{"report_id":"65d9274f-9a5b-47cf-b5a8-e1adae3a2d3e","version":0,"status":"done","tags":[],"date":"2026-07-03T05:20:52Z","url":{"schema":"http","addr":"rewards-user.online","fqdn":"rewards-user.online","domain":"rewards-user.online","tld":"online"},"ip":{"addr":"172.96.187.51","port":0,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"rewards-user.online/","fqdn":"rewards-user.online","domain":"rewards-user.online","tld":"online"},"title":"Welcome To Hosting With Hawk Host!","dom":{"size":32113,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (529)","md5":"008722a4bfb3a0cce968d337594767b4","sha1":"4f2ea717c51bad8f2c09e6880873d9c73d98b301","sha256":"4d61c67edbc7965164c8951754a1a9e85c0a9c32ddd4def782f03b35ea03b285","sha512":"60a4adb17de7ed45aa11758fb6bb905e761a0c5c06b73ec1def321834c9b8bbf853f87500ec78f2cd5c6ab38ef94bdb33fe7ec5001b97bfac23628f231d6c2e3","ssdeep":"384:1w6rmD7KgW3MXW7juyLw971TnznXcGNpFvxu4b0/OdMnlP:G7KgW3WIuyLw97pndF5u4o/OdMnlP","tlshash":"33e2a4175e9119321602446037caa1c7b311912f9a4afceffd9c43f8cf49b5a5ab27ca","dom_hash":"domhash3c1c0ecc8f28bcd8a6d2be2ba2e9b7ca","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rewards-user.online","fqdn":"rewards-user.online","domain":"rewards-user.online","tld":"online"},"ip":{"addr":"172.96.187.51","port":0,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-07T05:20:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-28T22:22:13.875484Z","alert_count":0,"request_count":1,"received_data":18066,"sent_data":516,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.hawkhost.com","ip":{"addr":"104.20.2.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2006-01-26","domain_rank":0,"first_seen":"2012-07-17T06:55:19Z","last_seen":"2026-06-26T23:14:27.11473Z","alert_count":0,"request_count":2,"received_data":28803,"sent_data":1100,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-28T22:19:26.805281Z","alert_count":0,"request_count":3,"received_data":147399,"sent_data":1737,"comment":"","tags":null,"fingerprints":null},{"fqdn":"rewards-user.online","ip":{"addr":"172.96.187.51","port":443,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"domain_registered":"2026-07-01","domain_rank":0,"first_seen":"2026-07-03T05:20:52.843076Z","last_seen":"2026-07-03T05:20:52.843076Z","alert_count":0,"request_count":2,"received_data":33756,"sent_data":1002,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rewards-user.online/","fqdn":"rewards-user.online","domain":"rewards-user.online","tld":"online"},"ip":{"addr":"172.96.187.51","port":443,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"889b2657d5a2565bfda2cdee34d42c25","sha1":"fdb116f2c321c5190e1840e1c35f8b5449224dac","sha256":"26b27d8a33e7e6081519cc0ed54ef0c0ad889900cc51da62a30269665056c47c","sha512":"3dddd52c40949e8102d14555de7c1e3bfad8ab46b909fff779fe8941daff1b815872371d265dd35d32632fcb857f444389bd257e6650bf294bac9b0e963e5117","ssdeep":"","tlshash":"93c08c8b604b5224269bf030026a4f23343008192a419235781ca2906fa8c8020199ec","size":153,"data":"","first_seen":"2026-06-09T02:05:34.839079Z","last_seen":"2026-07-03T05:20:55.123696Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans:400,700,800","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rewards-user.online/","date":"2026-07-03T05:20:27.107Z","timestamp":1783056027107,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:02 GMT","end":"Mon, 07 Sep 2026 08:41:01 GMT"},"fingerprint":{"sha1":"FD:DA:E1:3E:1F:AC:E0:96:14:ED:37:58:30:0F:ED:9D:B4:5E:F1:EF","sha256":"7D:36:0C:A4:14:F6:05:8D:F4:E1:CD:BF:84:A7:03:AD:3F:C4:93:AE:B3:D6:7E:99:CB:92:D7:1F:29:A1:49:A4"}}},"request":{"raw":"GET /css?family=Open+Sans:400,700,800 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-user.online/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 03 Jul 2026 05:20:27 GMT\r\ndate: Fri, 03 Jul 2026 05:20:27 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17382,"size_decoded":2421,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"3005c84a81b99f9d4d748359516d5bc4","sha1":"e1612f2f6c75a3259d0ea10257d653f9b07b4ecb","sha256":"75362ae346577df05e9a8086b2ce3aa3edc408ca388bc261a2fade26735cf03f","sha512":"bae24d93ad61dad6ca27be09d1ca487971fad2526a93756c65d90dbe82fa4400b2d03998c12e577a54f1b64d7595a97d7998546ce2e01998b726acae7bf9cda5","ssdeep":"192:wCAAN21/rqbnbqGIwV4Razq4CZZE2s6rqmnbqGIwV4YfzvNC88x2JDrqHnbqGIwd:TjXqY4nU8qY4FX7qY4o","tlshash":"35722aa00027185067431de623de7e34ee0fa2657048d0766bfd8b9beedad6963b431d","first_seen":"2025-09-19T12:10:45.414505Z","last_seen":"2026-07-03T13:12:44.617551Z","times_seen":579,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":2,"connect":15,"send":0,"wait":32,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hawkhost.com/img/logo.png","fqdn":"www.hawkhost.com","domain":"hawkhost.com","tld":"com"},"ip":{"addr":"104.20.2.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-user.online/","date":"2026-07-03T05:20:27.113Z","timestamp":1783056027113,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hawkhost.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Jun 2026 18:14:04 GMT","end":"Sat, 19 Sep 2026 19:13:59 GMT"},"fingerprint":{"sha1":"BE:01:98:FA:E2:EB:4E:4F:74:F5:8E:08:C9:F1:AA:2D:F9:72:24:79","sha256":"BF:34:B0:93:8A:1E:70:4D:BB:DE:5B:46:05:19:6C:32:98:63:5D:72:95:CC:75:AE:BB:4E:AD:36:41:E3:F7:63"}}},"request":{"raw":"GET /img/logo.png HTTP/1.1\r\nHost: www.hawkhost.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-user.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 03 Jul 2026 05:20:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 27480\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\netag: \"88fdc8af4c320c09f54547b62d909c56-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=0; preload\r\nx-frame-options: SAMEORIGIN\r\nx-nf-request-id: 01KT726SX3CXGF6MSSEEBA7J07\r\ncf-cache-status: REVALIDATED\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\ncf-ray: a15370fdbdbc76ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":27480,"size_decoded":28020,"mime_type":"image/png","magic":"PNG image data, 219 x 87, 8-bit/color RGBA, non-interlaced","md5":"b53d5f0d3683354e889b353e2e66e711","sha1":"b436536c4565442adcfff037be6f1d23aff9cb93","sha256":"e234dcadc36c9a79d878c840c6eafc773908aa6bf27cff8bf94d6d22d6c70282","sha512":"1c675a73557d60dfdc8dbece634593b72f12d396575479012de6db374f86fd7b1c7715b6d7f73d1f157d78bc416cdf312e639563900bbbcffe175366e8d21185","ssdeep":"384:yQcq88Aj8EAnm26+okXqNkN85frc15t3FFMhz8Bd+NmR4QnN8t7VoZx:yvVANJXqDc7tvMhz8acQ7VS","tlshash":"29c2e132a133c9a1de7d96e33624cd1e4405a3a279f707513f0da9b279d8b14758c1be","first_seen":"2025-09-29T15:54:36.36123Z","last_seen":"2026-07-03T05:20:55.118379Z","times_seen":21,"resource_available":false,"data":null}},"time_used":3323,"timings":{"blocked":77,"dns":0,"connect":28,"send":0,"wait":89,"receive":0,"ssl":3128},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-user.online/","date":"2026-07-03T05:20:27.227Z","timestamp":1783056027227,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://rewards-user.online\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 26 Jun 2026 18:12:11 GMT\r\nexpires: Sat, 26 Jun 2027 18:12:11 GMT\r\ncache-control: public, max-age=31536000\r\nage: 558496\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48320,"size_decoded":49133,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-07-04T05:29:22.672979Z","times_seen":299030,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":0,"dns":2,"connect":32,"send":0,"wait":18,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hawkhost.com/img/bg-banner-bf.png","fqdn":"www.hawkhost.com","domain":"hawkhost.com","tld":"com"},"ip":{"addr":"104.20.2.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-user.online/","date":"2026-07-03T05:20:27.231Z","timestamp":1783056027231,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hawkhost.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Jun 2026 18:14:04 GMT","end":"Sat, 19 Sep 2026 19:13:59 GMT"},"fingerprint":{"sha1":"BE:01:98:FA:E2:EB:4E:4F:74:F5:8E:08:C9:F1:AA:2D:F9:72:24:79","sha256":"BF:34:B0:93:8A:1E:70:4D:BB:DE:5B:46:05:19:6C:32:98:63:5D:72:95:CC:75:AE:BB:4E:AD:36:41:E3:F7:63"}}},"request":{"raw":"GET /img/bg-banner-bf.png HTTP/1.1\r\nHost: www.hawkhost.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-user.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 03 Jul 2026 05:20:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 245\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\netag: \"d9d0a15fe8ad7f26a7344b40bb7f699b-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=0; preload\r\nx-frame-options: SAMEORIGIN\r\nx-nf-request-id: 01KT726T25JR5H057CWQVMB6GN\r\ncf-cache-status: REVALIDATED\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\ncf-ray: a15370ea490d76ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":245,"size_decoded":783,"mime_type":"image/png","magic":"PNG image data, 38 x 38, 1-bit colormap, interlaced","md5":"8a37807aa21036d9785f5a236d370da1","sha1":"7c29039288632993bba053c6f838bcd7d98002ab","sha256":"6b34503940c26c8a9ce602d466af30144c9ddff80b3d99e1ee5e141cf2162247","sha512":"6805c3ecf87395ff36c1705088558497ca6aebf4e77c468d16d6582bb3373531a329c493fc476b9eb9cef5f97b829cf77108ae42c71afe55809802c5c06a890c","ssdeep":"","tlshash":"7dd097c2227c9c03f44a8b7341ae0983c458467d8342d43e18acd0aee843b00a66f3df","first_seen":"2025-12-18T01:42:38.423142Z","last_seen":"2026-07-03T05:20:55.120649Z","times_seen":21,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":1,"dns":0,"connect":1,"send":0,"wait":130,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-user.online/","date":"2026-07-03T05:20:27.238Z","timestamp":1783056027238,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://rewards-user.online\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 26 Jun 2026 18:12:11 GMT\r\nexpires: Sat, 26 Jun 2027 18:12:11 GMT\r\ncache-control: public, max-age=31536000\r\nage: 558496\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48320,"size_decoded":49133,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-07-04T05:29:22.672979Z","times_seen":299030,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":28,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewards-user.online/","date":"2026-07-03T05:20:27.240Z","timestamp":1783056027240,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://rewards-user.online\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 26 Jun 2026 18:12:11 GMT\r\nexpires: Sat, 26 Jun 2027 18:12:11 GMT\r\ncache-control: public, max-age=31536000\r\nage: 558496\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48320,"size_decoded":49133,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-07-04T05:29:22.672979Z","times_seen":299030,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":19,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-user.online/favicon.ico","fqdn":"rewards-user.online","domain":"rewards-user.online","tld":"online"},"ip":{"addr":"172.96.187.51","port":443,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewards-user.online/","date":"2026-07-03T05:20:27.490Z","timestamp":1783056027490,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rewards-user.online","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 18:38:53 GMT","end":"Tue, 29 Sep 2026 18:38:52 GMT"},"fingerprint":{"sha1":"6B:74:9F:F3:40:6B:DE:6A:24:AE:1F:66:2F:99:31:00:B3:2E:AB:50","sha256":"32:D5:D6:E0:0D:B8:55:C8:EC:D4:25:65:30:68:70:EA:D4:F6:E3:EE:28:89:1D:D8:02:A8:43:06:A1:14:3F:EE"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: rewards-user.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rewards-user.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 796\r\ndate: Fri, 03 Jul 2026 05:20:27 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":796,"size_decoded":1181,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"265e51037981a14ed99a5fc8c5ec1b51","sha1":"d12ac588953298fdaf46dd5b4af8eb4cf6b06f0a","sha256":"c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400","sha512":"b18aa610811c5f9bc1dd829ad90a95568e81a41e1fd1472983dc00147f65045fd91fbc498b5263ce4f4c88b041be21f186ed2ce357d3bcf86c0429ca18991151","ssdeep":"","tlshash":"1101f12ac182a80fe0231070fa91e37451594212629b4f647b9ff676f6ce1ab56b22cc","first_seen":"2024-02-05T05:35:22Z","last_seen":"2026-07-04T05:27:11.466531Z","times_seen":51234,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewards-user.online/","fqdn":"rewards-user.online","domain":"rewards-user.online","tld":"online"},"ip":{"addr":"172.96.187.51","port":443,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T05:20:25.909Z","timestamp":1783056025909,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rewards-user.online","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 18:38:53 GMT","end":"Tue, 29 Sep 2026 18:38:52 GMT"},"fingerprint":{"sha1":"6B:74:9F:F3:40:6B:DE:6A:24:AE:1F:66:2F:99:31:00:B3:2E:AB:50","sha256":"32:D5:D6:E0:0D:B8:55:C8:EC:D4:25:65:30:68:70:EA:D4:F6:E3:EE:28:89:1D:D8:02:A8:43:06:A1:14:3F:EE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rewards-user.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/html\r\nlast-modified: Mon, 25 Sep 2023 13:53:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6906\r\ndate: Fri, 03 Jul 2026 05:20:26 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":32146,"size_decoded":7335,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (529)","md5":"bc7ab27219c9238172ba79c541db3e33","sha1":"fa1ddb9b31ec6d1081eb0b65436070944aa7b959","sha256":"0ddc64fe241323741bd8d4d88a73722c492a99e473c750900ee6412f71256600","sha512":"3671e5a46a4ca18bb249358e94868092e45f822213022cd167c07b3ce7b33c53c5d432a4ef739fd0fe123c39a1c919db6f0167dfd1b70cdaf3d5a6c653653ddb","ssdeep":"384:Tw6rmD7KgW3MXW7juyLw971TnznXcGNpFIxwqbnP0Dgpld:07KgW3WIuyLw97pndFewqbP0Dgpld","tlshash":"02e294179e9119321602446037c6a1c7b311912f9b4afceffd9c43f8cf49b5a5ab278a","first_seen":"2023-11-11T23:57:45Z","last_seen":"2026-07-03T05:20:55.12266Z","times_seen":35,"resource_available":true,"data":null}},"time_used":731,"timings":{"blocked":-1,"dns":366,"connect":90,"send":0,"wait":91,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
