{"report_id":"634fcf2a-fbe5-4cf7-9731-d3e5d8bb35b0","version":6,"status":"done","tags":[],"date":"2026-04-20T10:42:24Z","url":{"schema":"http","addr":"asteroid-rewards.xyz","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.186","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"asteroid-rewards.xyz/","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"title":"ASTER | Distribution","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"asteroid-rewards.xyz","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.186","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-25T10:42:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-19T22:16:46.237507Z","alert_count":0,"request_count":3,"received_data":148101,"sent_data":1680,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-19T22:20:23.925162Z","alert_count":0,"request_count":1,"received_data":10794,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"presale.alexbeckertoken.cc","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-09-02","domain_rank":0,"first_seen":"2024-10-20T20:21:41.614725Z","last_seen":"2026-04-17T08:20:17.261621Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":466,"comment":"","tags":null,"fingerprints":null},{"fqdn":"asteroid-rewards.xyz","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":46,"request_count":23,"received_data":8257868,"sent_data":11209,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"asteroid-rewards.xyz/","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7e51ed338b06f3ccd0463eb7962d79b5","sha1":"1ace56ba1e3f40f91612eda04307ae6f43a69578","sha256":"f2fdf6cf970906ee0741a9e2d3219015db93368253b5a12c7cf8521af1d996d6","sha512":"18fadb3f070f8737ad3d6bcaabb74317c4d4ecc7b2e68991a84871f0766ccd1fbdc02a413a29f08debaba3acac537d5e39a891a86c4d3ccbe8501d3ff81f9b8c","ssdeep":"","tlshash":"26c0c090c1eccbe0031c44bf2138a2802060753c1042b0cbc2bdeecf210df413ac8c15","size":187,"data":"","first_seen":"2026-04-20T10:42:31.455996Z","last_seen":"2026-04-21T11:16:33.317238Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/ber2dd0nj.php?s=%2Fipfs%2FOb2BzNE8CT2k7ZO5fOX3tg392098687557bb3b9508dd000a961e7c%3Ft%3D1776681721299","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7fa5731f00f6f6e777e03378a15e853a","sha1":"0f99efbf3224f9abf7cce5504b6d11c156ff16fa","sha256":"144b8a5af370eb5a72295590914d2167e8f41e75a7e2534fd252d7ddc7be61d7","sha512":"490596127f25c08fd05a648c67c52a2778397901a37552fefccd63be3010213b4bd28c40c5ea6bb8b0ac2eb729e34e4d7b392fe25a602ef4da92402639c8ece7","ssdeep":"1536:SXleyju0oaCBgioHQIv7C/BGN1N5HhkexlS+w5f82d4AjG0Y9:SXEyS0BTHQo7Q2tHhkexl8w","tlshash":"b8349359db93849c8f48069f80a2f945d9548d26ca5c74a7de1fccc0b62afb580c72bf","size":235141,"data":"","first_seen":"2026-04-20T10:42:31.45785Z","last_seen":"2026-04-20T10:42:31.45785Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/a6b5bbc9-3de4-4137-bb3f-00f813bb7614","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"7df73988252e4e56e97ba60a379b1adb","sha1":"71fcb419a05752a6816ec8cb8d6ff66f2b286575","sha256":"795b58fa3e79ac5f0fe3f40fd1a8780febc568757a02fb88cece17317ec0a0d3","sha512":"76bbb9908159d4a89749d84c7cfc019cebaecb2a738e68d09f3e7194cd362e8991548472274377a2b829abdeccdd6a077443dca3c4c9f205ccf78d4a3568702e","ssdeep":"768:FVX6Xl2NCM1idz41CAr7cC2Iq5a87XZUXfl2rsi14UcCs+Wl4:FVLCl","tlshash":"6ca333131cbe346b048f4b63f5295e47af5ffa43da16624cb2bc26852fb7d56c982204","size":107243,"data":"","first_seen":"2025-12-16T18:55:46.047375Z","last_seen":"2026-04-21T11:16:33.318427Z","times_seen":435,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"eda6d47c87537b11c37048cf02454ba4","sha1":"bdc7d8e78672ebb099d0606e5a39df4388063c4e","sha256":"eca2d1570ee9391fb324fe1f837f5bd231ae9e0d30e1af57908050d7bb10df0c","sha512":"ea908c39ca3910885694c0805e06a5fe1ae66dd114bdf7eab51c0fd97adc47873ca17da5aa13499e2e2bf616c0bf2051a0ceb07c588fcb773c2b0307cb79cd93","ssdeep":"768:3KYFmYGRvy6AEhc+YQIcjcVcxcdgc7ODeV8dcNS7o2t:6gZG9yfzQIcn9x","tlshash":"102373e4a65bd4e89e8210ded037f801e4681967cebdf293a92cddc1742df22854b17b","size":46541,"data":"","first_seen":"2026-04-20T10:42:31.461496Z","last_seen":"2026-04-20T11:09:22.743084Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a5f8b1e9a5881e5ffd4062369b171f7c","sha1":"c72eeaed72f10ac27b6c5a03af30776f0b4d2bff","sha256":"47823f973573ae331e2a7388645426845adf63fa60defb136a4550a04ebf9c4b","sha512":"a2f66bb86fb629b486abe597f47a7c1deb643d41ae3474a31f05448de24c4fa248bc0f61cd4bdf5d57d7823a278a1f2521b80a481420767fd3bac166f80fb3e4","ssdeep":"384:LdR0XF1lxTD5KCQtFdWdLrl6jK5UW1C4dTg5iu9slgJ9FSTW1ICAq9vmy8I2pB:ZqXFXxT9KIdvgL3qKKlgJXoq9Z8pB","tlshash":"70c2b59e74debc7843666c79205721cb697e6cc8204c8e15d221c8f8bd76748d8a7edc","size":26123,"data":"","first_seen":"2026-04-20T10:42:31.450028Z","last_seen":"2026-04-20T10:42:31.450028Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4adc83cef95ac963d3a406d8bcb5927","sha1":"484544ada0563ca735a7f2b0081c44d336ec1373","sha256":"5caa528da6a69231ef4bf33bfd7ca43fd2bd40085af605a6015c81a165d87d78","sha512":"83e651c10e6aa01bc56008f65d7b4e896ef202852bb467df8b52722312ab691119d4a4b341014b83dd5deba7bbc4d4f766c69e9d81df515ab431c87cfb66ceb5","ssdeep":"384:r4T67ahSdIXPgXicSa/bMGatpc87c+EKhawpcL4jbg2bbQfp+Ml06pUIjstQ01+e:r4T6d+xEbMG828gWaSng2bOpeajS1Wap","tlshash":"6ac2c8ca70d6b31d47696c78203731eab6fa7d95280848fec521fae4b87474468b7e4c","size":26560,"data":"","first_seen":"2026-04-20T10:13:43.589894Z","last_seen":"2026-04-20T10:42:31.447648Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/123/saved_resource(1).html","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a9e3f632be9238b847fcbe67c3abb41a","sha1":"72f916b7074574967321c4467aeaf54daed2ed0d","sha256":"8647e955556a870555f00cb33aceaf2c7d4eff3d4ad1456ecd30949cc9010fc7","sha512":"9e80458fe22fba7558288cf13e075cb38eea93aa88e83b35ad9045f96b7bc3663fe2e08414f8e7f55cb32fa8f06e118a3c10483f2a90c5a426a908dcb19628f3","ssdeep":"","tlshash":"b7d0a7a62c758d3067a8025f61b7d394266165906a12a60081ddcc3a5f20fd344f1a9c","size":236,"data":"","first_seen":"2024-12-13T17:42:20.448064Z","last_seen":"2026-04-20T10:42:31.463453Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/123/jquery-3.6.0.js","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a750b5e10f34fe9be3d2b152dd12aa4","sha1":"4c7631e6cb74b97f42f146067ffc24c47b329763","sha256":"29223fdf1c42ac27b10aea5dcd02513f507a22a83ed8d03e5f6bb7f1c41daaaf","sha512":"0e003607f4ed747440d2d38b09a30a8fcb9d6dcc65f80ef56abf712674eb83592f45a4bc41d8a136350796a0b0f5cd972f9ca8b45516794644636f4385ec2ffe","ssdeep":"6144:9aaKxfbLY8Cv4okFFmwiFbP6s3JdB/HD0KUWrE4/Xp89ZwvY1Z5COsi2+pHeJwn1:FOiFbP/j70KUWrE4/589jjbvHeyb7PV3","tlshash":"f054b4d9734f116f4ba233aae43b5149ff7dd1b0520550acb58d997c24a081883bafbe","size":299461,"data":"","first_seen":"2023-03-07T12:22:54Z","last_seen":"2026-04-23T22:51:26.856749Z","times_seen":2018,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/vue-common-6.4.8.min.js","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"36b183c3a0a2da89da3d826fe6a363d1","sha1":"68d9824d26feb1767d8e2454d9bc3e7e113dc373","sha256":"c9306b6e0ec2e7c030b8af220f90b53ae2b59b1a662bf5b7bd20977f915a2259","sha512":"8fab0a9f80110938d9149cbf628b4eeaa32f61236df97619d8944b48f36f06e2977486ecc16bc24e02596779d033fb99e211cc37da2f0f529d20ec9dd38bb0bb","ssdeep":"768:6l+bNcOQOcAuRiyctFPVMXLpKWy0HjYhA4K8O/aqYUb4izwfzv83fAyUEEAJ1lcN:RcAm/ctFdcVKGjYLKj/YDGgL5","tlshash":"2c63d6d9691bd0e99d1220dee833e909e4284a63cdadf1a3e67cddc0745df22849317b","size":69178,"data":"","first_seen":"2026-02-08T14:14:19.874016Z","last_seen":"2026-04-21T11:16:33.314728Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5fba1c09b76dcf8e06713378fedf9224","sha1":"a38c4215068a162ffe9c2cec38cb1a78ae8dc8ec","sha256":"284fafc3edeb69a889fdab2ae321416f51074c5d7ffb5bffcc31a83f3e2456f5","sha512":"aeb6e3457f009418938c1b00a80a6c5a815d5cde081f8dc3c3168c3340581d1c05cd1d20c9758597dd69fa8db6a897e9f7668f3f5f30ffe38064b67f113f9ec6","ssdeep":"","tlshash":"4451f50db6d21592aa1362244f3f0605367b93136016cf0a394ff7915f9ae3ad85bcf9","size":2674,"data":"","first_seen":"2026-04-20T10:42:31.464242Z","last_seen":"2026-04-20T10:42:31.464242Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/123/toastr.min.js","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1515ed21d8bd30ca0fae0970f85a7fb3","sha1":"b7808c728fe5fcf884620df5e2154ce988e920c7","sha256":"f2bb0e8511764611ff0081b549ff188c326c7376bf86e28513782b0a48f9c7aa","sha512":"38ba3736b75c78b1c2149cc18022eb235144c162d3fd9d817318e05be6359e7d192fe81b0546b54bd4e9ab56c601c1b87d7b152dfdef3c4646e6a342e7a3f6dd","ssdeep":"96:IVkLdCZR1JHduRv75dR+FIEHXX9oxNDP9mA1UZsEyHGJAcCwV02UfrwH:ekL4BtcvvRqIQcNa74ccrwH","tlshash":"09b19384b220bb8b6b731169919f144b937673b2ccce55007639a5987e7082c97b7fdc","size":5544,"data":"","first_seen":"2023-03-07T13:20:43Z","last_seen":"2026-04-20T10:42:31.449322Z","times_seen":425,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a9e3f632be9238b847fcbe67c3abb41a","sha1":"72f916b7074574967321c4467aeaf54daed2ed0d","sha256":"8647e955556a870555f00cb33aceaf2c7d4eff3d4ad1456ecd30949cc9010fc7","sha512":"9e80458fe22fba7558288cf13e075cb38eea93aa88e83b35ad9045f96b7bc3663fe2e08414f8e7f55cb32fa8f06e118a3c10483f2a90c5a426a908dcb19628f3","ssdeep":"","tlshash":"b7d0a7a62c758d3067a8025f61b7d394266165906a12a60081ddcc3a5f20fd344f1a9c","size":236,"data":"","first_seen":"2024-12-13T17:42:20.448064Z","last_seen":"2026-04-20T10:42:31.463453Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"asteroid-rewards.xyz/ber2dd0nj.php?s=%2Fipfs%2FOb2BzNE8CT2k7ZO5fOX3tg392098687557bb3b9508dd000a961e7c%3Ft%3D1776681721299","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /ber2dd0nj.php?s=%2Fipfs%2FOb2BzNE8CT2k7ZO5fOX3tg392098687557bb3b9508dd000a961e7c%3Ft%3D1776681721299 HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\ncache-control: public, max-age=3600\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EQGFE4m9j04kBpiZaCxkBD55rKtvblT7af9zimmNLenrWqHzx%2FZzB%2Bk5kqMBFArfcdBJfLYckuNRiID4CmHHtvnRxbByYafQOsZHXnjMEs65PEEucYyV9oy5ghZQuLDFT0jICo6Sbg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef38a36296e56b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":236009,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (50264), with no line terminators","md5":"16cdb2dc24f9859f0a342588731189b0","sha1":"5a7366bc72ee0edb35aeee5cbc5bc3126cb04f02","sha256":"a4d24c875735b633cb33e76d3080cf7a35f593d2b50e7456f58a81c4c2d36a6f","sha512":"3eb5281a7a27d0c4209ef2fafd0dbf921f65ea8173241d80a2eb00ed7504e2e39b63872ea1c72e670d87c691ff8b6d6381a2e8a04f52a243607c9f8f14f2539c","ssdeep":"1536:SXleyju0oaCBgioHQIv7C/BGN1N5HhkexlSxI5f82d4AjG0Y9:SXEyS0BTHQo7Q2tHhkexlHw","tlshash":"b434a559db63959c8e48269f80a2f845d6c48c25c95c74a7de0fccc2752afb981c32bf","first_seen":"2026-04-20T10:42:31.425253Z","last_seen":"2026-04-20T10:42:31.425253Z","times_seen":1,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/123/toastr.min.css","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /123/toastr.min.css HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: text/css\r\ncontent-length: 1208\r\nlast-modified: Sat, 18 Apr 2026 14:42:38 GMT\r\netag: \"fed-64fbd13b661c2-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=klru2I5Wh98pV%2B9IX3vvUZpufAa4RvH7nGI6c5hs2K9dzhNzB5MrHW5C0vWXUhVy3QEsKZKejaf6guTP%2BkDTDck3JqUuxdZlQZvUQxE4I2HCcPAjcBdXUg1%2FQleGbmefWXG7oaYfAw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef38a346ef856b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4077,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3790), with CR line terminators","md5":"7bb5a088537dfb8154a867fde2e73704","sha1":"53bf6a20858090281d87c9f9ca6b2696d502855d","sha256":"f51995faee855b1f8c0174398f957dc33a368423abd98da8cab4fcfab87e377a","sha512":"f5b06972fddbb702dab54c3c34b3acc5c62b5235c6b13bf911e84bb564bdca126168b1628e684caf4b52f82ffa9634491903b3cc5034d016d9aa0276178e0e68","ssdeep":"","tlshash":"ae81c011cb80332dbea3961ef455664a2609e1b3e6ee5eed651fa5bcc3c27d41c33284","first_seen":"2024-09-28T07:03:36.213793Z","last_seen":"2026-04-20T10:42:31.429Z","times_seen":71,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/BCKR%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/sprite.svg","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /BCKR%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/sprite.svg HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jt2%2F2dl3WIPRhIOHBNHep3nC1oyyttxA1bTz4IUR%2F9pjBqW8zD%2FALfBoyxa1hHTxy29wx9IOhXxZP6D4kyHiHmhaP1n3weZDPmw5y978Oy2%2FhRRjIhN9HtUmEK5OdsbVP4uS96hahw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ef38a348f0c56b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":267,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"6b522a4c7fec4ce0f6e16d8d649c1218","sha1":"53c36cbd1fe6da2588958ec42c24b1100ffb2c1d","sha256":"3b9e1e4ccdfb763b900c16f6680801c8468d27fc22fa37fa71576142ef4c6b46","sha512":"d79f2ac780c1868ad16182a2f69204e56bd1ea9544d08643ccc1f2b1c27374b580a7b23a848dae3416a3677a016c0edfb65b44d469b524ec8dfbb554f053e8b7","ssdeep":"","tlshash":"76d02b9d904323a6081224903ac111c2628812ef647e81e82d86d487525c63dccd92ad","first_seen":"2026-04-20T10:42:31.433859Z","last_seen":"2026-04-20T10:42:31.433859Z","times_seen":1,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/123/saved_resource(1).html","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://asteroid-rewards.xyz/123/index_1.html","date":"2026-04-20T10:42:01.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /123/saved_resource(1).html HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/123/index_1.html\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: text/html\r\nlast-modified: Sat, 18 Apr 2026 14:42:26 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uDvJmAdKktFcMrG0ySKfoGXlMyX7aWFP9UK9Xm1ch2kORPolO1bhSWIX5%2FMd31GyMMvyrVoe3ex2kGRU%2F58dFAgocdT2bUDREUVPsWuh8%2BLw17qHo4zefmswLALzfBYtcHZVvJ0cWA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncf-ray: 9ef38a37ebf956b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":507,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (464)","md5":"f2718e61138ef0530f5b6c285a3ab392","sha1":"050f5abfcde20b35cf02cda68ce79493aa71e946","sha256":"5b47e35bb125f373e1324ecf6a05860779edb8b6b50383d33fa5e870a5ef464c","sha512":"dcaf7c003a81fdd8ec642ce3b73a875c0a996b5ae8ab9d71ef4cf2b989fa3e1155f73fcb3b97b9fd0adefb414a548191d0b37d99035b2a78decdb869e48557c3","ssdeep":"","tlshash":"89f00ef72c2ac82123b00386a0fae25c05205150b502c941c1e8e87d1e48fda98a3a48","first_seen":"2025-08-14T22:48:24.827007Z","last_seen":"2026-04-20T10:42:31.436423Z","times_seen":59,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/secureproxy.php?e=jscdn/getFile","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"POST /secureproxy.php?e=jscdn/getFile HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://asteroid-rewards.xyz/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://asteroid-rewards.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"48ukvdhqp4ejn36j0vyr\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:02 GMT\r\ncontent-type: application/javascript\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4aj1E0%2FQli7wF1rXRPan6rAnsYmoTEPwXtoILB3N6O%2BTdYehdUItZOs8uZuUGFvQN3zA%2BA1DD43AlRrQ766FNFuxrd1%2B9cSmatQsZ0qW%2BZqkc%2Bz7WlEjBxIFB2FWkMoOcd3tKcM%2FyQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef38a382c4656b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3527180,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bc4768ed8ee66e5281e37df73b8b7dbb","sha1":"d6bdb79ba7f7adcf64075025367543592fa7cd23","sha256":"344b7228c4fedf053ef3faf4a187df026b8fec59c3ea5c97bf431d103bf89d07","sha512":"e6021d2cf190c78dbfd8fb49017807ac98dfb8c90e7174af67ff02802da36939a35d5600f96053ca5309dea9b3d9a55289b6b21513b8f1d7c999d5ea3475776d","ssdeep":"24576:FQlg6vCCCgvnQsyjCq4rCMBZ849RxN4soD5JaHTRsq4BH:CgKdWdMhfxNeeHFVC","tlshash":"f22523581c6651b64b4c276b70b74e5d62a06f0608d950cfe688ddc27a7efb0c2cf86e","first_seen":"2026-04-20T10:42:31.437566Z","last_seen":"2026-04-20T10:42:31.437566Z","times_seen":1,"resource_available":false,"data":null}},"time_used":908,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":489,"receive":419,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://asteroid-rewards.xyz/123/saved_resource(1).html","date":"2026-04-20T10:42:01.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/123/saved_resource(1).html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-length: 0\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/b0a7532ac8ec/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9ef38a384c7256b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26560,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-24T10:19:26.845862Z","times_seen":14139900,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/BCKR%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/powered_by_meta.png","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /BCKR%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/powered_by_meta.png HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NLvXFS%2BphtqbUixBNcnNAUvMN8V1loX0eZi%2Bb1sshabo8z%2FAiu6iTS%2FhNJzRrYLDpUNtrEYswTH8gSUQMmyp18XSqCHU15e7%2BTkrgHg9zvIZHWsJ20wwd19L5TnssHWLcFKuLmOT7w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ef38a348f0d56b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":267,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"6b522a4c7fec4ce0f6e16d8d649c1218","sha1":"53c36cbd1fe6da2588958ec42c24b1100ffb2c1d","sha256":"3b9e1e4ccdfb763b900c16f6680801c8468d27fc22fa37fa71576142ef4c6b46","sha512":"d79f2ac780c1868ad16182a2f69204e56bd1ea9544d08643ccc1f2b1c27374b580a7b23a848dae3416a3677a016c0edfb65b44d469b524ec8dfbb554f053e8b7","ssdeep":"","tlshash":"76d02b9d904323a6081224903ac111c2628812ef647e81e82d86d487525c63dccd92ad","first_seen":"2026-04-20T10:42:31.433859Z","last_seen":"2026-04-20T10:42:31.433859Z","times_seen":1,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://asteroid-rewards.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 22:33:37 GMT\r\nexpires: Thu, 15 Apr 2027 22:33:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 389304\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-24T10:21:04.088635Z","times_seen":153836,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":147,"dns":1,"connect":7,"send":0,"wait":8,"receive":4,"ssl":136},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://asteroid-rewards.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 22:33:37 GMT\r\nexpires: Thu, 15 Apr 2027 22:33:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 389304\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-24T10:21:04.088635Z","times_seen":153836,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":111,"dns":0,"connect":21,"send":0,"wait":8,"receive":4,"ssl":88},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://asteroid-rewards.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 22:33:37 GMT\r\nexpires: Thu, 15 Apr 2027 22:33:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 389304\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-24T10:21:04.088635Z","times_seen":153836,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":62,"dns":0,"connect":7,"send":0,"wait":10,"receive":10,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-20T10:42:00.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:00 GMT\r\ncontent-type: text/html\r\nlast-modified: Sat, 18 Apr 2026 14:42:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Foh19%2Bry2LJ4hmCJ%2FsZriBKkGxfjeUWA5x0EY1lb76SLwDa1ftlWZPt0KdNn9yiyZRCX%2BlMf7pfzd30IEoXE2HEiqWcDkV0r8mBPInuGfcNtp24Cs%2B%2BfYyqUAebskd7ReafHv%2Fchnw%3D%3D\"}]}\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ef38a328df423eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":126505,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7740)","md5":"340e29b5f5fd978d5e6e5ccb024d49ba","sha1":"db51bbc61c2b0f11c4ac1a8b53c4d88c9dff7104","sha256":"cd450ed61fe1c46e0803decdd66a98fe9f3ff242f1e67210a7d1922866e9a92c","sha512":"dade4b5af21326e2f5642f3edeced57ff1b2a32ba75f903a18eab197a19c10b274cfaaad0b1f14c9772fa8579e340ad95a9a3e8a4848f4ab9144123a4586995f","ssdeep":"768:/2zaV+txx/GdXor3dlB/ioD2L6Ujw3Vv8ZvRujjUPEJfJmrzyFAgFvqU3rwIC43w:/2cs/GZoBl8Gc9P2JJlcE1TwBzDz","tlshash":"d7c3831bb9904218790381ba1dff7b5e3935a0074d84ef9bbdcd2560df8b2a3e891764","first_seen":"2026-04-20T10:42:31.441417Z","last_seen":"2026-04-20T10:42:31.441417Z","times_seen":1,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":84,"dns":65,"connect":1,"send":0,"wait":151,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/becker-logo.jpg","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /becker-logo.jpg HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 22131\r\nlast-modified: Sat, 18 Apr 2026 14:42:59 GMT\r\netag: \"5673-64fbd14fa4aed\"\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8gFcC%2BNg0UvjPBXD5MoHpupQIGGzl%2BOUA2q4T7E7vrbQA%2Bu%2B9auQ6SEtaRJ%2FINDH0YpUcSpqMcbyxOy%2FpBYWb335Uqdpb2XBRRh0wNIhbkmB3%2F7j%2BNTAPZEwKWvJ2y%2FjkaYhrfidxA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef38a347f0556b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22131,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 400x400, components 3","md5":"990d6247eecdae8236ce1c549fa3bda2","sha1":"6efae4380aa6fe0586263dea7a90d252a07d1ec3","sha256":"f02c7b07c5e00454f8ff030288c49ef86138201919bb65d4985f2976c562fdb2","sha512":"d886665b50dfc4e9a3ac32b6311298f55807cbbd0fa8ad1fe5e7f40979149110d4e5c722115223bbcf8a877030e0c67e85ebc0bfde2da7e8626ac7a04994d0ed","ssdeep":"384:jOyeLFO4k3eNoOXj+vEEhvSOcPmoqZpH1vNxyTO1i13B7SEqyQf0TPrkAf2RbdoD:deAu2OXqsEhvSjmhZpHdOh1xBQsTPoAn","tlshash":"2ca2d07b0e9a5313daa51d36b7ca8704de68bcabd1019b3722d129661b7c0c4ce21ec7","first_seen":"2026-04-20T10:42:31.443033Z","last_seen":"2026-04-20T10:42:31.443033Z","times_seen":1,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/123/jquery-3.6.0.js","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /123/jquery-3.6.0.js HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Sat, 18 Apr 2026 14:42:23 GMT\r\netag: \"491c5-64fbd12da0bfe-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HBqtjI6MEoSpGqdhIy07f978lpi1CTxg6MXdr46rSlejrq6ylQWmoVibiGhemgqCJV0K%2FaKrPR5rf3KE3veXiIkbFBHoF%2FOf1BYQTgUuiw9rVdUyNIWUe7Vr2wsYsfgZltr1jtPoLw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef38a348f0856b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":299461,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"8a750b5e10f34fe9be3d2b152dd12aa4","sha1":"4c7631e6cb74b97f42f146067ffc24c47b329763","sha256":"29223fdf1c42ac27b10aea5dcd02513f507a22a83ed8d03e5f6bb7f1c41daaaf","sha512":"0e003607f4ed747440d2d38b09a30a8fcb9d6dcc65f80ef56abf712674eb83592f45a4bc41d8a136350796a0b0f5cd972f9ca8b45516794644636f4385ec2ffe","ssdeep":"6144:9aaKxfbLY8Cv4okFFmwiFbP6s3JdB/HD0KUWrE4/Xp89ZwvY1Z5COsi2+pHeJwn1:FOiFbP/j70KUWrE4/589jjbvHeyb7PV3","tlshash":"f054b4d9734f116f4ba233aae43b5149ff7dd1b0520550acb58d997c24a081883bafbe","first_seen":"2023-03-07T12:22:54Z","last_seen":"2026-04-23T22:51:26.856749Z","times_seen":2018,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/123/index_1.html","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /123/index_1.html HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: text/html\r\nlast-modified: Sat, 18 Apr 2026 14:42:22 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BCoslMiNH2mONenUSJbpp%2FrecgwJRYb%2FmW8j%2FConVLM0SnA68qozDiBv5n9DdqKDNeNmW6BITcyZv%2FToONdEhedQxgf6%2FMoR9aZjytgCuHKDdCxRdyXeBZfDLnzDbF%2FO5MBge09ZHQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncf-ray: 9ef38a36daa856b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1510,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (1431)","md5":"7ac863c20d80c754ff2fdf93ca02c1b1","sha1":"ebbec8729a0a4183f564ddfa1624ab4cd89429bd","sha256":"c350fa88b72d686b998af69bcc3a95567d0233a8478c39c0e7ee10a664aaddd9","sha512":"3a0af7592404e133ff8608a0150d0654263a4f136e969b182bc5e0450f4b6a5207e1d0909fa271508a4de07d1ff70f3e55f32d290403f15d7fd160fa5c283efc","ssdeep":"","tlshash":"613185b67e1950308695618631bef36c38329224ba029040c2ece878cd9cfd718afdbd","first_seen":"2025-08-14T22:48:24.824269Z","last_seen":"2026-04-20T10:42:31.445173Z","times_seen":61,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/ber2dd0nj.php?m=2961136","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /ber2dd0nj.php?m=2961136 HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://asteroid-rewards.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\ncache-control: public, max-age=300\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ODPJomgC76WkxIlKthdgX29YxPycgXZEWpcom9LyVMMI65QiOLB72C45i51Rj8gkzpTW7Bc0bT6kzqp52gRjnIepgJllhVqpzLjdT7e%2BOTJ8ymgilzBqku0R%2BhLTfKBjkE5AGv6zYQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef38a382c4356b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3338629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"37d094b800faa461582269f8151c46a4","sha1":"ad6b4954b313cafef94c15b7cf116e818be914e7","sha256":"c7475dc8a5447f09747696a98467d17bb8137bd5f83f23cdcfd7064fada808f2","sha512":"715631d1ed890e0ffb7a5ed8be660fd6bfcdce924ce8c702e8053f6b6b110d90de7ded099f5edf3b1a7e3df6ff430f366344076db66823182d5163f760badbf7","ssdeep":"24576:4yjCq4rCMBZ849RxN4soD5JaHTRsq4BZnpxFkTW:4WdMhfxNeeHFVi8C","tlshash":"412523849c4b51b6870827a6b0f74e0f66a06f4649d952cfe918cd8136fefb0c2cb55e","first_seen":"2026-04-20T10:42:31.445762Z","last_seen":"2026-04-20T10:42:31.445762Z","times_seen":1,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":313,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/BCKR%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/powered_by_meta.png","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /BCKR%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/powered_by_meta.png HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FPQc4c5Qco56UTsTnKZ1%2BZx4HNC6CXRS6GR9ywWut8n69j%2FIGlnu4aFuSgqt0ZRkAWJQZsx%2BD8Mf8fZfo%2F2I8x%2BvOHUXl%2FqvYUo0wyHj9WZshsSLOUc9pQNWuIDSoKt6kZPev9M9Xg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ef38a36ead456b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":267,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"6b522a4c7fec4ce0f6e16d8d649c1218","sha1":"53c36cbd1fe6da2588958ec42c24b1100ffb2c1d","sha256":"3b9e1e4ccdfb763b900c16f6680801c8468d27fc22fa37fa71576142ef4c6b46","sha512":"d79f2ac780c1868ad16182a2f69204e56bd1ea9544d08643ccc1f2b1c27374b580a7b23a848dae3416a3677a016c0edfb65b44d469b524ec8dfbb554f053e8b7","ssdeep":"","tlshash":"76d02b9d904323a6081224903ac111c2628812ef647e81e82d86d487525c63dccd92ad","first_seen":"2026-04-20T10:42:31.433859Z","last_seen":"2026-04-20T10:42:31.433859Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://asteroid-rewards.xyz/123/index_1.html","date":"2026-04-20T10:42:01.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-length: 0\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/b0a7532ac8ec/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9ef38a37fc0856b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26123,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-24T10:19:26.845862Z","times_seen":14139900,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/123/styles.css","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /123/styles.css HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 18 Apr 2026 14:42:38 GMT\r\netag: \"75670-64fbd13b1be45-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pyTBM1Tl%2Bi4we%2Bv7bzBUip4oZuatSYTBYwg06HaADRb1yQ4iTEuffQI%2BoicWoXSNbVWAdCP%2BGKLHgnSFEySIlcnAjM%2FfWdJH9qbYN15WHVrgsKE4kvNzAkhmdOZgK60SiDEiN6OV6A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef38a346ef656b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":480880,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20196), with CRLF line terminators","md5":"04571f9334a9ec7d194aadf0619b97b0","sha1":"217028f2a47144021542a5bd3da227fa6b95c238","sha256":"5170301acec4e30a994bdbb46e99ab410f0e3203e629b4ec775a2c05000a65c0","sha512":"1497f5dfa87505a51e50f9d66da6975dffa8f01d5da34f27f4fc07dbf98f76a2593578556cff347cc863dd66824ba2f3a2f4c6b8d1866bdf543b731bfdddfa58","ssdeep":"6144:/S6XuVsQboD9yIyYMN6el5gTVyF24buT+:TeWQbo5y0MoeTgx/T+","tlshash":"c9a43b295a111512b733cb3c2bfd5244f7944817ee8349bd7add1a808ff21b8b962e8d","first_seen":"2024-09-20T21:38:21.078438Z","last_seen":"2026-04-20T10:42:31.447044Z","times_seen":71,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/b0a7532ac8ec/main.js?","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://asteroid-rewards.xyz/123/saved_resource(1).html","date":"2026-04-20T10:42:01.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/b0a7532ac8ec/main.js? HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://asteroid-rewards.xyz/123/saved_resource(1).html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9ef38a385c7d56b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26560,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (26560), with no line terminators","md5":"e4adc83cef95ac963d3a406d8bcb5927","sha1":"484544ada0563ca735a7f2b0081c44d336ec1373","sha256":"5caa528da6a69231ef4bf33bfd7ca43fd2bd40085af605a6015c81a165d87d78","sha512":"83e651c10e6aa01bc56008f65d7b4e896ef202852bb467df8b52722312ab691119d4a4b341014b83dd5deba7bbc4d4f766c69e9d81df515ab431c87cfb66ceb5","ssdeep":"384:r4T67ahSdIXPgXicSa/bMGatpc87c+EKhawpcL4jbg2bbQfp+Ml06pUIjstQ01+e:r4T6d+xEbMG828gWaSng2bOpeajS1Wap","tlshash":"6ac2c8ca70d6b31d47696c78203731eab6fa7d95280848fec521fae4b87474468b7e4c","first_seen":"2026-04-20T10:13:43.589894Z","last_seen":"2026-04-20T10:42:31.447648Z","times_seen":3,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 20 Apr 2026 10:42:01 GMT\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-04-24T10:05:54.245859Z","times_seen":22487,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":69,"dns":1,"connect":7,"send":0,"wait":19,"receive":0,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/123/toastr.min.js","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /123/toastr.min.js HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 2194\r\nlast-modified: Sat, 18 Apr 2026 14:42:38 GMT\r\netag: \"15a8-64fbd13bb14e0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5r5Tjayw9JOVrQvJ7L338aHgpEd8Dn5HZtfhVUUJx0%2FkzFYYmVMo4B3n9kVUO80bJIY3DmAu9lE8UvDDy7RSIC2XA4mYEFDQ6rtp72YhHVX1CnhVdlbMzbw25B8VR7LWY8gYE2X%2BNw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef38a348f0b56b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5544,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5215), with CRLF line terminators","md5":"1515ed21d8bd30ca0fae0970f85a7fb3","sha1":"b7808c728fe5fcf884620df5e2154ce988e920c7","sha256":"f2bb0e8511764611ff0081b549ff188c326c7376bf86e28513782b0a48f9c7aa","sha512":"38ba3736b75c78b1c2149cc18022eb235144c162d3fd9d817318e05be6359e7d192fe81b0546b54bd4e9ab56c601c1b87d7b152dfdef3c4646e6a342e7a3f6dd","ssdeep":"96:IVkLdCZR1JHduRv75dR+FIEHXX9oxNDP9mA1UZsEyHGJAcCwV02UfrwH:ekL4BtcvvRqIQcNa74ccrwH","tlshash":"09b19384b220bb8b6b731169919f144b937673b2ccce55007639a5987e7082c97b7fdc","first_seen":"2023-03-07T13:20:43Z","last_seen":"2026-04-20T10:42:31.449322Z","times_seen":425,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/BCKR%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/sprite.svg","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /BCKR%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/sprite.svg HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gem28a6jikXqn2NN%2F1B1UgCgKOgtgWGVm62kHC0XKjnyGgtBY9mOjH6CY%2B5SAKjzWNOp1vXZ5%2FvCUp%2BA5cvq0Q0VJ38REh8ZYTTRJtYkznXj1zMFJeMAF1jXI6iqIK1Fyjdnx8hVmQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ef38a36ead156b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":267,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"6b522a4c7fec4ce0f6e16d8d649c1218","sha1":"53c36cbd1fe6da2588958ec42c24b1100ffb2c1d","sha256":"3b9e1e4ccdfb763b900c16f6680801c8468d27fc22fa37fa71576142ef4c6b46","sha512":"d79f2ac780c1868ad16182a2f69204e56bd1ea9544d08643ccc1f2b1c27374b580a7b23a848dae3416a3677a016c0edfb65b44d469b524ec8dfbb554f053e8b7","ssdeep":"","tlshash":"76d02b9d904323a6081224903ac111c2628812ef647e81e82d86d487525c63dccd92ad","first_seen":"2026-04-20T10:42:31.433859Z","last_seen":"2026-04-20T10:42:31.433859Z","times_seen":1,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/becker-logo.jpg","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /becker-logo.jpg HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 22131\r\nlast-modified: Sat, 18 Apr 2026 14:42:59 GMT\r\netag: \"5673-64fbd14fa4aed\"\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=30B53BRLDxK9fNlKLNkfZkq%2FtOsjrp6xOfcN1Wm1Z6WLlLg9%2BvistIeu%2Fw4720tkiJI5pZ1%2BLJl53j1MQxUpe5%2BUFTP%2BZKFP80rt%2BbSllJ3Zbusxkkm6UniP%2BXaAkxhpEhHJATt9zw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef38a379bb156b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22131,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 400x400, components 3","md5":"990d6247eecdae8236ce1c549fa3bda2","sha1":"6efae4380aa6fe0586263dea7a90d252a07d1ec3","sha256":"f02c7b07c5e00454f8ff030288c49ef86138201919bb65d4985f2976c562fdb2","sha512":"d886665b50dfc4e9a3ac32b6311298f55807cbbd0fa8ad1fe5e7f40979149110d4e5c722115223bbcf8a877030e0c67e85ebc0bfde2da7e8626ac7a04994d0ed","ssdeep":"384:jOyeLFO4k3eNoOXj+vEEhvSOcPmoqZpH1vNxyTO1i13B7SEqyQf0TPrkAf2RbdoD:deAu2OXqsEhvSjmhZpHdOh1xBQsTPoAn","tlshash":"2ca2d07b0e9a5313daa51d36b7ca8704de68bcabd1019b3722d129661b7c0c4ce21ec7","first_seen":"2026-04-20T10:42:31.443033Z","last_seen":"2026-04-20T10:42:31.443033Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/b0a7532ac8ec/main.js?","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://asteroid-rewards.xyz/123/index_1.html","date":"2026-04-20T10:42:01.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/b0a7532ac8ec/main.js? HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9ef38a382c3b56b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26123,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (26123), with no line terminators","md5":"a5f8b1e9a5881e5ffd4062369b171f7c","sha1":"c72eeaed72f10ac27b6c5a03af30776f0b4d2bff","sha256":"47823f973573ae331e2a7388645426845adf63fa60defb136a4550a04ebf9c4b","sha512":"a2f66bb86fb629b486abe597f47a7c1deb643d41ae3474a31f05448de24c4fa248bc0f61cd4bdf5d57d7823a278a1f2521b80a481420767fd3bac166f80fb3e4","ssdeep":"384:LdR0XF1lxTD5KCQtFdWdLrl6jK5UW1C4dTg5iu9slgJ9FSTW1ICAq9vmy8I2pB:ZqXFXxT9KIdvgL3qKKlgJXoq9Z8pB","tlshash":"70c2b59e74debc7843666c79205721cb697e6cc8204c8e15d221c8f8bd76748d8a7edc","first_seen":"2026-04-20T10:42:31.450028Z","last_seen":"2026-04-20T10:42:31.450028Z","times_seen":1,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/vue-common-6.4.8.min.js","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /vue-common-6.4.8.min.js HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 19270\r\nlast-modified: Sat, 18 Apr 2026 14:42:16 GMT\r\netag: \"10e3a-64fbd1264ebe0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FxSuGPemuFAcZmCrqJ1tQ%2BEdrP%2BFvy%2BZnkeC1RrqPue1S9MTTwWhhZp1naLn0L8d84oB6rBwULC%2FNda6bV6CuVZhu%2F%2BeofPGZv%2BvQ%2BA0zSuEVjFCb3HiR736c2UXpOoOlVScEiTE%2Fw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef38a346ef456b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":69178,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"36b183c3a0a2da89da3d826fe6a363d1","sha1":"68d9824d26feb1767d8e2454d9bc3e7e113dc373","sha256":"c9306b6e0ec2e7c030b8af220f90b53ae2b59b1a662bf5b7bd20977f915a2259","sha512":"8fab0a9f80110938d9149cbf628b4eeaa32f61236df97619d8944b48f36f06e2977486ecc16bc24e02596779d033fb99e211cc37da2f0f529d20ec9dd38bb0bb","ssdeep":"768:6l+bNcOQOcAuRiyctFPVMXLpKWy0HjYhA4K8O/aqYUb4izwfzv83fAyUEEAJ1lcN:RcAm/ctFdcVKGjYLKj/YDGgL5","tlshash":"2c63d6d9691bd0e99d1220dee833e909e4284a63cdadf1a3e67cddc0745df22849317b","first_seen":"2026-02-08T14:14:19.874016Z","last_seen":"2026-04-21T11:16:33.314728Z","times_seen":8,"resource_available":true,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/123/css2","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"GET /123/css2 HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-length: 306\r\nlast-modified: Sat, 18 Apr 2026 14:42:19 GMT\r\netag: \"975-64fbd129d3200-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BpVrsGKK2zkB0gCYBnCHmPOG7uQI1pr%2BsKhV3LrTEltNWxhHh%2FbgcxJ5Z5Wzj%2Fl%2Fuwx2CpX%2FI%2F017Aswygf4awG7ztWEr6YTma%2Bm4fTYcZghUQYlv9aIaWsD%2F2u3VGBxz%2FRaXikdBA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef38a346ef756b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2421,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"76f22153936cd2ad991a8b3ea1a54bef","sha1":"16a70c1b29e1e785304a9b2a472869a0b82c6aaa","sha256":"b2496332946c927a94fc39416689274494bdd099d22a1246dc6322197e0bcec1","sha512":"45301878f0ee2b258360914299d9a48c5c1838b1187ad0755b5b93214f469aae91006374f2208a27bb7e58843549e9cc2d7d37b1ef401b03db0fc62e6d3f10c9","ssdeep":"","tlshash":"fb413676400a8192cb645da877ca7f0c0acf21644ba0c06fbb710c6abac67359b49f8d","first_seen":"2024-09-20T21:38:21.070863Z","last_seen":"2026-04-20T10:42:31.45397Z","times_seen":21,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asteroid-rewards.xyz/secureproxy?e=jscdn/getFile","fqdn":"asteroid-rewards.xyz","domain":"asteroid-rewards.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://asteroid-rewards.xyz/","date":"2026-04-20T10:42:01.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asteroid-rewards.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 11:48:26 GMT","end":"Fri, 17 Jul 2026 11:48:25 GMT"},"fingerprint":{"sha1":"3E:AB:35:A6:4E:C5:2B:26:03:57:1C:F1:AA:9F:64:41:4E:E1:10:FB","sha256":"A3:60:2A:8C:94:E9:E8:82:49:D5:33:C7:F5:EA:8D:B9:D8:A6:7E:09:81:F7:93:79:51:A5:B1:22:64:AE:E8:DC"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: asteroid-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://asteroid-rewards.xyz/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://asteroid-rewards.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"48ukvdhqp4ejn36j0vyr\"}"}},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 20 Apr 2026 10:42:01 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A7CIpp%2Bp2Y4sjXdPgX6lkFspQSbJvEuqyOLSKTn0EIqbhNWHqvDAkru4fjKJKEbkIHXcXVmH%2BiKOar8T2C2DlgKEhsWFHeWDMAs3JbxdcUVkrXdHz4R0I3XXeJDK0RLi7dxBfCQzVw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ef38a375b5c56b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":267,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"6b522a4c7fec4ce0f6e16d8d649c1218","sha1":"53c36cbd1fe6da2588958ec42c24b1100ffb2c1d","sha256":"3b9e1e4ccdfb763b900c16f6680801c8468d27fc22fa37fa71576142ef4c6b46","sha512":"d79f2ac780c1868ad16182a2f69204e56bd1ea9544d08643ccc1f2b1c27374b580a7b23a848dae3416a3677a016c0edfb65b44d469b524ec8dfbb554f053e8b7","ssdeep":"","tlshash":"76d02b9d904323a6081224903ac111c2628812ef647e81e82d86d487525c63dccd92ad","first_seen":"2026-04-20T10:42:31.433859Z","last_seen":"2026-04-20T10:42:31.433859Z","times_seen":1,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"asteroid-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"presale.alexbeckertoken.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"presale.alexbeckertoken.cc","domain":"alexbeckertoken.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://asteroid-rewards.xyz/123/saved_resource(1).html","date":"2026-04-20T10:42:01.647Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: presale.alexbeckertoken.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asteroid-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-24T10:19:26.845862Z","times_seen":14139900,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}