cc5b","sha1":"8a3005cbc789dd6ca812e18be73f5cda5ebc9348","sha256":"d04c55d92bebb5842bb8cc7e03fbb64b840e59925ffeb853db193bf6724d78a1","sha512":"dcf103aa3cadd9c38b0f6db2e8b95f54086072f382a76b31c306f4496e307de1f4f2147de89ff336406489abde52c9a0054f2c82ca9910cf9f9cd28e312fa4fe","ssdeep":"12288:BqUU7oVLP2Ws+eR/7mnNRcYm2fJgBXsu+LP:BqUU7aLPBeB2Rkq2su+LP","tlshash":"61a4232113639eb5c9fc0bf977e506aa7a3bb5b8652148b4f54809ac3a884b73d0d11f","first_seen":"2024-12-28T10:25:20.054284Z","last_seen":"2026-04-22T14:49:50.142152Z","times_seen":156,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/ethSolana.mp4","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /ethSolana.mp4 HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 96715\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: \"680f7676-179cb\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\nage: 71\r\ncontent-range: bytes 0-96714/96715\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pSGFn%2Fi4imBULx52xJ0Z0wa1BN3Npa7N02OIPM8O57ELe75FyAXFkEblVHce2fOo6MVKAbokHTZ7BCR5FNvyx611%2Fjl1b1xSUiGCfbYc3X68kzJUkgkA6dPrY2LPgO7vKFGKYA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5fab9456ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96715,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"f191e78b35b7d70c845c701a201192c4","sha1":"3549cf362fadb3a9d10ad71da755b18cdb1c1555","sha256":"01e4ec0f3bae133ab756c2616d30e2c0c70afc2e1af1b6334d9549534a67dc5e","sha512":"21adce9c3b601a62e5e6e2fd3a195193d43f0c0e5976085a9e09f7afcb00e654fab367e50b821955905f91f1c322954fbb5ac50ad3276356cb3e5fbf05665bc4","ssdeep":"1536:w/yo/WFEbshmvjEaUAEuzvE5wMcJurBd10GE6H5WZz9ZW6pSWXogtB44jBqA7hkN:wKSDwxluQ5w5W10g4z9FSWtSaBqANk+K","tlshash":"95931292affcd1d0c42605b7e265bb1d7f605ca1a31f83d2d1a33910b4b6f550ac3a95","first_seen":"2024-12-28T10:25:20.051004Z","last_seen":"2026-04-22T14:49:50.139349Z","times_seen":155,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claim.pudgypenguins.com/apple-touch-icon-180x180.png","fqdn":"claim.pudgypenguins.com","domain":"pudgypenguins.com","tld":"com"},"ip":{"addr":"104.20.38.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:26.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claim.pudgypenguins.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 11 Mar 2026 07:44:35 GMT","end":"Tue, 09 Jun 2026 08:44:33 GMT"},"fingerprint":{"sha1":"56:E2:12:11:57:B9:BA:77:35:86:60:FC:AA:94:96:4A:41:BC:6F:32","sha256":"33:17:F4:05:03:3C:41:9F:AD:C3:53:AA:A0:84:BE:72:33:C8:C6:F4:42:FC:16:62:E1:6B:E1:EC:20:74:FC:EB"}}},"request":{"raw":"GET /apple-touch-icon-180x180.png HTTP/1.1\r\nHost: claim.pudgypenguins.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 18882\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\ncontent-disposition: inline; filename=\"apple-touch-icon-180x180.png\"\r\netag: \"91a82cccdf40222506426fbf1b125a90\"\r\nlast-modified: Wed, 03 Dec 2025 12:54:47 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /apple-touch-icon-180x180.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::nhkdt-1764766487104-5224a2e90535\r\ncf-cache-status: REVALIDATED\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9f056f6319c44e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18882,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"91a82cccdf40222506426fbf1b125a90","sha1":"edcbce6f295d8531c6e2c411fbd6a45dd76e166e","sha256":"db8514641f93f2518661d22f2b00bc6d208c0721465d05a951f92bec0d6b546a","sha512":"2fe4f5b1ec353105ef8739323b95e5ed713efd6cefca915844888a3090543d5d2ef7e4622579f950e25ef760bc5965c983f49ed1dd8f84afee5e51558cbbc723","ssdeep":"384:lakZPn7uVtQYDrcV1+LAdNR/xjeXoSm0kkWRv17YuuEnbr9ghD:7CVtQYDr5AdNRheE0Uv1+Clgx","tlshash":"e482d0bff88c458047b868d3774aa42f00fc79f98f4903e51346d6765ab0a1a452afb7","first_seen":"2026-01-03T06:20:47.664592Z","last_seen":"2026-04-22T14:49:50.145083Z","times_seen":100,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":144,"receive":2,"ssl":27},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"claim.pudgypenguins.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/_nuxt/assets/index.js","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /_nuxt/assets/index.js HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 21 Apr 2026 16:35:14 GMT\r\netag: W/\"69e7a742-e9e37\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=300, must-revalidate\r\ncontent-encoding: gzip\r\nage: 71\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q3zL0hiTNj2O115nZWoXDXoKFoo9qwGkypIglsssFVw1w3WDvp2CCnvXJTF2o6h4%2BEykBmePG79T4C5PgrPfA8dKKoBtGyvr4jJ%2Baj7ThppbWBl9vvj3raiFnNL888ROf6TFaw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5cafb156ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":958007,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (63400), with no line terminators","md5":"5775ff83a5b095f87fbf3e41df33cf10","sha1":"9463da9dc1d6c17982311d90d8108d72e99f527a","sha256":"c9104c3599e00e7f81236202478860708c9dc62f295ccd72b5f808b83b7e2f4e","sha512":"e50f343b0a9c0fb4b880d4512a55737140cca9dfa0270a97fd25530986f2dcf7a601be28d9a9f264e63108e03e47f2b8ebfbc3522a4685a5b3eecbf093c5b10a","ssdeep":"12288:QcLIGw/2r3/E3Cgg1XK0S4U9BLHY9mu0eQfogKjO2bXCHeIZB:QCwH0S4MY9f03fZwXiB","tlshash":"9a15d6772148c0b169ed29c43ca0dcab1aa8b6114f285c6864b7bd8454dfbafb345fdc","first_seen":"2026-04-21T16:51:31.72404Z","last_seen":"2026-04-22T19:06:46.269491Z","times_seen":35,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/286c0c7c193bbacc-s.p.woff2","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /286c0c7c193bbacc-s.p.woff2 HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/15e962c9c86fca1e.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 20056\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: \"680f7676-4e58\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\naccept-ranges: bytes\r\nage: 70\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XjUJoyBUQycqlbGDr6wVs%2FHN65TogWYVl5dNQUy1%2BNEao46jsnURvZB4l9NEht4htFKjrlkUwOHPaBNEOCzEB28CQztjJza4UAVBXKp0BO223OCKwASoqH4fEibbg7%2FIyFTZPg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5da93456ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20056,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20056, version 1.0","md5":"1c5adb0ce67bcc296c754a8799253362","sha1":"edc2f273e8013e423c3610f4fb024ad7eb9b9cf4","sha256":"3932afcb4b34e743459d09ddb48cc47ca1910b27d965f2a23ec56f467c2ef171","sha512":"9510e67114c4ffd3f5541e3276288bed7834950ea6d5123a0f396762643c06de5e35dfb6ecf7a3ef7d326d088aee5344cf4049fdb654170a390c51a142a51e83","ssdeep":"384:VDxiBTSDpotkzg1HSjILRPER3rpAFyFTbrbfAO60pvnpaDyYQ:UIotp1fRsR9NFTbnc0JpaDyYQ","tlshash":"6792cf6d746999c28c130739ccdcdba102ac0df7836cd82c50e2db5ed66e5b1bb9942e","first_seen":"2024-12-28T10:25:20.026473Z","last_seen":"2026-04-22T14:49:50.172242Z","times_seen":144,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/8393ee9793b05532-s.p.woff2","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /8393ee9793b05532-s.p.woff2 HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/15e962c9c86fca1e.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 20676\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: \"680f7676-50c4\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\naccept-ranges: bytes\r\nage: 70\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SsWxSGDtQHZnHg9BomiLFj%2F6rd90P%2FrKwRjB1dFp1KyXUqlmvC4F8yDFl8DOOChmSSyw%2FqtTLQNqaAcBMy0vOytFrK929QRPjiIef1S%2BmqtS04ZMa%2BOzN8p77nwO%2Fxr8na4rgg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5db94a56ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20676,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20676, version 1.0","md5":"1f4afd89337fa7da3b15cb7b5e1c4109","sha1":"9dc5d1382c6609b410ba1a4264c566700a0a6150","sha256":"6617feddfedca9f981b2b79ae8fea2e51f8232ac59ed4f1be7f730520f9291cb","sha512":"a54f0b4c05f825ffadb550498e507525210d6ae89cfa9fddc419c60f6132677e44e30b99b66d7bf2b60d99b496f78baedf57e2d205ab50aa462de50653bd125f","ssdeep":"384:PqTtkTmzHRqq9fxoqyXLOLnzzMkgipH+86p2o7z7kgMnqp61pRV8UEdpH/O:PMtlkq9faUbzhgitT87BMbpRVvuHm","tlshash":"fc92d0b69d6785b0e7e181bc502c98618286d4ff258cf2b59c62bd4c40f4ae4391e6e2","first_seen":"2023-11-25T16:51:58Z","last_seen":"2026-04-22T14:49:50.174696Z","times_seen":145,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/api/is-banned","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /api/is-banned HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rewards-pengu.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:26 GMT\r\ncontent-type: text/plain;charset=utf-8\r\ncontent-length: 1\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncache-control: private, max-age=300\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aZOn63yL70aHaVoT73OnQJu2dtQkd1EIb1xkCvL%2FX7zZPtuhjYsBrJg%2Bo9Hp1Jm8LpIY4rT2OKcMvtHR%2FEDHfeBTlERP0NSII6GUua3bZu%2FizeML2Wbhzoiy6IO4m8gws5IkHQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f608c7256ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"very short file (no magic)","md5":"cfcd208495d565ef66e7dff9f98764da","sha1":"b6589fc6ab0dc82cf12099d1c2d40ab994e8410c","sha256":"5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9","sha512":"31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99","ssdeep":"","tlshash":"c700000000000000c00000300000000000000000000000000000000000000000000000","first_seen":"2023-03-07T01:37:31Z","last_seen":"2026-04-22T21:06:57.314322Z","times_seen":105999,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/api/config","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rewards-pengu.xyz/\r\ncontent-language: en-US,q=0.8;en\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:26 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l%2FM02FJyiNJPT%2F6HH6XsVWUCep%2B18zNWxVYcm5I4U7TKXHTXiwUPEhexcQk%2BJsMhU95Db1RNyjbaVTM4RVzEHU0sHBxlXB0Tb4q5ccqHHgd7NkV0UbMBW7BC%2FiyceSOArxNyNw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9f056f608c7656ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":181,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"data","md5":"47b9307e827fca941ac12977a4ed3e18","sha1":"7c9a9afa871d392a59a3ef78ee373fc972734416","sha256":"664f94e0dd3b068fbe6606e71e49cefe3a8a97928c42b8a55ffd1a0d304bb91c","sha512":"beaad6ab9efcf8d332d0c8b04c36cf6acb80b5e28d723006bb36385d53a53f017f017677b8429ed012f86945e4293bcede33e2331011a8bfebcf8efbba323057","ssdeep":"","tlshash":"7dd02b795888bbc576b7ddb52b457bc23485c9a06a15ea55f345381408351c15204ce5","first_seen":"2026-04-22T14:49:50.183252Z","last_seen":"2026-04-22T14:49:50.183252Z","times_seen":1,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/282536c7f81179b2.css","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /282536c7f81179b2.css HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: W/\"680f7676-146e\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\ncontent-encoding: gzip\r\nage: 71\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KEGZY9Fe%2BjQ8NL6XY%2FR8b0kGXHV48MPuq3MrLvacr%2Fhm5Ztd1zguVDRbUUSZkzxtLfLeNioIpxWs%2BDuuZCDSNqrUHyaTevvqOYr3oEhp%2BEbSfYsqNiwYBy1Xqbxaa6HYz6dhFg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5cafae56ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5230,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5230), with no line terminators","md5":"80a4cb2e4c8a1a390ed53b4fd31ad17c","sha1":"c53c768ff94809bc59c8a57aff56045012cd2ddf","sha256":"08f9b2e186e7b747a0067ab7306e19d310647b57f9ee93dee4b1342b412313f9","sha512":"4d5707bd2096fdf611d9117ee64bacec2918c9d966621ebbca2b9091713a0423baefe10865ac03e2157e8c7c20b3fd2ee5217a7fa5305bee272319c595fe1cc5","ssdeep":"48:i6fS0fVV/mZAywIAHEmy0HyGggfATcqk0ZNjQzFfD5JfzV+Lz5Cey4xqdEduy3S1:i89E4pYN2lD5RV914O4BScgH","tlshash":"94b1407756345018eead4802a381edbe020684d3fde6c5f665b2401ecec37eb7b96319","first_seen":"2025-08-18T13:12:54.354146Z","last_seen":"2026-04-22T14:49:50.190199Z","times_seen":39,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/css2.css","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/fc9f270f2802835b.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\nage: 71\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Nczny%2FzNxebppIMP6%2FQcBVd4dYr6agI4sejCIApuclqNJyZUrOllVwAymqDfUoa3z%2BHN%2BlQTwkSL1A4nkKzytmxbh5XPfKkNCzgCusAriLmYld8BvDpgwl4w4%2F0uIlneti4wMQ%3D%3D\"}]}\r\netag: W/\"680f7676-975\"\r\ncontent-encoding: br\r\ncf-ray: 9f056f5d186156ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2421,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ab61ea4ecfdaef57a47f0419596f911d","sha1":"4e6fb3c3de6996896fbe5aa449a5b7b5eca3b2b3","sha256":"2b4067b0762c9df8f12ec90840e3efd1ecfe437249931523299e4b9d63102f9e","sha512":"a9ed4e736a025c1cef4cedca3697a31a4dc11272dcda08d17347dd737f4115ae38bf210f15b502d22bf22b0da1f80156e0bfc01ff10a8bd32d68ef2723c81bbe","ssdeep":"","tlshash":"9d418940086e6510e7a75cc426cd7e62ea1eb25464559d34bffe0048bcabc7c5372b4d","first_seen":"2025-08-18T13:12:54.34958Z","last_seen":"2026-04-22T14:49:50.193006Z","times_seen":54,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 22 Apr 2026 14:49:25 GMT\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-04-22T21:13:04.721647Z","times_seen":22238,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":230,"dns":1,"connect":7,"send":0,"wait":20,"receive":0,"ssl":219},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/pengu-jump-white-opt.mp4","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /pengu-jump-white-opt.mp4 HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 495717\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: \"680f7676-79065\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\nage: 71\r\ncontent-range: bytes 0-495716/495717\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ti4U6SSZd4Jk2%2BpVYATYCFxckGfRaDzrhPIva3ry5HK76c%2BxnPZpMXOGMmcp7YUuQl3%2Fz%2Bn68qGGmJ00%2FXK%2BeJmftq67o2weYKrkFbEjIZAf7qd9G4Lutn8yaHzGpaGoxqH2gQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5f8b5c56ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":495717,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"2f532b6ce8334ddc23e4cee4b474aac9","sha1":"9d2e146dfa52735f4f7fe5e6b6b6277c57681da6","sha256":"ac85791a1723f578e68ee08f70305d1058d261dfe0a21fdf13fa5637f9c9e36a","sha512":"524b301c31e54f623ec2683b8c39d1fb6aea0beba089563fee853a9164afb125b0be89c92231aa59eb098dac3dcbfe5d44ea8a3de6f75e0da58ecfb9ffa1d78f","ssdeep":"12288:VLkDO/Tnmc6INODFXv684VUwqjSXaeYXe1YI+UhPf:ZkDuDSIqXv68BjO1n+U1f","tlshash":"11b4232437281af5e5426e358ee5cf642424712f670def5eab7876527cf18ba07e0306","first_seen":"2024-12-28T10:25:20.053175Z","last_seen":"2026-04-22T14:49:50.196703Z","times_seen":160,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/blue.mp4","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /blue.mp4 HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 458250\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: \"680f7676-6fe0a\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\nage: 71\r\ncontent-range: bytes 0-458249/458250\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bj1R5w%2BDM9%2FqaYWVud3XMMAcRdnACSz6ZddaJHRTjb08pnKq4pqB1jITf9D2u3LjOyRA46JoXdNGw0YS4KXAjShE60k5mC279PG655dSe5pSc6hbir1YxghNadzRr6hFk2npXg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5fab9b56ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":458250,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"caba320a1d41b11529caeab98906cc5b","sha1":"8a3005cbc789dd6ca812e18be73f5cda5ebc9348","sha256":"d04c55d92bebb5842bb8cc7e03fbb64b840e59925ffeb853db193bf6724d78a1","sha512":"dcf103aa3cadd9c38b0f6db2e8b95f54086072f382a76b31c306f4496e307de1f4f2147de89ff336406489abde52c9a0054f2c82ca9910cf9f9cd28e312fa4fe","ssdeep":"12288:BqUU7oVLP2Ws+eR/7mnNRcYm2fJgBXsu+LP:BqUU7aLPBeB2Rkq2su+LP","tlshash":"61a4232113639eb5c9fc0bf977e506aa7a3bb5b8652148b4f54809ac3a884b73d0d11f","first_seen":"2024-12-28T10:25:20.054284Z","last_seen":"2026-04-22T14:49:50.142152Z","times_seen":156,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/favicon.ico","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:26.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:26 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\nage: 70\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pua6irXgODfaPXiqJH8y391gnt8gsWOHYSaNJBxnvUiBcp%2BgoKmBrIUWwaqdHOxtfM0%2BGv2C6JiFHMCA9e0%2FGBAz9wJMfeUgeUsofXHHGp4VvVX%2F12f96F6PG5pbyT%2FijMfXZw%3D%3D\"}]}\r\netag: W/\"680f7676-86be\"\r\ncontent-encoding: br\r\ncf-ray: 9f056f62ef7356ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34494,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"cc84bbd877a9ba227ec8623a5626058d","sha1":"3d9a566db32aa7a1df998b906fd5db434ba1f2fd","sha256":"f6b6bb2765d371dda37b91e1eadf0b2829e7cc395624ea6b8474dcd07df62830","sha512":"37133c415c6201a898105dbb8cb03d574e8f33b5e4e3379218d824fbfab4e5bb87b72fbd44c87f0e5d088696ed56f28eb83f8c803367785d6a257559bca50389","ssdeep":"192:2UVJE8AswLBg0hiPu6TprqcnyZMxpWL7ozjqHln:2oERsBPu6TpJnyUALM6Hl","tlshash":"36f29ac749c17ed4f8583270522d08b811579f9b99dca43aa5bc3a63fdb3212942afc7","first_seen":"2024-12-18T05:35:34.272677Z","last_seen":"2026-04-22T14:49:50.200351Z","times_seen":154,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/15e962c9c86fca1e.css","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /15e962c9c86fca1e.css HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\nage: 71\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GSuM1LqqLtk61q8zM0A4yXn5ds%2F26BgMHX6MIkcyGJseLiH755w33%2B73KxnJNbqL1hH43Tj4O%2Btb7wfscUUTSZK5K1KrN1Tp3lMe8EjVhnFjtLESUXUjCoG5AxfOmV25fcV3wQ%3D%3D\"}]}\r\netag: W/\"680f7676-cb3\"\r\ncontent-encoding: br\r\ncf-ray: 9f056f5cafa856ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3251,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3251), with no line terminators","md5":"d69fc6a2df725379075751dbbbda83cb","sha1":"f5ea24b241732b9900c7d38e0c35b219edc09a1a","sha256":"708bbbbda3c56749161a181c465439a9423c96f3b718601ffab08434e20f9d5e","sha512":"07a2a9f0d782db03aba210692fbc8f38c7bd73950f1ab07562e2dce0195bc688037265a52dc71a6ea0858ef1e2afdfab6f2397ef4bf0ad772340c17e1e21e9b5","ssdeep":"","tlshash":"b16111bd490e901d9472155363cb7b1b193fe427beaa3a927612046c4ec7bac03f1bb4","first_seen":"2025-08-18T13:12:54.341961Z","last_seen":"2026-04-22T14:49:50.201563Z","times_seen":38,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/b30489573339f853.css","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /b30489573339f853.css HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: W/\"680f7676-6d91\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\ncontent-encoding: gzip\r\nage: 71\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p%2BQ2UD%2FqnFsqqFkEU4rjyE5n6G3%2BzpoKRN%2BivYPLcFXo9xuTrnmTUdvTDjPwrQIjfGsWYcv9ReAlCMc55euOftRmSdhq%2BqK%2B5OIN7urPXLp99bcMN%2Fq5rZDjceYz8JwGlWzVLg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5cafab56ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28049,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (28049), with no line terminators","md5":"216ac5efc22e7e7b02236897d46f031f","sha1":"d77b06b41556c5ce0a9c99452279dafff8a21c72","sha256":"8c19834e9f5522046f46760cd84ea75177645a45c57fc8fed07f78051a736e96","sha512":"619d08b75b1ba2e15ff8e4417aee2a24e1aeb745b844dd35583f5d9edd9aebf23cff88e39a4875b00f40c31bcae38f57793d87bbabb0866547a1f6452ce48bf1","ssdeep":"384:TpSed283ZcW23qWF7O36AgzyAIfPojPFEIN4:TpSUJoAgzyAcojPFEw4","tlshash":"b4c2c9097e2d3f38ba13a32440c0849c620b775feebd8797acd1265d9d9d78431aca79","first_seen":"2024-05-14T01:42:13Z","last_seen":"2026-04-22T14:49:50.202383Z","times_seen":179,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/coin.mp4","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /coin.mp4 HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 175030\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: \"680f7676-2abb6\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\nage: 71\r\ncontent-range: bytes 0-175029/175030\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ncRnRX5fKoY7oxwMYT1r9gFTRi3PpHEwGklu8lttaaXPxqYI9lb1fv8wpdfAlNkUt88D7n5N8YJvm4k%2BCH8VxBldkaQAQrNHokz%2FSddNLtQfQBpWFzUTeYpAaq%2BbRO3AXpemLA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5f8b6056ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":175030,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"0c203934d757f7a51ca86b9f2221478c","sha1":"abfd0e5fae59c675411c8f5734440f42aa50bc81","sha256":"368a99ab85c7fb7b75d36b973f0ebd6372f755e700903b206c811743fb4f3990","sha512":"c7a9af37ed53d8dd1601144460d860113606c87e03e0d990a6cb6584cfa93833692bdeadfc8e1f665e0bbf916e796605a4eb3920e1f400932a1d01511a1d6722","ssdeep":"3072:D/TzVYUlR/1M3dqZITKwYt3HoIUep/uXpoSg6XO+3JSoR9RBG1tYfcL6g0hblrYt:DHVYY/1M3YSRM3HoI35Gg4OETRBLcahM","tlshash":"c50413c0d64181cad334ab36da89f3805ff587f4de55ad2ffc198c2aa55a5862a43838","first_seen":"2024-12-28T10:25:20.052089Z","last_seen":"2026-04-22T14:49:50.203113Z","times_seen":156,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/coin.mp4","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /coin.mp4 HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 175030\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: \"680f7676-2abb6\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\nage: 71\r\ncontent-range: bytes 0-175029/175030\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fF7Qhrap7os%2FrMIX670TVb1rQw3tgPNIhYnhmcftfDMBxXPqMopBdjxDP3w6%2BFgruuEGfZE%2By3I12pPOEgXhL6tytMyXjFa1YcmOH7H4V57xNZEoegAKAMRLGxms14tluHU6VQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5fab9656ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":175030,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"0c203934d757f7a51ca86b9f2221478c","sha1":"abfd0e5fae59c675411c8f5734440f42aa50bc81","sha256":"368a99ab85c7fb7b75d36b973f0ebd6372f755e700903b206c811743fb4f3990","sha512":"c7a9af37ed53d8dd1601144460d860113606c87e03e0d990a6cb6584cfa93833692bdeadfc8e1f665e0bbf916e796605a4eb3920e1f400932a1d01511a1d6722","ssdeep":"3072:D/TzVYUlR/1M3dqZITKwYt3HoIUep/uXpoSg6XO+3JSoR9RBG1tYfcL6g0hblrYt:DHVYY/1M3YSRM3HoI35Gg4OETRBLcahM","tlshash":"c50413c0d64181cad334ab36da89f3805ff587f4de55ad2ffc198c2aa55a5862a43838","first_seen":"2024-12-28T10:25:20.052089Z","last_seen":"2026-04-22T14:49:50.203113Z","times_seen":156,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/api/visit","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:26.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"POST /api/visit HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rewards-pengu.xyz/\r\nOrigin: https://rewards-pengu.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:26 GMT\r\ncontent-type: text/plain;charset=utf-8\r\ncontent-length: 2\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t0IOnMcwlvhg%2B7%2BK39udCjXGwyaoloU4pYJBpwxpEj2kwII%2Fs7X0IQO7y%2B8sk8OzDJgZXIiAJ1Ayn%2BhmOhyIiu%2BqxD%2FCaQNkz6EoI0V5h5rv3lz5G3%2BGgmPfskfMXXJD3lRnCA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f624ea056ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-04-22T20:59:20.585405Z","times_seen":399251,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-22T14:49:24.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 22 Jul 2025 05:55:09 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oSkXv%2F8wki3h0%2Fr%2By3kMgFNyo4yl%2FNUt%2FvQvsrtowJ8gNmmVAxLcEcq0IF%2F4j5Wz%2B3faR3hEx9pWYFlpUW6MUmMtgjHI1nrXWJ2VyvtW%2BkX86mpDLfNVGD9slt33UMGY1Y3UXQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9f056f59dc5ac759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173578,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (5008)","md5":"791d8f49015abccb56a41a7183097fa7","sha1":"3f20f021d61fd3afedfb875a72deb506edd89f5e","sha256":"25a7a016677218d5b74aa76875217c28a8b8968b90d5a38f0e15609bebba4d9d","sha512":"317cf07ca40381294563d6eec099110a080ddf2080cd0646f34d92ea11f58cd9b9a8d95493ea092c7196764b145639272dcb17bc471d4f7e70240be399eb1d3f","ssdeep":"1536:o878jIu6VAHKqWoMl0E5tetahuqbC6YHYvAq0W3eluRel4lgxXH:8MQsACaXH","tlshash":"2004d6d563f5a3f4f40aa3f8ca2394713e5728b76a11c598b2fd1d959f0508cc89ac8b","first_seen":"2026-03-25T21:21:20.284106Z","last_seen":"2026-04-22T14:49:50.217933Z","times_seen":3,"resource_available":true,"data":null}},"time_used":293,"timings":{"blocked":18,"dns":0,"connect":1,"send":0,"wait":257,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/fc9f270f2802835b.css","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /fc9f270f2802835b.css HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: W/\"680f7676-d8a1\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\ncontent-encoding: gzip\r\nage: 71\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TPfpo4W3yJ5%2BioDu7YAQwYoSFz%2Fmgq1HgdYocUC2zZnkM8LbKA4FXntEEIEKSQImaeVunaaGZ6pOQ3Ikofz0FzrVTTkXTSXvgWXWVSYeHi9pqIVj8MYyfREQ8vRnpXLy0l0Efw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5cafa956ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":55457,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (55457), with no line terminators","md5":"440ce310fa31f2c67580435b351e9e55","sha1":"b35631132ef3ffaf7641a33409c425ab48de34d9","sha256":"6a67fc056497156078834db657a40009ecafbc92071a568690beed82f6b9f51e","sha512":"1fbba122ecaaba83e01d220a6682cb827b3db33fa3e23ac84bebdc278202f549c398471a005243e581c92f44458c33842673de97aa2ade6afd8c1f2fd93f21cb","ssdeep":"768:PDDApCXN1uOM3Yij0j1lS7ZZKmulIXpbutSOIliMZ/fpw3AnIhVR2QoM:PJXNKyZlSNZKmKSFi+fFIhVRxoM","tlshash":"7643f9110668a03cf4738557b5c29a7d512c8983bc3b6eef92b3202ecbc76a6137670d","first_seen":"2025-08-18T13:12:54.353166Z","last_seen":"2026-04-22T14:49:50.219586Z","times_seen":37,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rewards-pengu.xyz/89f90a9e68950f25.css","fqdn":"rewards-pengu.xyz","domain":"rewards-pengu.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rewards-pengu.xyz/","date":"2026-04-22T14:49:25.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rewards-pengu.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 11:45:29 GMT","end":"Mon, 20 Jul 2026 11:45:28 GMT"},"fingerprint":{"sha1":"A0:72:BC:89:C6:7E:33:10:57:53:59:F9:E2:15:12:9A:C7:8E:0D:23","sha256":"4B:13:11:A8:57:51:BB:CD:44:F3:B5:30:2D:10:41:94:18:10:72:8F:C1:DB:4F:74:F5:3E:36:5B:99:97:FD:2D"}}},"request":{"raw":"GET /89f90a9e68950f25.css HTTP/1.1\r\nHost: rewards-pengu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-pengu.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 14:49:25 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Mon, 28 Apr 2025 12:37:10 GMT\r\netag: W/\"680f7676-59ed\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\ncontent-encoding: gzip\r\nage: 71\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=InTl6nsxPBUcWPQjbEHOpczsIqMcsIrcefKAiQesu0djKWJhTgU3qrYo0nuPC3mlPeQCNAcyBrU3AP4RrT%2B7woTb2JEZtzUm1B2Vf3c2MlqNFq0W3k%2FZOvgZnYZMqUa2dmBEoA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f056f5cafad56ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23021,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (22524)","md5":"7e2772326e7e23a4ad5de16ff60d6bb5","sha1":"5ea278b014c5c800bb757ea1ac6ddde86bb84a9e","sha256":"d25ddc54f0d3d815c367900566447a7301efa8f9dfebc7c076dfa23d1876bd09","sha512":"07049fb27ccbf4df6e4820d280d86088b24c2a05c78835f451c01bb45b29d1dd2a11e1b5c65be123bbd6bcfaa56ed107ca894d0908c6880e0760bc12d7084b4b","ssdeep":"384:iwy59Lyh7+CFgACiexr/IbS7CXQK6zSOIJQqZhaXcQQphU2JXDqdY:e58h7+CAdxr/4QQhzzX","tlshash":"85a2d71b6f11502eac6244dbe5c0b9ad311db4c1be3b5afafa425402cfc62fb16a6704","first_seen":"2025-04-20T12:47:01.988435Z","last_seen":"2026-04-22T14:49:50.220898Z","times_seen":43,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"rewards-pengu.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}