{"report_id":"ad42a881-0e0e-46cf-8df2-5e38180f554a","version":6,"status":"done","tags":[],"date":"2026-01-24T13:46:12Z","url":{"schema":"https","addr":"cudisrewardpad.xyz","fqdn":"cudisrewardpad.xyz","domain":"cudisrewardpad.xyz","tld":"xyz"},"ip":{"addr":"172.67.204.191","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"cudisrewardpad.xyz/","fqdn":"cudisrewardpad.xyz","domain":"cudisrewardpad.xyz","tld":"xyz"},"title":"CUDIS-The World’s first rewarding Longevity protocol.","dom":{"size":469461,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18989)","md5":"c9332188ef26e88eeb90684235f4df1e","sha1":"9b2522afd87e3a61503a1e1190eb2ae51c42422d","sha256":"a25db823cb3c55f95d4e606e207efe0176f7db3396b3ef46372e63244fb08458","sha512":"467b0ef9e52637b5c1f1ab64aef1dbec0e2aa93666167af3312d39ce819dc6d271d8beb01b5da0a6f19745d6331e6376b83daf955034430cbf3bc2bce1db1310","ssdeep":"12288:0EoX66GCqhIUimLB0rnsMgQtD6V4VBwnOKeB4Y2fJEBM7KyKT:0EoX6HHIUiCCnnTBwle1h","tlshash":"11a48c1e59e6250539432678a2fb2588ba33f147dd0ede68fedc2198cf8d344ad9235c","dom_hash":"domhashb93e72349fe7643e29edc4675066319a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"cudisrewardpad.xyz","fqdn":"cudisrewardpad.xyz","domain":"cudisrewardpad.xyz","tld":"xyz"},"ip":{"addr":"172.67.204.191","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-28T13:46:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"cudisrewardpad.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"cudisrewardpad.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"cudisrewardpad.xyz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-02","domain_rank":0,"first_seen":"2026-01-24T13:46:13.132314Z","last_seen":"2026-01-24T13:46:13.132314Z","alert_count":10,"request_count":5,"received_data":1500517,"sent_data":2423,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cudisrewardpad.xyz/vuetify.min.min.js","fqdn":"cudisrewardpad.xyz","domain":"cudisrewardpad.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b44f12bd6f51e3a9922b8005436ca16a","sha1":"9bd0db797aefcc3ad90e790f84c8ec0c881dcf34","sha256":"d5fcc5d754efa15d0eec18d9e9badd6abc52a41955145fea0e19c9662a1f37ca","sha512":"9b19076eeb70e7ce48001b67e46ddf60705aa77fc86994130ee57e892f909f38ba59a9d7c62469c616a5c0d29b3e5b8bfe6602eb60462f57eef9c7dc5d52ca8c","ssdeep":"6144:qlDwFGagvVPKrxRWUUwn9vVy2WjMLxOFV:qWUagvJKrxMUzdy25LsFV","tlshash":"4f744045f2da1b09ca2ca79afe515b48f940c800b69d199bf38c9d4fe45ce7394d23b2","size":366878,"data":"","first_seen":"2026-01-24T13:46:18.459817Z","last_seen":"2026-01-24T13:46:19.953054Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cudisrewardpad.xyz/","fqdn":"cudisrewardpad.xyz","domain":"cudisrewardpad.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"53182466ddba072e5f6b8d0d9d655417","sha1":"e341cf575484a89d90092c574a1ce14b88ab0eab","sha256":"e0ade97da03808f7401f60d4b951ab082c52e18905d62bfca303e97a5da08b5b","sha512":"51b45218d568160f0cf2a51b920fd78266f8bbadb3332d84b242cbb9c1f7a31a6149e7f44ff96ad906f22020c559bf063b39164f036c8bdbc03b9506c5dea266","ssdeep":"","tlshash":"ef113826122632653c8eb0ee59b6dc4d7a7f100be90960a0b59ed08d7930b5544f76dc","size":957,"data":"","first_seen":"2023-03-07T13:09:46Z","last_seen":"2026-06-04T12:50:03.022623Z","times_seen":336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cudisrewardpad.xyz/","fqdn":"cudisrewardpad.xyz","domain":"cudisrewardpad.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"dbf35a2800ea0ce78cfdfaf886c63544","sha1":"44cfe36f7c8947430d8dc0560e7154b42833a14b","sha256":"709c1dc5240e78c74ddabd03859a6bcc24a5e0b4b9f39f99ee221dd2a078cbc5","sha512":"334ea19f31e563f0183fb3ec9c5df1c8b132506279d9c77b390f17b0672bda1beb6e66b2d1bc8ad02951d8f3b0d425a54f391e5a3a79f6febfe474adefcfd9b7","ssdeep":"3072:ZsUPaGww9AqLkGHC88yDUyJGd/q8vSk0HcgJg68TgxBTUrUECacpUBhJwqkJWGvw:ZhBDeA3Sp/byGQwnxtXyaWvkzANA","tlshash":"19742f05f2da1a09ca6ca79afe524b49f940c810f29d199bf28c9d0fe45ce7395d33b1","size":359916,"data":"","first_seen":"2026-01-24T13:46:18.463001Z","last_seen":"2026-01-24T13:46:19.959511Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cudisrewardpad.xyz/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fprettier.mobile.js%3Ft%3D29487705%26u%3DSceKeU2P3yEHcMTLGDY5MjU2NDQwMjhjZmYzYzM0MDI3YWNmMSI9iO7QHi1jDwNncg","fqdn":"cudisrewardpad.xyz","domain":"cudisrewardpad.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","size":656642,"data":"","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-06-08T13:18:27.600009Z","times_seen":2556,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cudisrewardpad.xyz/","fqdn":"cudisrewardpad.xyz","domain":"cudisrewardpad.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-24T13:45:45.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cudisrewardpad.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 18:27:09 GMT","end":"Mon, 02 Mar 2026 19:25:56 GMT"},"fingerprint":{"sha1":"40:46:3F:A5:96:56:05:7F:C2:BF:B4:39:A0:1C:DC:89:B1:67:D1:5B","sha256":"9A:62:1F:95:25:BE:51:9D:24:39:C0:B7:30:B7:3B:2C:69:F7:94:BC:10:B3:C3:49:2F:92:EB:B3:24:6D:F9:6B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cudisrewardpad.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 13:45:45 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Tue, 02 Dec 2025 18:41:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pQ3CTGSuq6GSnOelNGq9vabnj4WOJnsv241j%2F%2Fe%2FWPEn404VyXn2C7mNLkk8%2F6jnFDsm4hH9z0nGeWODAoxZf9V8v6o5z%2FqFrH8ejEDRViA%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9c2ff91c8e365697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":470847,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18989)","md5":"de6dac5660d3e2fae8274ad9bcddab6a","sha1":"81ff67c9cdff50198588e952c65373426778c41b","sha256":"32b9a0db012d37a77c8425995aab014374e5c1aed969fd027df190e3a4ec3c23","sha512":"10446ffc5e04abf7d729b0e3a396c9bbac882c40ab359156b3903959bb98e8083b644e85334fc6ff6716c9a2f34629837795453a653be52a0216dda7a6f198dc","ssdeep":"12288:QE6X66GCqhIUimLB0rnsMgQtD6V4VBwnOKeB4Y2fJEBStKEKH:QE6X6HHIUiCCnnTBwle1t","tlshash":"7fa48c1e59e6250539432678a2fb2588ba33f147dd0ede68fedc2198cf8d344ad9235c","first_seen":"2026-01-24T13:46:18.459006Z","last_seen":"2026-01-24T13:46:19.950355Z","times_seen":2,"resource_available":false,"data":null}},"time_used":513,"timings":{"blocked":117,"dns":65,"connect":3,"send":0,"wait":267,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"cudisrewardpad.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"cudisrewardpad.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cudisrewardpad.xyz/vuetify.min.min.js","fqdn":"cudisrewardpad.xyz","domain":"cudisrewardpad.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cudisrewardpad.xyz/","date":"2026-01-24T13:45:46.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cudisrewardpad.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 18:27:09 GMT","end":"Mon, 02 Mar 2026 19:25:56 GMT"},"fingerprint":{"sha1":"40:46:3F:A5:96:56:05:7F:C2:BF:B4:39:A0:1C:DC:89:B1:67:D1:5B","sha256":"9A:62:1F:95:25:BE:51:9D:24:39:C0:B7:30:B7:3B:2C:69:F7:94:BC:10:B3:C3:49:2F:92:EB:B3:24:6D:F9:6B"}}},"request":{"raw":"GET /vuetify.min.min.js HTTP/1.1\r\nHost: cudisrewardpad.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cudisrewardpad.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 24 Jan 2026 13:45:46 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Tue, 02 Dec 2025 18:41:56 GMT\r\netag: W/\"692f32f4-5991e\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7zywOalgn%2BcnDQbQ%2Fma%2BJ0tMb%2FTYxRE1rVj7Y0oKpd9WpSMoZ%2FHIx5UJ9%2BIuXAMMJjCL8u7i64jCmxEhOFSnCubW5SiODi5GJ8Fqk4ZoD7I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c2ff9219f3c5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":366878,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65534)","md5":"b44f12bd6f51e3a9922b8005436ca16a","sha1":"9bd0db797aefcc3ad90e790f84c8ec0c881dcf34","sha256":"d5fcc5d754efa15d0eec18d9e9badd6abc52a41955145fea0e19c9662a1f37ca","sha512":"9b19076eeb70e7ce48001b67e46ddf60705aa77fc86994130ee57e892f909f38ba59a9d7c62469c616a5c0d29b3e5b8bfe6602eb60462f57eef9c7dc5d52ca8c","ssdeep":"6144:qlDwFGagvVPKrxRWUUwn9vVy2WjMLxOFV:qWUagvJKrxMUzdy25LsFV","tlshash":"4f744045f2da1b09ca2ca79afe515b48f940c800b69d199bf38c9d4fe45ce7394d23b2","first_seen":"2026-01-24T13:46:18.459817Z","last_seen":"2026-01-24T13:46:19.953054Z","times_seen":2,"resource_available":true,"data":null}},"time_used":396,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":107,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"cudisrewardpad.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"cudisrewardpad.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cudisrewardpad.xyz/secureproxy?e=ping_proxy","fqdn":"cudisrewardpad.xyz","domain":"cudisrewardpad.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cudisrewardpad.xyz/","date":"2026-01-24T13:45:47.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cudisrewardpad.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 18:27:09 GMT","end":"Mon, 02 Mar 2026 19:25:56 GMT"},"fingerprint":{"sha1":"40:46:3F:A5:96:56:05:7F:C2:BF:B4:39:A0:1C:DC:89:B1:67:D1:5B","sha256":"9A:62:1F:95:25:BE:51:9D:24:39:C0:B7:30:B7:3B:2C:69:F7:94:BC:10:B3:C3:49:2F:92:EB:B3:24:6D:F9:6B"}}},"request":{"raw":"GET /secureproxy?e=ping_proxy HTTP/1.1\r\nHost: cudisrewardpad.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cudisrewardpad.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 24 Jan 2026 13:45:47 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nlast-modified: Sat, 24 Jan 2026 13:45:47 GMT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nLhb%2FNpGJJjnca4KgwzM5RHNKauZrxwUaHkgM0mg5Y8xr4qc6L%2BcC4NbdxwZlIMgrwJRTUMBpCdZvOnCIILZFMyzCr0XmtBRMojEZO5tzEg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9c2ff927ce785687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"6fdb087aa3fbfbcb8287a593a0919e61","sha1":"0e514a0662bcb69dc863953d1ce26e3d40e81a87","sha256":"9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2","sha512":"be5457d14c930b51b47ab152850c1ceaafe6ef88c8671b48164abbc83410b0c07a1e178540f6cdeac5f2672cadb1d1cbbb3434b3e39bc2c50c4646a2bae57437","ssdeep":"","tlshash":"fe300000300000000000000c0000000000000000000000000000000000300000000000","first_seen":"2023-04-12T09:14:15Z","last_seen":"2026-06-08T13:09:33.777887Z","times_seen":8784,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"cudisrewardpad.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"cudisrewardpad.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cudisrewardpad.xyz/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fprettier.mobile.js%3Ft%3D29487705%26u%3DSceKeU2P3yEHcMTLGDY5MjU2NDQwMjhjZmYzYzM0MDI3YWNmMSI9iO7QHi1jDwNncg","fqdn":"cudisrewardpad.xyz","domain":"cudisrewardpad.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cudisrewardpad.xyz/","date":"2026-01-24T13:45:47.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cudisrewardpad.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 18:27:09 GMT","end":"Mon, 02 Mar 2026 19:25:56 GMT"},"fingerprint":{"sha1":"40:46:3F:A5:96:56:05:7F:C2:BF:B4:39:A0:1C:DC:89:B1:67:D1:5B","sha256":"9A:62:1F:95:25:BE:51:9D:24:39:C0:B7:30:B7:3B:2C:69:F7:94:BC:10:B3:C3:49:2F:92:EB:B3:24:6D:F9:6B"}}},"request":{"raw":"GET /secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fprettier.mobile.js%3Ft%3D29487705%26u%3DSceKeU2P3yEHcMTLGDY5MjU2NDQwMjhjZmYzYzM0MDI3YWNmMSI9iO7QHi1jDwNncg HTTP/1.1\r\nHost: cudisrewardpad.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cudisrewardpad.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 24 Jan 2026 13:45:48 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\nvary: Accept-Encoding\r\ncache-control: max-age=2592000, must-revalidate\r\netag: W/\"a0502-14+i6Bt7XM8ofHk8WpmFyqoPYWI\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=prettier.mobile.js\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 01/24/2026 13:45:48\r\ncdn-edgestorageid: 879\r\ncdn-requestid: 10e5f25c0830bc358ae1397e339f6392\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s8ASc3GdwmhFa0Jr5pfzQqRJgvHFRuGDVVdWcLJ0uEhRZP2DZW%2BEhLCsiJdF8qgZ8b9RcNXxYR4q%2BycHg7d2o4LUN5zRpetMYoHiTE7TnaI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c2ff929f8c15687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":656642,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-06-08T13:18:27.600009Z","times_seen":2556,"resource_available":true,"data":null}},"time_used":545,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":378,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"cudisrewardpad.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"cudisrewardpad.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cudisrewardpad.xyz//secureproxy?s=%2Fjmpd%2F","fqdn":"cudisrewardpad.xyz","domain":"cudisrewardpad.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cudisrewardpad.xyz/","date":"2026-01-24T13:45:48.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cudisrewardpad.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 18:27:09 GMT","end":"Mon, 02 Mar 2026 19:25:56 GMT"},"fingerprint":{"sha1":"40:46:3F:A5:96:56:05:7F:C2:BF:B4:39:A0:1C:DC:89:B1:67:D1:5B","sha256":"9A:62:1F:95:25:BE:51:9D:24:39:C0:B7:30:B7:3B:2C:69:F7:94:BC:10:B3:C3:49:2F:92:EB:B3:24:6D:F9:6B"}}},"request":{"raw":"POST //secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: cudisrewardpad.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cudisrewardpad.xyz/\r\ncontent-type: application/json\r\nContent-Length: 2201\r\nOrigin: https://cudisrewardpad.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2201,"data":"{\"route\":\"8XUwkBv9vhPYfVpD1fxb7EC65sUXJdqr\",\"payload\":\"ikyA3cGdys7zPfcBJxQqEdhZBJe2V8FzaCCS6f96WJNaWWieqFeoRDCdzUhY1VG5b6UmUqeVAiifKWCAbNWpdwbfRG8jpKdCfdDtgBDmb7K4yJoegky8Jy9qzKNXiyKPLW7r2ayoo7QkuszyQ7dUc4ZJtSY5eLvkJabbBfAs7TZ2xnVnFxgto6JJz4srXcKyx8fkfdyCVbD2AipkLmymQqvyKtrYps8FqviVffvyu7YFcHxJYpbGbUKFEieDb2xk1uSz5c5RsRNaRUShAtsZEQwdVfvPw6K23uompgEwcsWgNZmfx2kVazpdgiEes74J4Co9oThZ21KzPuFWJXbKVrLWhDEBeB1rw1tRtjQL4gbMBK1HbkihkJgpGF93C3ehZFKYS7iUMF2ZMBr1HUBwix8ThAyeBb9D6k6Fqeu3HzkKA38veNxVyCWyVT7dp3diEZyhvcNhb6qmerirbT6YkrnE7iJBFePApKBonF1VbFE5cQy4BUXaU1yypt52bKPeqko6k3xvJfkWkbmnqA1YwBNiPqvqsiS14CoqgEgnQjoSC11iRASCGrE6YFLFoStLPvW6veGCixR7fja72s8xKGq4NoPUmnmLPsF835rUDrT1vmFuecpnC3rGF1h5yq7zVwuyYP6BwCY9yHTFH8qTWR4dp8chqkW6r7y8uaqqkuquz4zjzzDAD1Tq9k8RUnZmE9F9fZvM1pMYHiv7zVFfvn18fjzEmPJaZ4gwohu34KwykhFqoLCxiPRN5qkyj29TdhDP4rzw1SwaEN2Wb9hTj9qNquYihHtpawNMbfhJA1Xgtr6LGYNUcByST6Ps2tFAiA3LjQn1WJiD5A4bSZpSafwNZiPjUZy8oNEpc3kkF51dTHbjfFVPSrJKy4H21WFzFymUFPVvipHa4HSxaxJjGfo2AbPeBQXpDNTtTaT2UHvCUaXWw5JaKSJkyT2RvmYqeTxAxDkjiUkDQyqBPXGCGLNPct3DYdzzZwk1KVwCNp653L6ndoXy7ofLBWUkEeexJW9odUcFwkj8PKe9QgxiCnh5bxJKcrSwk5i8xCHADVw8WF6VwJFAZp9qn8FpeWwaU3QKLJ887ptXjPSxTf6qaLRwPzc2TYW8nWDDhA6tvRwvfGA3meUA6Jxb6QyfuYBNjLKf8FbRf841bzeRSRbkYj8niwJQ3hBD42ys259Z4o1mt4PxeQybYwnoCBcFE5fCJaKVgZryebCVCBWnvUsKn7G2KnPrnT66XLT1pJsehCxrM7PEHT4xp3sx7eZaGfpS6CoXLYdinh3yZ1uyyVMAXMCwnSqkfWjzsGPyTxxSWmzYJ1B2ritAGN9xr3E8CGQ8MKnCYMyTd6icwvHvGz4ZEb2j7vu8ABA64oikbSnjcQNZBJfq1rw4kM65HB38U27iKza4Nn6zzFAAirRTWKEWjXmDDka8vtnUM5GuLH4zgZrn9YF3cMU6QXkHsZqxhvNCe6Rxfg2Fq4Un38yRDkqu35ywZFiz46iXCcTswEiLXuL9Nb8BTGckVjHZhQhbrPNRhvDut9ksBJMwPV8nq2QsmACQKS1F7qtgmwrJDa99C47zffpsD7R7Qm26owjWmkVVVcY5LRbzBmhTjFPMSnE8jEhMeRgoN4z8H7bGEhVkxuaBRX5RVSL6pPpQkYpSVkMR8NyHnECpkSSTALZNv7cAd3nkw7oPCuumj6ZSPB1YXwFNpqc7CeXHLLwahxgxZRTGRbZghkEjfoBhUziGeKRBWb6sYda5QYytvaDUWHAukXY2xr8f1hiMcpbUu8Uw8HjS4j2Fh2MJtci56us1iaFhuvt66ta4jVzX1ZXDEvQNQeCtUd2J7NDmJcf6gZpT3WPzMMDmQaoXMhmkNM2gfuKBsPt57ZdTasjrM8jqFAiV1KyzcLxHY4euyax5HNVh7a9qBcTA6DqzzdBy9b6pZkqCf7TbhQNUYZ83sQZTPDABQiAwChipxp3457kkrz4YWcsPosaJdVN6HHAYUGuv7bHcoka69yan7NgWrshnn4AwKD8pwBYGRWX4QxEddgviBuPSqRW6ZwoRED9TupEBEGvs9RDXgPEdumFepLweNxny6xtaSyFm8NLZbsSu4g9uwRQKspe5WL9hu6TrcYUJGcb7zgf5dXLP6zpE\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 24 Jan 2026 13:45:49 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"db-PO4ATzmWTJYVGuwkzrC+40PoNVg\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9963\r\nx-ratelimit-reset: 1769262409158\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 01/24/2026 13:45:49\r\ncdn-edgestorageid: 883\r\ncdn-requestid: e93846be56b6f22a3221f41d9954aa1a\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N%2BAeHkHFW5OQPYu9SZLRSvjy5c5s3eDUQu9oL2JVDgp%2FCGIJQYVIdvY%2FastGEi6ltxqOIXrTnhWQa%2FW6DsNq7x4z1xBWTnUn4mmZoRcOIa4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c2ff9308f365687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":219,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"3f03f200ecc3a591c0d7a1829f0c7d0c","sha1":"3cee004f39964c96151aec24ceb0bee343e83558","sha256":"0e34c028cb29a28ab06a406b063eaea42563035a6d2a90d64c0375c14ab0fe15","sha512":"d2ec4a6eb04a52713b92885b9aa3c8ae730465572212ba5118d87ceed985d973c31ca4debaa5e55951336ae558da10cdc9c142650671457f03bd25d75b36f089","ssdeep":"","tlshash":"52d0238f33607e0048cd06c367c0cca4160d41322d834c4f320c96a32f06c0935fc85a","first_seen":"2026-01-24T13:46:18.46163Z","last_seen":"2026-01-24T13:46:18.46163Z","times_seen":1,"resource_available":false,"data":null}},"time_used":495,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":495,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"cudisrewardpad.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"cudisrewardpad.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}