{"report_id":"90fc06bc-ec9e-4ba1-8cf0-623c378e7dd4","version":0,"status":"done","tags":[],"date":"2026-06-19T03:19:43Z","url":{"schema":"https","addr":"rektmoney.com/","fqdn":"rektmoney.com","domain":"rektmoney.com","tld":"com"},"ip":{"addr":"104.21.43.202","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"rektmoney.com/","fqdn":"rektmoney.com","domain":"rektmoney.com","tld":"com"},"title":"Rekt — Solana Perps, Prediction Markets \u0026 Live Trading","dom":{"size":1156755,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (62217)","md5":"d21e3f6c3ea0d8dd013dd71e913c31db","sha1":"9e47084f85a3f1fd07ef5ce30d0aa36f7ada034c","sha256":"18f7ac5a62630e01adfccf8667d61c0e5f4fd2d0476d19f3bc07c9f6bd4014f3","sha512":"b7953fe6786ffe482fd01930fc62eff74ac769901c1753a617e516d7e2e0af71e5588d8b200e73e84c40a1f2d49dd8f6cd7670842b9c384b1d2a91494f387470","ssdeep":"24576:IV+VqyPwxHGHcry1i1MKovgeHHTia24ccE:IV+Vlwxfr/1MN0cE","tlshash":"d5350218d7443fade9644c0df1b92a1dbbb1d559a034b2cfff2b3d8ba61d894122681c","dom_hash":"domhashcf1f2a3288188eb627fde0a006bd9cd6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"rektmoney.com/","fqdn":"rektmoney.com","domain":"rektmoney.com","tld":"com"},"ip":{"addr":"104.21.43.202","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-24T03:19:43Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"rektmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"rektmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"rektmoney.com","ip":{"addr":"172.67.185.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-01","domain_rank":0,"first_seen":"2026-06-19T03:16:32.38577Z","last_seen":"2026-06-19T03:16:32.38577Z","alert_count":8,"request_count":4,"received_data":1787322,"sent_data":1930,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rektmoney.com/","fqdn":"rektmoney.com","domain":"rektmoney.com","tld":"com"},"ip":{"addr":"172.67.185.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3765bf16dd3432438eebfa67a4acac29","sha1":"245f09b504515f9d45925448db3721b0ba94d379","sha256":"3835a6f8a3143f0ac6d6608a1ca5c621dce3e221f5cb3ca79fa0a18e3f2e8fd8","sha512":"4aa3b201778b38d9197714c03f6b025abf63dd0fb0e7c87435aa133a9a00f0621eb24787851528e83cd76c03028b146d890b5c13c0a2067abe722e074df62b93","ssdeep":"","tlshash":"e7c08054c5708d74450c10ea51745696f1e0796d014254cec7f8a89fd4adec107ac766","size":180,"data":"","first_seen":"2026-06-19T03:16:36.692604Z","last_seen":"2026-06-19T03:19:45.193587Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rektmoney.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"rektmoney.com","domain":"rektmoney.com","tld":"com"},"ip":{"addr":"172.67.185.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-21T07:29:51.494527Z","times_seen":374413,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rektmoney.com/secureproxy?s=%2Fipfs%2Fupgc_6wIg-yZU2DXkdzgJA6f7408be97b63c0072a1c5aab9ad3bff%3Ft%3D1781839157623","fqdn":"rektmoney.com","domain":"rektmoney.com","tld":"com"},"ip":{"addr":"172.67.185.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"af83be413225fd5b888590245779bdaa","sha1":"14c88f3fe1e401ba88560eb4df8ec4e2dd511536","sha256":"3462ee4c643923b793a8fda8adc33d5e2be2696d674fefe0bc68e378d300ad1d","sha512":"23982220e4e074cdcc1eb6bfc4bb1fd8d697e5f1fa3784d0a1b298da29f8b8454352fde524796a2b68f6068f8be17145b9e23a5c7f6439a851d7e5615ea08a1a","ssdeep":"6144:Bh5gDwQDCMEWm7ECNF0gct3VyBKbMboOeC2PYqxQWNahLYzO5WuS2KImDnyJnUCL:JswQDC6m7hFqa/J/","tlshash":"dbd4becaa73d377f5ae01aab0c2b413fefc80d1e216b09c852d1b8d9527970693d915e","size":619147,"data":"","first_seen":"2026-06-19T03:19:45.190249Z","last_seen":"2026-06-19T03:19:45.190249Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"rektmoney.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"rektmoney.com","domain":"rektmoney.com","tld":"com"},"ip":{"addr":"172.67.185.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rektmoney.com/","date":"2026-06-19T03:19:17.674Z","timestamp":1781839157674,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rektmoney.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Jun 2026 16:53:36 GMT","end":"Sun, 30 Aug 2026 17:51:52 GMT"},"fingerprint":{"sha1":"26:37:41:5B:90:20:22:77:36:C1:EB:E9:2D:6F:16:09:0E:35:21:DA","sha256":"71:D7:0D:74:39:8B:DB:B1:6D:60:AD:A3:8A:BC:6C:DD:76:2E:37:DE:54:1B:1B:2C:3F:FA:A7:30:D0:A4:BA:AD"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: rektmoney.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript\r\nexpires: Sun, 21 Jun 2026 03:19:17 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p5C6Nw%2BijQ70KpiO0%2FDX8x%2FOHKPQ7EOOPrTMyeeXwEhpnFs24Tujr%2BcGbr2o1HD%2FuVo8pfDQe8UWl4lX3QW%2Bxic31o3iyLC%2FEZgXKb7sdoIbOo3i0SFX6NDJRTrF2cZ9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ndate: Fri, 19 Jun 2026 03:19:17 GMT\r\nserver: cloudflare\r\ncf-ray: a0df642f7a8f56c6-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":1292,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-21T07:29:51.494527Z","times_seen":374413,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"rektmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"rektmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rektmoney.com/secureproxy?s=%2Fjmpd%2F","fqdn":"rektmoney.com","domain":"rektmoney.com","tld":"com"},"ip":{"addr":"172.67.185.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rektmoney.com/","date":"2026-06-19T03:19:19.827Z","timestamp":1781839159827,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rektmoney.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Jun 2026 16:53:36 GMT","end":"Sun, 30 Aug 2026 17:51:52 GMT"},"fingerprint":{"sha1":"26:37:41:5B:90:20:22:77:36:C1:EB:E9:2D:6F:16:09:0E:35:21:DA","sha256":"71:D7:0D:74:39:8B:DB:B1:6D:60:AD:A3:8A:BC:6C:DD:76:2E:37:DE:54:1B:1B:2C:3F:FA:A7:30:D0:A4:BA:AD"}}},"request":{"raw":"POST /secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: rektmoney.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\ncontent-type: application/json\r\nContent-Length: 1422\r\nOrigin: https://rektmoney.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:19:31 GMT\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\r\nx-ratelimit-limit: 20\r\nx-ratelimit-remaining: 19\r\nx-ratelimit-reset: 1781839230387\r\ncdn-proxyver: 1.57\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 204\r\ncdn-cachedat: 06/19/2026 03:19:30\r\ncdn-edgestorageid: 879\r\ncdn-requestid: c54a5b0650794e0f24281c80b47ab776\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8oUaKbwHCKqkshS8ya98HmZAmxZnYxomge0Qz23PDZbB9Rm9LN%2F9GYqkBWZ8TJ%2Byn9YWfggVYvbTofMsBfxZpjMh%2Bxiq98V5cUbEpXEAi6X7IUZYOEqbN12HaqOTkL2u\"}]}\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df643ceac156c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":3336,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-21T07:29:47.333633Z","times_seen":16602482,"resource_available":true,"data":null}},"time_used":11176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"rektmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"rektmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rektmoney.com/","fqdn":"rektmoney.com","domain":"rektmoney.com","tld":"com"},"ip":{"addr":"172.67.185.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-19T03:19:17.309Z","timestamp":1781839157309,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rektmoney.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Jun 2026 16:53:36 GMT","end":"Sun, 30 Aug 2026 17:51:52 GMT"},"fingerprint":{"sha1":"26:37:41:5B:90:20:22:77:36:C1:EB:E9:2D:6F:16:09:0E:35:21:DA","sha256":"71:D7:0D:74:39:8B:DB:B1:6D:60:AD:A3:8A:BC:6C:DD:76:2E:37:DE:54:1B:1B:2C:3F:FA:A7:30:D0:A4:BA:AD"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rektmoney.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:19:17 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Mon, 01 Jun 2026 17:57:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\nage: 191\r\npriority: u=0,i\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3SGFF4TZi0hir1WdRvXuYtAFqHSMZVAjTunS%2BFXBqwEHKc6wrocexQ21zx7%2B3C50XH57SHwEeNEDT3jVNyNra8D9X7wiEFn2HPrljsrzCqG8uQV7OyIqBQr6g6JAl%2FEp\"}]}\r\ncf-ray: a0df642d5a8856c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1162436,"size_decoded":756091,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (62434)","md5":"b5f87c1c3c05a61d9ea7bf1920e9b483","sha1":"aad1edf13652255c977743f0376e505b6b918152","sha256":"31b23d07f3a78b652db9126170b47fcde52eb862ab230890214bd71f045702df","sha512":"fbac33ca0a29d6c4f3b5dfe030db021820e110750cd0d30a9fde7403eeba0f6f49b62e67abd18313d40d7d47a66d78495b54b30642293dc4a2ccdf1bac217865","ssdeep":"12288:FVKljVKlqDNFYI/Vuyawx0i07GP10Hc2aXC1ixfGT4cuoYugFwT7HauH49aKbfi:FV+VOyKwxHGHcry1i1MKovgeHHTQaKi","tlshash":"28250158d7443fade9644c0df1f92a1dbbb1d559a030b2cfff2b3c8aa61e854122691c","first_seen":"2026-06-19T03:16:36.686893Z","last_seen":"2026-06-19T03:19:45.187201Z","times_seen":2,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":5,"connect":20,"send":0,"wait":27,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"rektmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"rektmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rektmoney.com/secureproxy?s=%2Fipfs%2Fupgc_6wIg-yZU2DXkdzgJA6f7408be97b63c0072a1c5aab9ad3bff%3Ft%3D1781839157623","fqdn":"rektmoney.com","domain":"rektmoney.com","tld":"com"},"ip":{"addr":"172.67.185.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rektmoney.com/","date":"2026-06-19T03:19:17.648Z","timestamp":1781839157648,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rektmoney.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Jun 2026 16:53:36 GMT","end":"Sun, 30 Aug 2026 17:51:52 GMT"},"fingerprint":{"sha1":"26:37:41:5B:90:20:22:77:36:C1:EB:E9:2D:6F:16:09:0E:35:21:DA","sha256":"71:D7:0D:74:39:8B:DB:B1:6D:60:AD:A3:8A:BC:6C:DD:76:2E:37:DE:54:1B:1B:2C:3F:FA:A7:30:D0:A4:BA:AD"}}},"request":{"raw":"GET /secureproxy?s=%2Fipfs%2Fupgc_6wIg-yZU2DXkdzgJA6f7408be97b63c0072a1c5aab9ad3bff%3Ft%3D1781839157623 HTTP/1.1\r\nHost: rektmoney.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rektmoney.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:19:18 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: max-age=2592000\r\netag: W/\"9728b-FMiPP+HkAbqIVg60347E4t1RFTY\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=xVYmG2Md2-yvAgTzox-hBg.js\r\ncdn-proxyver: 1.57\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 06/19/2026 03:19:18\r\ncdn-edgestorageid: 883\r\ncdn-requestid: 92d810e91ee01a24818bcfe4318dbd8d\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MkAGnnIVHKas2dFW2ZhIStbmxWyNZlWllOzYgNOm1Rgg9uTM6o625fuJYRafDpJPvPq2oEh5%2FIapH%2FFGslGwwx5dOSVSFTiKWubXhIUA8Kjl%2BRwsaFA2lMlQLk8he%2Fzz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df642f5a8e56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":619147,"size_decoded":139711,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"af83be413225fd5b888590245779bdaa","sha1":"14c88f3fe1e401ba88560eb4df8ec4e2dd511536","sha256":"3462ee4c643923b793a8fda8adc33d5e2be2696d674fefe0bc68e378d300ad1d","sha512":"23982220e4e074cdcc1eb6bfc4bb1fd8d697e5f1fa3784d0a1b298da29f8b8454352fde524796a2b68f6068f8be17145b9e23a5c7f6439a851d7e5615ea08a1a","ssdeep":"6144:Bh5gDwQDCMEWm7ECNF0gct3VyBKbMboOeC2PYqxQWNahLYzO5WuS2KImDnyJnUCL:JswQDC6m7hFqa/J/","tlshash":"dbd4becaa73d377f5ae01aab0c2b413fefc80d1e216b09c852d1b8d9527970693d915e","first_seen":"2026-06-19T03:19:45.190249Z","last_seen":"2026-06-19T03:19:45.190249Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1113,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"rektmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"rektmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}