{"report_id":"b68a718d-37c2-4b61-bc51-b4eb37507745","version":6,"status":"done","tags":[],"date":"2026-03-13T03:39:34Z","url":{"schema":"https","addr":"machis-rewards.xyz/","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.75.218","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"machis-rewards.xyz/","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"title":"$MACHI DISTRIBUTION","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"machis-rewards.xyz/","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.75.218","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-17T03:39:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"machis-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"machis-rewards.xyz","ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-08","domain_rank":0,"first_seen":"2026-03-13T03:39:35.365045Z","last_seen":"2026-03-13T03:39:35.365045Z","alert_count":9,"request_count":9,"received_data":840271,"sent_data":4242,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"machis-rewards.xyz/","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9058e7bf7daa2a3e7bcb7e410c44bced","sha1":"c961c1574f5f68ee802af276b9a2a8a6a4beacf9","sha256":"57ab794b0fbf4f58a10f2e6628341f62d01944ff667215f4fe962a9049aac008","sha512":"60a18259800b7da0845994c4334bddc01a6600848ace6fb180cc53d45d13200dd5053160fa6f63fbf062c6d8364deba682f6a7b390826e28726e1635a1b3baa0","ssdeep":"","tlshash":"a3c02260c260cde0012809af11b4a28830a0b92e008291dae7bcc9ca1bcdec10a84900","size":194,"data":"","first_seen":"2026-03-13T03:39:38.698951Z","last_seen":"2026-03-26T01:06:27.643072Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"machis-rewards.xyz/secureproxy?s=%2Fipfs%2FTKGLyEMry0BR7C2FA57ivg291bd2211f14075a811140c6ee7f02fc%3Ft%3D1773373148938","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"20e0c993c64d6de30cd638e0f372ff4f","sha1":"42db2f47287aad1f239a588f90e9b4322f194537","sha256":"40b6e8c64b51714acf2edeb30db25691cd8ed94c2171a66db9576c2bbaea49df","sha512":"4d894e675404adad9d8bae46c45b41022e19ef956133b74110ab65580e438ec10c55ff688876c024473dee243d0cb7906775479617ffb4312badecd4c4ca609a","ssdeep":"6144:qh5gDP6Euno4xvlISDhTl0WHvfUp+v+9J87XGQOwOyyGpMy:qsPZunzvlzSWP8p0Q+Bz","tlshash":"70d499c08b4c357364802aea15fb446fdfdc0de82e4be8536bd09ca5e379b8351e5998","size":634373,"data":"","first_seen":"2026-03-13T03:39:38.697141Z","last_seen":"2026-03-13T03:39:38.697141Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"machis-rewards.xyz/snowflakes.js","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a492afe47e2af6e5f5cc87512db9b62","sha1":"47e1342d2e705c3fd5c917ac47d6c4ca6677ede2","sha256":"d63054d0d07b0e61e0f1e5a3ea8670fbe0f2eae377913603a043f03d1cb3252c","sha512":"4c14d1e90c11f74d16c28834f2ce68ee4acaee657f5d4bb7e7dc13def8018a5e540913481f757adb6d45187a306db0e7a4fd1a26f7dfa01253aa9f19053c56f9","ssdeep":"","tlshash":"08510d4860a23828157f631d7ad2988ce5302027be014d7ebeae42635f71c4cdc98dfd","size":2457,"data":"","first_seen":"2025-08-31T03:13:37.754782Z","last_seen":"2026-05-01T15:06:22.864567Z","times_seen":342,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"machis-rewards.xyz/","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"adb5accbf3eea1a9809fe2f31a17dc51","sha1":"b5dd2e8dd5de9825a940e9b3cac200a1a3b022ac","sha256":"74f41e9217fdfb6538bad20759a5185689b15ad82280de27abe2dfc2b3c034b0","sha512":"01774b850246e42054968343c0726b2f1d81c0542a03f7cf26952862207dc1517e01bd321ce411cbbb8342b1a41c6191076139e4d6ec8a058ae1753a4c36cbeb","ssdeep":"","tlshash":"dc71282ce9b41cb3104ab07908be5247b570955b0d2a3d35bd4c829c5f0ee6e61be7e9","size":3587,"data":"","first_seen":"2024-08-19T21:41:20.669609Z","last_seen":"2026-05-06T23:47:35.269243Z","times_seen":366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"machis-rewards.xyz/particles.min.js","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"00debcf6cf0789a19cee2278011afcd4","sha1":"8017f8b1869077db728573f1ca4684a00af69462","sha256":"faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6","sha512":"29e7f9b1cee07d369c47b4d929e95cad1b35e62a5fefeb7e9fb661ea628d25b996fbf4517425bd9f07cb9f8617d2cda73ba2afe58d8286a8086a4682e8f5b4f4","ssdeep":"384:NkfJtGvWjT6uYvqhCz8wSEHESxtVAFPQcYpeib+9rOEKXWd/:NC7T6uYvn8wRxwyryVOEKXW5","tlshash":"61a2934d23f73e77378ab2e09be9d122c774a4d1399b04b0f93c667da52549201ee7a0","size":23364,"data":"","first_seen":"2023-03-07T01:16:44Z","last_seen":"2026-06-08T19:07:39.702783Z","times_seen":5016,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"machis-rewards.xyz/","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-13T03:39:08.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"machis-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 20:08:37 GMT","end":"Sat, 06 Jun 2026 20:08:36 GMT"},"fingerprint":{"sha1":"0E:12:7E:E7:1C:80:67:34:FC:DB:AD:55:13:CD:DD:6A:8E:CC:49:E4","sha256":"DB:E1:BC:FF:E2:9F:ED:5A:E8:57:34:F7:E8:30:C9:FB:DF:81:E9:FE:50:B5:96:A1:F2:7D:A3:4D:D8:F3:C0:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: machis-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Mar 2026 03:39:08 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 12 Mar 2026 21:05:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6bkej%2BqgqqN4d6apjDd3SsWk%2B4DIOIiH7YbRzujJy1rq3X4%2Fs7v13r8KM8ERjjGwrg3vgieb5YSiUPJ%2BjyzJ5C5fUlCZ9S4rWbgAhxbFOO0JvA%3D%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9db80280af8fb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":101608,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (61943)","md5":"eee938882b70bc52451eb787a4f09534","sha1":"e6ae02cd6f139adf7c8652051a056a26558f8c6b","sha256":"5b35c9c8fe27ac7ee694b47b8644037647b054994c793e46fcf76d11061c46f2","sha512":"9e84a579c433d564acfb9a90810af657ac5d651263b3d2ad66343e33a20e88ee59e174cf02dbc183b99d25cfa0ff7cecf24960e3e028bb047084fe7535275ad5","ssdeep":"1536:HdzjBRvb7zj9VcAyxvxE4ZzhMcR239kPJdM9Nt3ZrPLaZYH:93Pw/VMT39kBMt35PLf","tlshash":"a0a3806a4c5cab4e33321c2ecf13243e6e8265eeb60995df388f74ecc7664549665ce0","first_seen":"2026-03-13T03:39:38.694048Z","last_seen":"2026-03-18T15:44:30.696884Z","times_seen":3,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":66,"dns":53,"connect":1,"send":0,"wait":249,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"machis-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machis-rewards.xyz/snowflakes.js","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://machis-rewards.xyz/","date":"2026-03-13T03:39:08.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"machis-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 20:08:37 GMT","end":"Sat, 06 Jun 2026 20:08:36 GMT"},"fingerprint":{"sha1":"0E:12:7E:E7:1C:80:67:34:FC:DB:AD:55:13:CD:DD:6A:8E:CC:49:E4","sha256":"DB:E1:BC:FF:E2:9F:ED:5A:E8:57:34:F7:E8:30:C9:FB:DF:81:E9:FE:50:B5:96:A1:F2:7D:A3:4D:D8:F3:C0:2F"}}},"request":{"raw":"GET /snowflakes.js HTTP/1.1\r\nHost: machis-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://machis-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Mar 2026 03:39:08 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Thu, 12 Mar 2026 21:05:46 GMT\r\netag: W/\"69b32aaa-999\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2dV6F%2B2udhktL8ysBsk7nSJmoqIzod73lfhEfed9ruBIdWS6qlQMbepjT4qWQ74OtfO4OoiDugPqB45R1exJSbbf%2FkbIG9V53GIGotnX0bRMPg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9db802836c12a41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2457,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"4a492afe47e2af6e5f5cc87512db9b62","sha1":"47e1342d2e705c3fd5c917ac47d6c4ca6677ede2","sha256":"d63054d0d07b0e61e0f1e5a3ea8670fbe0f2eae377913603a043f03d1cb3252c","sha512":"4c14d1e90c11f74d16c28834f2ce68ee4acaee657f5d4bb7e7dc13def8018a5e540913481f757adb6d45187a306db0e7a4fd1a26f7dfa01253aa9f19053c56f9","ssdeep":"","tlshash":"08510d4860a23828157f631d7ad2988ce5302027be014d7ebeae42635f71c4cdc98dfd","first_seen":"2025-08-31T03:13:37.754782Z","last_seen":"2026-05-01T15:06:22.864567Z","times_seen":342,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"machis-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machis-rewards.xyz/css2.css","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://machis-rewards.xyz/","date":"2026-03-13T03:39:08.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"machis-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 20:08:37 GMT","end":"Sat, 06 Jun 2026 20:08:36 GMT"},"fingerprint":{"sha1":"0E:12:7E:E7:1C:80:67:34:FC:DB:AD:55:13:CD:DD:6A:8E:CC:49:E4","sha256":"DB:E1:BC:FF:E2:9F:ED:5A:E8:57:34:F7:E8:30:C9:FB:DF:81:E9:FE:50:B5:96:A1:F2:7D:A3:4D:D8:F3:C0:2F"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: machis-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://machis-rewards.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Mar 2026 03:39:08 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Thu, 12 Mar 2026 21:05:46 GMT\r\netag: W/\"69b32aaa-756\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZEJOSSNPkmVmonpazNJUTlVYpoy4curNrs9l2jrwBpn37UazX4ceNvBvP7GWSNnHttYHi7YGNMPwWep%2F8MmBz6helHuaezxd985fak3tqKWFLA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9db802836c13a41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1878,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"9062a655afcc97c2d427b10f735a8aea","sha1":"b22103ec1665985589e0be5b9f5e9686461dc12f","sha256":"66489ff17cd8cbe69f7dc79d660975d2910614eda742803f69181a0ecf3bc4bd","sha512":"ab721d03c97484fcb5cef9844c74968d7bb643c1ebee2eea3a2e8129f9366306f24d0b42e6889213aa56bd28047ad42645cbc4457fc3dc681dd8e7df4d4265eb","ssdeep":"","tlshash":"89419b414c3a5104a3d32ce263ce7d31cd4ef244b045ca34bffe1859ac4ad6563a4b5c","first_seen":"2025-08-07T19:45:13.885497Z","last_seen":"2026-05-01T15:06:22.858559Z","times_seen":359,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"machis-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machis-rewards.xyz/logo.jpg","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://machis-rewards.xyz/","date":"2026-03-13T03:39:08.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"machis-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 20:08:37 GMT","end":"Sat, 06 Jun 2026 20:08:36 GMT"},"fingerprint":{"sha1":"0E:12:7E:E7:1C:80:67:34:FC:DB:AD:55:13:CD:DD:6A:8E:CC:49:E4","sha256":"DB:E1:BC:FF:E2:9F:ED:5A:E8:57:34:F7:E8:30:C9:FB:DF:81:E9:FE:50:B5:96:A1:F2:7D:A3:4D:D8:F3:C0:2F"}}},"request":{"raw":"GET /logo.jpg HTTP/1.1\r\nHost: machis-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://machis-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Mar 2026 03:39:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 33637\r\ncast-mode: default\r\nlast-modified: Thu, 12 Mar 2026 21:05:46 GMT\r\netag: \"69b32aaa-8365\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UEHRbXLB0ZirSa5f9UoX%2BaIQnqTHxlBiVfhoXCT%2BN4f9N0LAe8gM2QJaRRdvb8ED2%2BPL%2FJ0sVnwsZVe3NNvi4tTbR3%2FQXy3gE6s72HAr2%2BXMiw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9db802836c14a41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33637,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.3], baseline, precision 8, 400x400, components 3","md5":"c62faab687a82e6065adfed0b6bcc55f","sha1":"df2731098587d0664f03b1662a4e1dfb813c6b4e","sha256":"a57a7116c1672b1623dc1c330b1ea8e635a3375245c12026b89282910e6a231e","sha512":"148ed9c9080730cfdfde0a67c507eb65e262eb66a316396565da25906864b75a462eb89bdf6d526df523cabaef0a92c0b6ed888a02f537cfd2aa9ed2dcc2a6c4","ssdeep":"768:fxyIDhZnM72Ms4OGLJwJTrbSm+TggAjAR6fE2DIg:fU4Zn4djO6+JTrbS7rAafXg","tlshash":"98e28ddf4bce0167cd998736fc560889cfee4e48cde9678a2132213f698850da52dc6c","first_seen":"2026-03-13T03:23:40.315129Z","last_seen":"2026-03-18T15:44:30.698572Z","times_seen":5,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"machis-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machis-rewards.xyz/secureproxy?s=%2Fipfs%2FTKGLyEMry0BR7C2FA57ivg291bd2211f14075a811140c6ee7f02fc%3Ft%3D1773373148938","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://machis-rewards.xyz/","date":"2026-03-13T03:39:08.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"machis-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 20:08:37 GMT","end":"Sat, 06 Jun 2026 20:08:36 GMT"},"fingerprint":{"sha1":"0E:12:7E:E7:1C:80:67:34:FC:DB:AD:55:13:CD:DD:6A:8E:CC:49:E4","sha256":"DB:E1:BC:FF:E2:9F:ED:5A:E8:57:34:F7:E8:30:C9:FB:DF:81:E9:FE:50:B5:96:A1:F2:7D:A3:4D:D8:F3:C0:2F"}}},"request":{"raw":"GET /secureproxy?s=%2Fipfs%2FTKGLyEMry0BR7C2FA57ivg291bd2211f14075a811140c6ee7f02fc%3Ft%3D1773373148938 HTTP/1.1\r\nHost: machis-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://machis-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Mar 2026 03:39:09 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: max-age=2592000\r\netag: W/\"9ae05-QtsvRyh6rR8jmliPkOm0Mi8ZRTc\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=qJ_Nz5e2Y8afFw-wIkp0hg.js\r\ncdn-proxyver: 1.47\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 03/13/2026 03:39:09\r\ncdn-edgestorageid: 883\r\ncdn-requestid: 9782b3c181e745ef33bbd81c2e75c844\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sBOjXeuYFdFuSAWpuUqUhqfxnETnF8VhEkyXpcnT9EAx%2Bmu9MRyJ0S9pLyMHdM1ZQ5A92M90ZCkeQgcSd%2FGcg79rcD3pFqQc7rIN%2F6Cu5ArfmA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db80284ec1ba41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":634373,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"20e0c993c64d6de30cd638e0f372ff4f","sha1":"42db2f47287aad1f239a588f90e9b4322f194537","sha256":"40b6e8c64b51714acf2edeb30db25691cd8ed94c2171a66db9576c2bbaea49df","sha512":"4d894e675404adad9d8bae46c45b41022e19ef956133b74110ab65580e438ec10c55ff688876c024473dee243d0cb7906775479617ffb4312badecd4c4ca609a","ssdeep":"6144:qh5gDP6Euno4xvlISDhTl0WHvfUp+v+9J87XGQOwOyyGpMy:qsPZunzvlzSWP8p0Q+Bz","tlshash":"70d499c08b4c357364802aea15fb446fdfdc0de82e4be8536bd09ca5e379b8351e5998","first_seen":"2026-03-13T03:39:38.697141Z","last_seen":"2026-03-13T03:39:38.697141Z","times_seen":1,"resource_available":true,"data":null}},"time_used":998,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":902,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"machis-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machis-rewards.xyz/119246100adcd76322fde730b9f8859e.txt","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://machis-rewards.xyz/","date":"2026-03-13T03:39:09.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"machis-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 20:08:37 GMT","end":"Sat, 06 Jun 2026 20:08:36 GMT"},"fingerprint":{"sha1":"0E:12:7E:E7:1C:80:67:34:FC:DB:AD:55:13:CD:DD:6A:8E:CC:49:E4","sha256":"DB:E1:BC:FF:E2:9F:ED:5A:E8:57:34:F7:E8:30:C9:FB:DF:81:E9:FE:50:B5:96:A1:F2:7D:A3:4D:D8:F3:C0:2F"}}},"request":{"raw":"GET /119246100adcd76322fde730b9f8859e.txt HTTP/1.1\r\nHost: machis-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://machis-rewards.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Mar 2026 03:39:09 GMT\r\ncontent-type: text/plain\r\ncontent-length: 0\r\ncast-mode: default\r\nlast-modified: Thu, 12 Mar 2026 21:05:46 GMT\r\netag: \"69b32aaa-0\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P8rO58O94SG56ZkOHKOKptx%2BsP%2F4PmSkwKEJDiqI9gajMrOSFpM4NLdM5eWRO2n4VZBNky9Z87KfwqFOvy6SZw2ZkKOsioobFo2ZBXhaYXOiqA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9db802867c29a41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"machis-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machis-rewards.xyz/logo.jpg","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://machis-rewards.xyz/","date":"2026-03-13T03:39:09.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"machis-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 20:08:37 GMT","end":"Sat, 06 Jun 2026 20:08:36 GMT"},"fingerprint":{"sha1":"0E:12:7E:E7:1C:80:67:34:FC:DB:AD:55:13:CD:DD:6A:8E:CC:49:E4","sha256":"DB:E1:BC:FF:E2:9F:ED:5A:E8:57:34:F7:E8:30:C9:FB:DF:81:E9:FE:50:B5:96:A1:F2:7D:A3:4D:D8:F3:C0:2F"}}},"request":{"raw":"GET /logo.jpg HTTP/1.1\r\nHost: machis-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://machis-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Mar 2026 03:39:09 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 33637\r\ncast-mode: default\r\nlast-modified: Thu, 12 Mar 2026 21:05:46 GMT\r\netag: \"69b32aaa-8365\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JKGgoN7NWjcxAT%2BjZ0Rv9dObGZebd7LDe3aH0gZ8J4fLBl%2B1qoOblYf4GFHlkfhDmcJ5Lvzie3pmpmcjLtTEFfhf0YSNolO%2FB%2Bx%2B418JyvHVBA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9db802871c2ba41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33637,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.3], baseline, precision 8, 400x400, components 3","md5":"c62faab687a82e6065adfed0b6bcc55f","sha1":"df2731098587d0664f03b1662a4e1dfb813c6b4e","sha256":"a57a7116c1672b1623dc1c330b1ea8e635a3375245c12026b89282910e6a231e","sha512":"148ed9c9080730cfdfde0a67c507eb65e262eb66a316396565da25906864b75a462eb89bdf6d526df523cabaef0a92c0b6ed888a02f537cfd2aa9ed2dcc2a6c4","ssdeep":"768:fxyIDhZnM72Ms4OGLJwJTrbSm+TggAjAR6fE2DIg:fU4Zn4djO6+JTrbS7rAafXg","tlshash":"98e28ddf4bce0167cd998736fc560889cfee4e48cde9678a2132213f698850da52dc6c","first_seen":"2026-03-13T03:23:40.315129Z","last_seen":"2026-03-18T15:44:30.698572Z","times_seen":5,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"machis-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machis-rewards.xyz/secureproxy?s=%2Fjmpd%2F","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://machis-rewards.xyz/","date":"2026-03-13T03:39:12.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"machis-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 20:08:37 GMT","end":"Sat, 06 Jun 2026 20:08:36 GMT"},"fingerprint":{"sha1":"0E:12:7E:E7:1C:80:67:34:FC:DB:AD:55:13:CD:DD:6A:8E:CC:49:E4","sha256":"DB:E1:BC:FF:E2:9F:ED:5A:E8:57:34:F7:E8:30:C9:FB:DF:81:E9:FE:50:B5:96:A1:F2:7D:A3:4D:D8:F3:C0:2F"}}},"request":{"raw":"POST /secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: machis-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://machis-rewards.xyz/\r\ncontent-type: application/json\r\nContent-Length: 1430\r\nOrigin: https://machis-rewards.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1430,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QBxAImAy4AEgDgArICHAD4AhgAAQIAOAMAAO8nhn2XtsKCARJrH_XB-ZNU7-1s0GkCAABk25ZBv5sc9rk3ydt3-9rN-1KmjktTKTZzVeTwYrIXc714zzH_I_5qqICRoHib9e_oGLymtUhua1C5u5oZAwJpwz8Ncg_QVy8FPM8VC-G48fDLxv8TP9EPD2sRTGJMRUc7CF5wywPB6jRIeQCOXvD2meqk2fUqLq2L7oK3-O-yXXTWpsCTbVtTfqoGgbRKTcCbUDYk1cu3MybdbajEZXZBajhbkUkKro3RHSJOnTd40pe3C98E1jekR-z1HEzB1_1Gch3bjDHlUSgh4tlc_aZwmNpwgb9uuTURI_hBdfRgTaXT7a_6LYYvfZizZGPJzWxWYxGk7pB8OlHHFoIOys_5fLzpHkIzK9PfdlMuJzPNSgMfDoeVPSThGOVtEVHBnR-1E_KxV6CHiY0dIdq_X-nEkY5DK_Rq34VTheRAGOTCV8F41dr4duSz65tBXk3DIfWAXkCG6OUjvvvAJ1AV4rVST4ZYP13VvGzpqKhCZGL7kwG3cutFfPFE8TmTtUpTnNjQSldTkWSOn89X6jdvnMRT2WBbQmfpIIIStthcVxTB4t_6KPmRzXHg5lnH8mv0iXvXHDSedHvJYT54LFtDAJTiUdPvkdS7I6zRSfY0skrKO7x6xJr586z0E1frGsYLtyNYmDkI13Dx8ZxMXPdiI702Xovm4mFiyFVc7uKeaFsG-pzL-rWXLSvinPb2ImLTaeeRx0fdVjNGTWDV0fMOdXKOG-CKnvafh0UFvtFa15rAqo-SpFS-cS8o-zJJhxCOh6ox5yMCI2vi9uFFjuLMjRZFyV4loqLYwN_RBXpytyF24QZZOiZX20GuXcR1UkMr9vFG0orZ-blMN0uEGwZS1pmrR-ImuHcibJc2rCh0eR7jgRAerm9D2PVTw6Ld228InTm7YJ933SR7y37R7xm3-i5Ln0b-mJh-AdeOOJE_f6qrPi65If7DbeIhvw4KX14qMh-azWJQRwz3zI3xnnwKMjHjOO06-nXcx7b2-JMuoEMLs8bvT6gjp-JzmAwS7_ol2SX0JEp0nGE0G71Rs4GbMM9hupCKxOeIH5Mdns1DRxqynsVeqD53Y8qyH6Vc0AyAJLBXknW4FLJCugB7qlBzsgEXpctjmKUNlF-wENtdku_7EA\",\"challenge\":\"eyJpZCI6IlROTWEwZnRraXg3Nlhha05pVHFmM0EiLCJub25jZSI6MTQ2LCJoYXNoIjoiMDA2YTExMTU0Y2UwMDVkZjY3MmQ5MjgxYTM5Y2NiNzUxMDViZmFjNDhhZDkwYzIwNzE0OTFiOGUzZGQwZjgzZSJ9\"}"}},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Fri, 13 Mar 2026 03:39:13 GMT\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9999\r\nx-ratelimit-reset: 1773373212737\r\ncdn-proxyver: 1.47\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 204\r\ncdn-cachedat: 03/13/2026 03:39:13\r\ncdn-edgestorageid: 879\r\ncdn-requestid: 12e4a315bab1bbbfae282bbb6f13b697\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jk0y8dHxbHOOgOtV5h2x61xhA9yNo1a99F93ZHxZtzJtm63LhLjxV%2FeUesLx24BBCNm%2B%2B%2FB4WDW1TfW8J0jrOTOAUnMvVraOnVNM%2B9RGxt7hWQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db8029bdc7ba41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":781,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":777,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"machis-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machis-rewards.xyz/particles.min.js","fqdn":"machis-rewards.xyz","domain":"machis-rewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.182.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://machis-rewards.xyz/","date":"2026-03-13T03:39:08.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"machis-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 20:08:37 GMT","end":"Sat, 06 Jun 2026 20:08:36 GMT"},"fingerprint":{"sha1":"0E:12:7E:E7:1C:80:67:34:FC:DB:AD:55:13:CD:DD:6A:8E:CC:49:E4","sha256":"DB:E1:BC:FF:E2:9F:ED:5A:E8:57:34:F7:E8:30:C9:FB:DF:81:E9:FE:50:B5:96:A1:F2:7D:A3:4D:D8:F3:C0:2F"}}},"request":{"raw":"GET /particles.min.js HTTP/1.1\r\nHost: machis-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://machis-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Mar 2026 03:39:08 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Thu, 12 Mar 2026 21:05:46 GMT\r\netag: W/\"69b32aaa-5b44\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k25heUHIgkJE7l8q4sXHruXQfHVSt2DKzK2eji%2FhcoiHU4FzzAvieThgHhgqissof81nxdoFXrNJO%2FCmATECEZp340%2FX%2BhcMGaNDpEeh6QOW8g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9db802836c15a41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23364,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (23002)","md5":"00debcf6cf0789a19cee2278011afcd4","sha1":"8017f8b1869077db728573f1ca4684a00af69462","sha256":"faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6","sha512":"29e7f9b1cee07d369c47b4d929e95cad1b35e62a5fefeb7e9fb661ea628d25b996fbf4517425bd9f07cb9f8617d2cda73ba2afe58d8286a8086a4682e8f5b4f4","ssdeep":"384:NkfJtGvWjT6uYvqhCz8wSEHESxtVAFPQcYpeib+9rOEKXWd/:NC7T6uYvn8wRxwyryVOEKXW5","tlshash":"61a2934d23f73e77378ab2e09be9d122c774a4d1399b04b0f93c667da52549201ee7a0","first_seen":"2023-03-07T01:16:44Z","last_seen":"2026-06-08T19:07:39.702783Z","times_seen":5016,"resource_available":true,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"machis-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}