{"report_id":"eb33f503-691d-480b-9e5d-70f0768a0bf6","version":6,"status":"done","tags":[],"date":"2026-05-05T03:16:54Z","url":{"schema":"http","addr":"rhewgi.com","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.174.177.171","port":0,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"rhewgi.com/","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"title":"defi mining","dom":{"size":19954,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1135)","md5":"c48cddd9f69b3e6f133b1efa26d4b332","sha1":"1bd4587fff30c3faee7a1b5738efe918ec1c7dfc","sha256":"8ec9dd59b748454f97da34601492911cf294cc5de88bb8d51a56993bd1d963c9","sha512":"c799deda4656a1cb89e0f6c74ef6d72831b61c900067311b441a3517302360b99211e8a281900429268731c5702304221af1435809ed504d668373ddb02bef7c","ssdeep":"192:DvkTC+2uJAj0/yt981oIeUZo6PAlvO/UCz4fdPYXq/H6FeDKiCy8:DvMb/yt9816EvIFUja/y","tlshash":"3192fc2058fa067b00c3a4e06e75bf1aae829707d61b9a18b6fc1bc55fd3c4bcd1b519","dom_hash":"domhash21f414f16a3ed028c41e4d450813200c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rhewgi.com","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.174.177.171","port":0,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-09T03:16:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"rhewgi.com","ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":40,"received_data":2530545,"sent_data":17273,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]}]},{"fqdn":"www.trx-tron.net","ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2022-03-12","domain_rank":0,"first_seen":"2023-11-03T15:55:14Z","last_seen":"2026-04-30T06:15:59.28015Z","alert_count":24,"request_count":12,"received_data":2713475,"sent_data":5263,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-03T22:20:33.622142Z","alert_count":0,"request_count":2,"received_data":28300,"sent_data":958,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-03T22:17:40.953609Z","alert_count":0,"request_count":3,"received_data":83001,"sent_data":1614,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rhewgi.com/js/popper.min.js","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"c2c2a94804b4373523f15597b539223f","sha1":"ccdc47e9be1cbc1a9dcb5df472051258b5ce7b54","sha256":"06ec3d753f7838a82e2a0988b8fe19c0e3a1c4adf4c1ad45d31c2cec969a16d1","sha512":"b952c53d094935bbbe054c53c459f517404253b43c2a169a4bbd9079b8b6d9c6d774d66805c7db4bfecf7437858a9368174e5335a0a8b55eb4ba5784c666e3b1","ssdeep":"768:E6R451bC9jPQ6VCK8p/bLcRpduS74Z5YRIpBpMqEHRITOlsJob0zkVXxY:105bL6vcT1Z","tlshash":"0503729e39e23070d607f07a892fec097236441b1a8ebc08794c52985f65d7c56fbee9","size":38163,"data":"","first_seen":"2025-10-07T18:38:40.50661Z","last_seen":"2026-05-05T03:18:00.16278Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"bd3899d91f0736caf008a5900e1410f4","sha1":"e24c2f1181a1111e77d5fb1081c4678b6baf9eb7","sha256":"e384e909d559359681ae0d8c27bcc6cb9445c4b98369c26bbb2106a43db3475d","sha512":"ed27e992517096f51d5da416bd34e6ce3c8cde620e60df04c2df18a4773141c5e47b91bfb6764f834db7670c42efc35b747e026be1e8beea990f226ffeffc976","ssdeep":"","tlshash":"b271a51fe1a7125404b730be6b0fb91059300257571aee047e5d97802f98b1ecba2fd7","size":3632,"data":"","first_seen":"2025-10-07T18:38:40.52232Z","last_seen":"2026-05-05T03:18:00.190443Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/wallet/init.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"06c6f934865db43eab2a205e834a1ae4","sha1":"e0dc693edeaf4334ec637141ae08b3dacb2ffb34","sha256":"c08874077e20b223649bc4c1f599c2f408f8b4e5729b4aa8b0b1f3520a24d4d5","sha512":"3b31951363e0d07bb37324a24cea9c945250a96bd56fa86ab19e720e0c8192779d1e1d53fed240444880f559ed0f3e4a3afa810612b895f49f764694c8b9dc37","ssdeep":"","tlshash":"7301d66baf19863522745884b872e77d1eb9f634e852d16c40efa4205046a9eaacac01","size":797,"data":"","first_seen":"2025-10-07T18:38:40.478145Z","last_seen":"2026-05-05T03:18:00.187105Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/wallet/web3.min.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5efb7648894d58f48d1a10b84d5b365c","sha1":"e0b333ed1e5ba94f1aa836eebceca837da49d1cd","sha256":"bb7cea8e68ab2f0e524059fb0455bb6a48f9f79ec18221302e97acc22234fd27","sha512":"15b7e1ac4485a4003421056466805c6fc12e7c23b00da676662a3bfcba407ecb4e709672fa3368be93069a30fa797dff56a5115b604e9577c56a705c80a4ce8d","ssdeep":"12288:lKO33+UPGTrTKeamsuH4EX73u1YamsVa09:lKOXG/TKeX4EX0YU/","tlshash":"b465fac47690b091c3a36aa1402f900be33efd686c4c4169b757ecf71cb9a995527f3a","size":1412367,"data":"","first_seen":"2023-05-07T19:16:40Z","last_seen":"2026-05-05T03:18:00.189633Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/js/mining.js?v=23008","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb16c1e9597bf3163f9becf7c05edd9c","sha1":"f1c85283f422a1c968bd8ec3c1c3a6bc87f1a518","sha256":"962098dc63aae4ebcb54876d0738b018afd3993a1875aee15f7832f79cc79ea0","sha512":"50cf22dcc9d0efbd90e1a1965482bf43b0e386cc2edd771db7f52ba1ea56277d2717afecd9b88bec812f30e84252049185a9bfcc477a532f881e7a5b992dea94","ssdeep":"192:Nvb913ZTbRyZLZ8HMNTXbInKjPb1r6NyMjO9t1LTckyfaGfSTrLZ8xxkzVWLx4xE:Dob0Nrey2RZRELxPQs","tlshash":"1a922f5ca5f301214473b4bc5f5ff018ae349427a119ce643e4e6bd0af88569cba2f9e","size":21255,"data":"","first_seen":"2025-10-07T18:38:40.51184Z","last_seen":"2026-05-05T03:18:00.163578Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/layui/layui.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"70ed0e8151d23de969de514bfd802a56","sha1":"569e6c1b0ac0b8efaa7dc0015b691334947a9665","sha256":"92c7997b3dce6ab2368b1bdb34ff4b67ac77957898a126c7eba452a8080bec95","sha512":"947eeb19fb055b07a191ec89625941abbdc8b2247b447dbec2e3958ebd3aabc34ac07a79c559e4752bd49bc44db77d500913aab4fae300077556e347d084b1a9","ssdeep":"3072:tVo+F//NOM0SF0Mz0pZN6TPKWjZIpYCrYtJ+8CZrcNBf4XcIiOb9:Xo+FdO3SF0Mz0Z6TfIpPS+8grcNBQcIZ","tlshash":"02543a9d758574b3237360a6406f990eb17b093daa0a8060f166d4fa2dbdc885237f7f","size":291286,"data":"","first_seen":"2023-03-07T12:09:26Z","last_seen":"2026-06-06T21:32:21.614687Z","times_seen":34585,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/wallet/wallet-api.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"7096821f02731910889eb9fac894c80d","sha1":"564f9965ef45130a8b6cbbcb6475ef62bd7c7068","sha256":"d902bd1a701a0d013c9232f51c7a925d3134ca96dc6d7d743c29112c3b24c45a","sha512":"2acdc79f33e012a284cb06c09baac8d30eb6001b2167dcf534752252a804afbcd5b43fbd389af65a74fa05ac43eac207886cd18fe18a59ab1ba225b41adf646d","ssdeep":"96:MGwN+3EGqBI7iQVGB77iQuaBj7iQg5YFBv7iQt+FBbF7iQ9qTBw7iQgxpFBk7iQ3:MGVEB2iQ8piQrJiQtFhiQ0FTiQGWiQIW","tlshash":"26919f582ba96603505275f9ac5bd02022b8f203be4c9a113e4e45e1bf6d90df6f2d9f","size":4603,"data":"","first_seen":"2025-03-04T22:38:36.33529Z","last_seen":"2026-05-05T03:18:00.187746Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/js/main.js","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"d38ea453e46555c540efce7a6b99fdc8","sha1":"9db4b968558a05242ac1cd94852f483deaeae5be","sha256":"6be4508adecebda16cb4eb34bda0e4719af9bf77a2c43815cd53222f15c2f514","sha512":"3f734078d2a5e01f3fa93c6929f36bba2e8454fbf352305277517637f7aaee9b5340236e8db00b7140f93a4302ff8c703ec830bb5f1933fd58b9e5da9b997fcc","ssdeep":"192:MzQ3z0qRNvCuCFHXqCGeiaY/afSfIsGcmiQcqqCYQqf:l5","tlshash":"b7f1ea28bcf11892647bf13a5bff5101eb3a205bd60ede14794e1b840f102a869de7da","size":7834,"data":"","first_seen":"2023-03-14T18:50:12Z","last_seen":"2026-05-05T03:18:00.181962Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/wallet/TronWeb.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"a49a3b544d4fb0d3e5b8f8ac82bfe7ac","sha1":"af6cbcdd692215a3467420c5dfc79a4f4c051390","sha256":"b823f0201db9b8b825479987bd8d4b518cc22b2c44a9aff03e779d9fb2ae7b94","sha512":"663c13a9eb5e18719addec5fb7023f02d0b622b6093a6776030692c713468068e327ee4c308d9c543f292c3e01d1831bea03f5989791ac879a29a73a0591a5fb","ssdeep":"6144:baJJTR3ZD6QzBTg2qXJX4VIvV3xHwU6n4wJPUEv90lUgHNxe/u5CNvmsVBCl:0BBEvV4cZhLyPrel5x35amsVcl","tlshash":"0ff43a8872d6f0a2479320a4043b500af27abd6d684d5868f354e8f73cb9dd9927bf35","size":725729,"data":"","first_seen":"2023-03-07T15:46:08Z","last_seen":"2026-05-11T00:09:54.171506Z","times_seen":91,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/js/vendor.js","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"c1cd3ce414316a5bd432aa9263408faa","sha1":"7e3759d409725940162f4ec4cfdac3aaefdf4311","sha256":"05cfc43afcd81458993d97f6380b5096777b1ac6394c11ef3a60655d56283140","sha512":"f5a682eb98c68abc98dff9b55a7506db4ef542b6cecbe7ac7b6bb7aac2ae092bcf0d6927f4ae9b8c91a4febf23cf2139b38a15dcb5deea35c5b1fbfdaf710ecc","ssdeep":"6144:nOFpqG9a98Hr1WGmwpU9/KvjOVlFYQ1674J:VGNWJ92jOTFYs68J","tlshash":"fca4078d7240392246eba1a5107b160bb237599db509846cb47ccede6e7cd8831bbf7c","size":472181,"data":"","first_seen":"2023-03-14T18:50:12Z","last_seen":"2026-05-05T03:18:00.162017Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/jquery/jquery.min.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-06-06T22:19:54.305072Z","times_seen":132798,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-06T22:10:52.885243Z","times_seen":687038,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/js/lang.js","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"de9ff49732f78f65f23cbcd827f238d7","sha1":"108060b057758d5a10971fcc3c3de2a553effb9e","sha256":"562813109189618147b7ec569a3300e530fd4d77aad92d1ae92b29595bd638f1","sha512":"a9eff68b0dbde3b616d531a5aca2baaab6e9b115b9f9e5bca45b51cc3c055dc07c6f17a1287eec326e05e05161988123a3ff154ffb7489bac411398419faa1fc","ssdeep":"3072:b9wHpJ6WGbBBZWBxazoMS0L2uWmQJO/fzK8rqilml9I:MpJXGb8OzoMQmN+8rqiI/I","tlshash":"d4c3a3f2199b85650056200bda4d3b0ff86f46bb7f15b2543aad06683fde40e817eb2d","size":125973,"data":"","first_seen":"2025-10-07T18:38:40.435441Z","last_seen":"2026-05-05T03:18:00.155638Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/common.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ee40834ec2d5295e16e7a0c225f5704","sha1":"0eed174e820debda946473cf93c9f455af6c9253","sha256":"7639ddc9ef5310e85db4db27a8b32c28dd75615b018ec9e96338af87f79fad83","sha512":"c45fd0b17042a59770fa544581cbc7dfe6f9f1cba0290a3efc36730108fe07068d7f4354f264e195ec51e755d1f2de9e55a0883b9bbf4c12a27ea26964c61582","ssdeep":"192:6cQbVdQttQ1aCQyiQIwdfayRKayNetXBfwIfAFH19+pA626qOqwTy4yiGiqkak0S:eOjot5wJBTkK8VouQT3pDcyp/117+F","tlshash":"e062754e28e351259163f0bd47af640871b5a147180dde10be8da2d0af9c53db6fafd8","size":14972,"data":"","first_seen":"2023-08-09T20:01:00Z","last_seen":"2026-05-05T03:18:00.15948Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-06T22:10:52.885243Z","times_seen":687038,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/wallet/wallet.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"28a3649855e9283341ff99f1ba80eb4f","sha1":"3d2c4d12a632a117cc07264ea553101d9380b222","sha256":"dc753482b21e8f9908646070a45ba8a1f567041456e672ace5f27ce42d2dcda5","sha512":"fbd6daa49cbe0fe5640647285bf7672d12fa088fac00024a42395170f2121704f667cdcb4de288a56a47210833c1b58579922bd7d02379fe51a6aef3c85502b0","ssdeep":"768:7FjDNAMzGJM6D4To3L+AKTo3L+AKTo3L+AKTo3L+AKTo3L+AKTo3L+AY0jK6gsr2:9FzG2qNNNNN/m6bgTr","tlshash":"09e32a8c1016aefe88ca6fb541cb1759e46071a3e1cc8c80789c8e79cbed55ac46e75f","size":146366,"data":"","first_seen":"2025-06-28T20:44:58.769074Z","last_seen":"2026-05-05T03:18:00.179844Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/js/add-to-homescreen.min.js","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3d3cbf9c48140e3fb42f50da2ab3872","sha1":"88f5b149bc78e23a451d681a67438d8563af22a5","sha256":"5dd9e3431e485ee54a4b204bd4d43cac0a5a4bfdab7ed6ec017922be0e8db37d","sha512":"c8529da8172a30b9c9181b51271d6b8ef76ba99e96e59fa72fde0ba3500c528dfede45d71dd5532e6938ebef8d7dd280da0c3afb68fdf8fa2c5db68d1b66ec09","ssdeep":"768:NxIVrVc8yBM+ZESguAqfE+zIieeNpKMeCym22qk5QmdE4vYArKMXvQF1q4E9drsF:NerVc8yBPC/yQMD1rK4Qt","tlshash":"9863c7c947d6223742122543db0fb6227364086b5368a4963dada47c0fd8e7c51fbefa","size":66963,"data":"","first_seen":"2025-10-07T18:38:40.448263Z","last_seen":"2026-05-05T03:18:00.184207Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"0d218435cf05846d58956005dc576dcd","sha1":"de42d121e777e9a505b0bb939701351dc76c2faf","sha256":"ffa2075c63469668f14319485e99804e54bdc9490a2c03c3b887c2ea91e4e795","sha512":"225841b5cf8707fdc66632dcf22a7541d7e0a5c27e4b83393440fd3ff3e489729519ad0eb4125d1a835b420a2ac9d50fd1e0aa596abd7aff43c34b644f18da1e","ssdeep":"","tlshash":"d7a0228baf00c0200200208820b0f2bc0a02a8088080c0bc80e8e00080002a82ec3020","size":69,"data":"","first_seen":"2024-01-10T04:16:52Z","last_seen":"2026-05-05T03:18:00.194766Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"6c1b712d1b1a30053e3ae45ac6d9f68b","sha1":"6c87ae3ecd77112166057e2d74f236279ecae00e","sha256":"b6f66b91a5cd565d812287ceea6fcea9490c6c3dc8a45041323d1b6866f48983","sha512":"705aba6ab98bb0b4babd4f92b1d19a0b678fe95e90dc1e3d71393e6a5cf9c0f654607c4a9ae4da74ce53dff03030822ceaa1bee413d997247ef4492f1d6c5066","ssdeep":"","tlshash":"e0a0228bef00c2200020b288a0b0e2bc0a02a0008080c0bc02fca002200008c2cc2020","size":68,"data":"","first_seen":"2024-01-10T04:16:52Z","last_seen":"2026-05-05T03:18:00.191178Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"15c74ad5a55c099de84be0184a872f9d","sha1":"0aec79d2bc662c417d71868a5bf040bfe192b86a","sha256":"4f21464e12a004d8b7dbdee0dd0a5a1b0d968ec72fafb2c1c89fe88098b66d46","sha512":"e91fb1f7e74e8e9b61a25230a62dfda111a2147b7c86754c1d2e346597c104bd3d918cb432e0cc5135c5b26cd02713318ab28bdb0203f282b8248dbea5a8062f","ssdeep":"","tlshash":"64a0228f8e08c02a28b0208cf033f2bc0eb23200b080c0bc88c0a200c0382c02883800","size":72,"data":"","first_seen":"2024-01-10T04:16:52Z","last_seen":"2026-05-05T03:18:00.191943Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"4a325720805d7275d6ea2ae453f60033","sha1":"491d8f861294c22a6e2f147cbd996068f8e47ce6","sha256":"7ae7d90af9132a7895eacb87169150956b4e38b5e2881418b24d326373c00662","sha512":"f4bc067aa9a0cf50ed45115303df6198628fab08681110fd3288b37f956f2206e42ca9845cf93975173426d54b60e1b6e9f6541c37c44aca4a01db60affc1ede","ssdeep":"","tlshash":"bba0029bae14c06015596488647df62d4e326a44d590c4ec48d6a04063061b4b9b2500","size":66,"data":"","first_seen":"2024-01-10T04:16:52Z","last_seen":"2026-05-05T03:18:00.192632Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"eeb5e8e88356385833ff3d959c16fac1","sha1":"c38ad5946b2721f70dcaa85a7b2f0bda7f9cc0c6","sha256":"05060fdda9a52968e2d2a6df60b2cf26bf75900273ca71510bc3f886f6cec053","sha512":"088c14adacd30f0be18c8fc6ab9bb9addf24222c41ab117e781cb3f11415738bf675b0a8089e5324953c896a6e63b549d2c908b86a3a1c930c93df7520ed0c15","ssdeep":"","tlshash":"67a0029fde44c465155464896476fa2d4a126b4495d0c5ac45e6b00052455946982500","size":61,"data":"","first_seen":"2024-01-10T04:16:52Z","last_seen":"2026-05-05T03:18:00.193376Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"472f72b3fd34f33b1a46ea39715c1e17","sha1":"e8891da5e83e61a1ac12eeef31dfa54ce39de431","sha256":"a990b83d375287881121a261997b892fb4fd3dcf1646029dc74484dd91e5b477","sha512":"37a6ad1b6ca73fdbb17e8bfaace0e2ebeab6bbe10f167ff26a3df5fcd63b4908f3b8ee8d81adb3c9bd3fee2ed54bc861f669badcaf1b1aeab5c336349edb05e4","ssdeep":"","tlshash":"49a0228faf0aca200020328830b2e23c0f22f0008080c0bc80eaa00080002882cc2c00","size":70,"data":"","first_seen":"2024-01-10T04:16:52Z","last_seen":"2026-05-05T03:18:00.194082Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"rhewgi.com/img/v2/1.png","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/v2/1.png HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:23 GMT\r\nEtag: \"68c4c74f-3da2\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:04 GMT\r\nContent-Type: image/png\r\nExpires: Fri, 29 May 2026 05:43:04 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 509603\r\nContent-Length: 15778\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10470537100651155235\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15778,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 266, 8-bit/color RGBA, non-interlaced","md5":"ef86f8200cf593c4f6356fe199c7b811","sha1":"f17c057796e0d5412b14d9fd9c8e2e53441ae93d","sha256":"11e04371daa1a9c955a8fd5b3e9956b8b6b28030272bda2a69a7b9caca72b744","sha512":"b5f8193c2bd9eb7c869b3812d1c1a9b82539a09afc57efd45e5822457457aadb26fe3571a6921d9dcd909e0dc702b2e3d8ffa294300d6ddc0d9ec9a8c2f9b8ff","ssdeep":"384:lOWOLv5qRgNnC55Pu55rGAMaDvVPAlYeh4WSlUlE:l/O9NP5AiDvVIlTh4rGE","tlshash":"90627a04f71df49ae46e12350c77b3817ea2c19e211552fe0642a4625cfc70db4e8a7d","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.173017Z","times_seen":35,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":219,"dns":0,"connect":0,"send":0,"wait":21,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/v2/9.jpg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/v2/9.jpg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:30 GMT\r\nEtag: \"68c4c756-8a49\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 09:03:57 GMT\r\nContent-Type: image/jpeg\r\nExpires: Fri, 29 May 2026 09:03:57 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 497550\r\nContent-Length: 35401\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15052078435341956479\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35401,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1429x744, components 3","md5":"d84b2a6fdcd56eb970f7d6dd6604fbda","sha1":"dcac058d9196f0092879f787d6d3cad27e90132f","sha256":"0468b9cb514ba4f6791d235925addd1d173984a9123424f2f1cf9b9391f61bfe","sha512":"9600d473cde066c0a9201d86f35abb922113fa6cbf583edc0a2b4a53b0867e167ad0b53ea263ffa57df68e78847939ad2ad4c87de89c8ff848c0860690849e88","ssdeep":"768:lyIhzzk+3C+3InnfvQzvba9YOQ05PQRHykpGr:lyIhzz/BInfvQzbOxBCHykpu","tlshash":"47f2fd035944cbd2947c82d4aa0b5fed1e873f58e8862deb10521f8f7e705a348dd6ae","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.14927Z","times_seen":35,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":212,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/v2/8.jpg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/v2/8.jpg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:29 GMT\r\nEtag: \"68c4c755-5152\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:06 GMT\r\nContent-Type: image/jpeg\r\nExpires: Fri, 29 May 2026 05:43:06 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 509601\r\nContent-Length: 20818\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14986904489718939195\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20818,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x500, components 3","md5":"52760e58dadf42aa1e3c50b36e5483ee","sha1":"7b4b47304e343c5230125025777bbb01740aabeb","sha256":"87fd31105728de03fda447c9f1b7ebb3b2e69ab1af57ea7af4bb715e45502561","sha512":"1bbb8b375e57e9f0451a2d4204ab5e5b95399cd22884d611213ef2014d1bdcb76673fd7be8626c2546f9699cfa92c6859d49ad08991b7e34bfa14fe5c3cc0bd5","ssdeep":"384:LM4ET6iZJzdQZeuMkR4xPtscorrKPhjZuHvkvqwsWKW+jzZ:LHqZF6Zezq+sFvKxKjzZ","tlshash":"ad9216574904df83f66acbe5ff936d65a7831b11e50279f218249ecf6f208a448da23c","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.175301Z","times_seen":35,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":212,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/js/popper.min.js","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /js/popper.min.js HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:21:42 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c726-9513\"\r\nServer: nginx\r\nDate: Tue, 28 Apr 2026 04:23:43 GMT\r\nContent-Type: application/javascript\r\nVary: Accept-Encoding\r\nExpires: Tue, 28 Apr 2026 16:23:43 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 600764\r\nContent-Length: 10286\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2384371911229484035\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38163,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"c2c2a94804b4373523f15597b539223f","sha1":"ccdc47e9be1cbc1a9dcb5df472051258b5ce7b54","sha256":"06ec3d753f7838a82e2a0988b8fe19c0e3a1c4adf4c1ad45d31c2cec969a16d1","sha512":"b952c53d094935bbbe054c53c459f517404253b43c2a169a4bbd9079b8b6d9c6d774d66805c7db4bfecf7437858a9368174e5335a0a8b55eb4ba5784c666e3b1","ssdeep":"768:E6R451bC9jPQ6VCK8p/bLcRpduS74Z5YRIpBpMqEHRITOlsJob0zkVXxY:105bL6vcT1Z","tlshash":"0503729e39e23070d607f07a892fec097236441b1a8ebc08794c52985f65d7c56fbee9","first_seen":"2025-10-07T18:38:40.50661Z","last_seen":"2026-05-05T03:18:00.16278Z","times_seen":29,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/wallet/init.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trx-tron.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 00:00:00 GMT","end":"Fri, 29 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7E:D1:42:EC:D1:65:1A:C4:3E:90:50:8B:48:61:77:FA:74:87:79:9A","sha256":"26:93:04:E8:D1:7A:14:A0:15:03:37:A3:D1:09:E3:BA:2A:47:9F:FF:18:97:0C:EC:56:F6:0B:C6:A7:D2:BC:68"}}},"request":{"raw":"GET /js/wallet/init.js HTTP/1.1\r\nHost: www.trx-tron.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 04 Aug 2025 09:33:13 GMT\r\ncontent-encoding: br\r\netag: \"68907e59-31d\"\r\nserver: nginx\r\ncontent-type: application/javascript\r\nexpires: Fri, 16 Jan 2026 15:39:34 GMT\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=43200\r\ncontent-length: 297\r\naccept-ranges: bytes\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\nage: 37733\r\neo-log-uuid: 8894121239568708283\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":797,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, Unicode text, UTF-8 text","md5":"06c6f934865db43eab2a205e834a1ae4","sha1":"e0dc693edeaf4334ec637141ae08b3dacb2ffb34","sha256":"c08874077e20b223649bc4c1f599c2f408f8b4e5729b4aa8b0b1f3520a24d4d5","sha512":"3b31951363e0d07bb37324a24cea9c945250a96bd56fa86ab19e720e0c8192779d1e1d53fed240444880f559ed0f3e4a3afa810612b895f49f764694c8b9dc37","ssdeep":"","tlshash":"7301d66baf19863522745884b872e77d1eb9f634e852d16c40efa4205046a9eaacac01","first_seen":"2025-10-07T18:38:40.478145Z","last_seen":"2026-05-05T03:18:00.187105Z","times_seen":36,"resource_available":true,"data":null}},"time_used":217,"timings":{"blocked":84,"dns":0,"connect":20,"send":0,"wait":23,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/layui/layui.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trx-tron.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 00:00:00 GMT","end":"Fri, 29 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7E:D1:42:EC:D1:65:1A:C4:3E:90:50:8B:48:61:77:FA:74:87:79:9A","sha256":"26:93:04:E8:D1:7A:14:A0:15:03:37:A3:D1:09:E3:BA:2A:47:9F:FF:18:97:0C:EC:56:F6:0B:C6:A7:D2:BC:68"}}},"request":{"raw":"GET /js/layui/layui.js HTTP/1.1\r\nHost: www.trx-tron.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 02 Apr 2023 03:49:39 GMT\r\ncontent-encoding: gzip\r\netag: W/\"6428fb53-471d6\"\r\nserver: nginx\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nexpires: Tue, 16 Dec 2025 12:53:13 GMT\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=43200\r\ncontent-length: 107104\r\naccept-ranges: bytes\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\nage: 23952\r\neo-log-uuid: 15983751961104192869\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":291286,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"70ed0e8151d23de969de514bfd802a56","sha1":"569e6c1b0ac0b8efaa7dc0015b691334947a9665","sha256":"92c7997b3dce6ab2368b1bdb34ff4b67ac77957898a126c7eba452a8080bec95","sha512":"947eeb19fb055b07a191ec89625941abbdc8b2247b447dbec2e3958ebd3aabc34ac07a79c559e4752bd49bc44db77d500913aab4fae300077556e347d084b1a9","ssdeep":"3072:tVo+F//NOM0SF0Mz0pZN6TPKWjZIpYCrYtJ+8CZrcNBf4XcIiOb9:Xo+FdO3SF0Mz0Z6TfIpPS+8grcNBQcIZ","tlshash":"02543a9d758574b3237360a6406f990eb17b093daa0a8060f166d4fa2dbdc885237f7f","first_seen":"2023-03-07T12:09:26Z","last_seen":"2026-06-06T21:32:21.614687Z","times_seen":34585,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/flags.png","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:28.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/flags.png HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:21:06 GMT\r\nEtag: \"68c4c702-2a2a\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:05 GMT\r\nContent-Type: image/png\r\nExpires: Fri, 29 May 2026 05:43:05 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 509603\r\nContent-Length: 10794\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9966929270609109618\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10794,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 76 x 840, 8-bit/color RGBA, non-interlaced","md5":"dbdacc12831ddf8b5305d47c584fb74a","sha1":"ee6634ee45a1a750f94dd66ef590205880e128b2","sha256":"c5204b2a035bf4bc90881cd612050212c1512b13bb21878bbe42064687f0206c","sha512":"b03cc3075bcff17104c92480acaff292edf41f49d904c95e1c39dfd0da3f67316754ba73a4f85cfb021f2254f22359b07c38d29e73c430fef0459f9f39b5d5c6","ssdeep":"192:8ShJ96qvT/3CDLoLP66ZYZSsuxjfpbLlGBegJ4rbO2XrBVLaIxkQe0aTekBTGuA:7h6nLoLPLSp2bpG8C4+w9U0TaTLA","tlshash":"d52215fcc65f3ca0e9c0ad4433906217d4410feb82b18aa8ab9d8cd865719be470dcc7","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.156455Z","times_seen":35,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/css/index.css","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /css/index.css HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:20:46 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c6ee-87d\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:04 GMT\r\nContent-Type: text/css\r\nVary: Accept-Encoding\r\nExpires: Wed, 29 Apr 2026 17:43:04 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 509603\r\nContent-Length: 760\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5578410263455798894\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2173,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"02ebc9c64b08e13de6bb1df1605c3566","sha1":"e2d70b5d6de5faee0b9a1824ca5387022baf4f17","sha256":"7044a3ed0e199420aea8dc4ac96dd6c21c20e817ffa4e91a31fb600d9f468b85","sha512":"eac8f11e0296751b34e34645b57a62083be4d28fdededf7f13b184c141d12b7311e79de440c5188b078b635a1ee2ef964c77c8284dbe39dd01b20b4762ad96a9","ssdeep":"","tlshash":"7c412161c29f0245701ae0e47d716bf7a3a84403b70e267ef6f635addf8f8948832145","first_seen":"2024-08-19T13:00:02.282308Z","last_seen":"2026-05-05T03:18:00.170091Z","times_seen":33,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":29,"dns":1,"connect":21,"send":0,"wait":21,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/custom.svg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/custom.svg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:21:04 GMT\r\nEtag: \"68c4c700-886\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:06 GMT\r\nContent-Type: image/svg+xml\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Length: 2182\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5405292392206566588\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2182,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fb4fce6a6e6acfdcdfd6d250aa526c17","sha1":"045ea186eac6ddead85cf32a3eaa58982f14da5c","sha256":"3ffd79d7a52e8880cb2109967b5b7050bde9818b0650fe334109f1989b2b245f","sha512":"d23b0422a10a00ab6be4226abceef7ca227030723636281bf166eae5491d92c8e2f2c83cd64d04bb2358d10be62a9f170a4dc1d893cdb8985799d4c16afe14bb","ssdeep":"","tlshash":"674173cc62009b80d83d5bcd8a64bf9166133cf7c48e8d6891459a5458e3bf68885b88","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.153931Z","times_seen":33,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":230,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Public+Sans:300,400,400i,500,500i,600,600i,700,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"E9:E5:B7:DA:0A:AE:59:02:EA:10:61:71:9B:52:3A:08:42:A0:67:A5","sha256":"F6:1D:CE:31:AA:9C:7B:58:1D:1D:14:96:99:B6:58:CC:FB:AE:D5:3C:F8:FB:40:E3:45:2D:4A:54:11:B4:E2:F3"}}},"request":{"raw":"GET /css?family=Public+Sans:300,400,400i,500,500i,600,600i,700,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 05 May 2026 03:16:27 GMT\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10173,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"a6595d379ae337a357874eba8a83d629","sha1":"4d5b66e572bd0f1ca58745943ead50d9b11d3184","sha256":"7720870d15a1aee7150e4dec5149d146dac770c461e8995df5bf8b62ec412138","sha512":"9de89c12fe33bfed38ae3c5dad3c70ec58681694042f8d0e0721f41b936f1c3b390010ba7dbd743c4e20145a340e2f314db02ae0a2cbab1697b8194ff3687894","ssdeep":"192:caOtOZDO9aNtNZDN9aEtEZDE9jrtrVMrkCrgrVhrkxrHrVyrkYrqrVPrkfrZrVID:caAQyaHbXayS8T0JqQ","tlshash":"d022ac91042aa610db471cc623ce7d329e4fa2617449c57c6ffe1d89acaac396334b5e","first_seen":"2025-10-07T18:38:40.429621Z","last_seen":"2026-05-05T03:18:00.181281Z","times_seen":29,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":96,"dns":1,"connect":22,"send":0,"wait":32,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/common.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trx-tron.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 00:00:00 GMT","end":"Fri, 29 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7E:D1:42:EC:D1:65:1A:C4:3E:90:50:8B:48:61:77:FA:74:87:79:9A","sha256":"26:93:04:E8:D1:7A:14:A0:15:03:37:A3:D1:09:E3:BA:2A:47:9F:FF:18:97:0C:EC:56:F6:0B:C6:A7:D2:BC:68"}}},"request":{"raw":"GET /js/common.js HTTP/1.1\r\nHost: www.trx-tron.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 18 Jul 2023 16:32:57 GMT\r\ncontent-encoding: br\r\netag: \"64b6beb9-3a97\"\r\nserver: nginx\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nexpires: Sun, 22 Feb 2026 02:04:33 GMT\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=43200\r\ncontent-length: 4930\r\naccept-ranges: bytes\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\nage: 37732\r\neo-log-uuid: 1616592735002079599\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14999,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"7ee40834ec2d5295e16e7a0c225f5704","sha1":"0eed174e820debda946473cf93c9f455af6c9253","sha256":"7639ddc9ef5310e85db4db27a8b32c28dd75615b018ec9e96338af87f79fad83","sha512":"c45fd0b17042a59770fa544581cbc7dfe6f9f1cba0290a3efc36730108fe07068d7f4354f264e195ec51e755d1f2de9e55a0883b9bbf4c12a27ea26964c61582","ssdeep":"192:6cQbVdQttQ1aCQyiQIwdfayRKayNetXBfwIfAFH19+pA626qOqwTy4yiGiqkak0S:eOjot5wJBTkK8VouQT3pDcyp/117+F","tlshash":"e062754e28e351259163f0bd47af640871b5a147180dde10be8da2d0af9c53db6fafd8","first_seen":"2023-08-09T20:01:00Z","last_seen":"2026-05-05T03:18:00.15948Z","times_seen":47,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/layui/css/modules/layer/default/loading-1.gif","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:28.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trx-tron.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 00:00:00 GMT","end":"Fri, 29 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7E:D1:42:EC:D1:65:1A:C4:3E:90:50:8B:48:61:77:FA:74:87:79:9A","sha256":"26:93:04:E8:D1:7A:14:A0:15:03:37:A3:D1:09:E3:BA:2A:47:9F:FF:18:97:0C:EC:56:F6:0B:C6:A7:D2:BC:68"}}},"request":{"raw":"GET /js/layui/css/modules/layer/default/loading-1.gif HTTP/1.1\r\nHost: www.trx-tron.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.trx-tron.net/js/layui/css/modules/layer/default/layer.css?v=3.5.1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 11 Feb 2023 11:49:26 GMT\r\netag: \"63e780c6-2bd\"\r\nserver: nginx\r\ncontent-type: image/gif\r\nexpires: Thu, 15 Jan 2026 00:53:15 GMT\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=2592000\r\ncontent-length: 701\r\naccept-ranges: bytes\r\ndate: Tue, 05 May 2026 03:16:28 GMT\r\nage: 1721369\r\neo-log-uuid: 565952417040462823\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":701,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 37 x 37","md5":"1140bc5c7863f8e54a3c2b179e640758","sha1":"49e54acbf5674212195e581848ec0d490282448f","sha256":"7c6380e9985c8e4982f41f8dba64d6b1c4a7997d0aa635d9f4bb7643ab815248","sha512":"a201e5637cdf8789ffcd3406a0ed8abf449b9e41066fb1fc4dec58b4ac42ef90e6e683aa3882c0b15b252dd33983b045f813f76bf358a7cec1110ad46165d409","ssdeep":"","tlshash":"a801d61c8450c892307c00ba01a45d6c22d5f7774dcb504fd9ec99f73eae6be0616932","first_seen":"2023-04-14T16:22:30Z","last_seen":"2026-06-03T03:51:41.568748Z","times_seen":371,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/css/imtoken.css","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /css/imtoken.css HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:20:44 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c6ec-1a87\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:02 GMT\r\nContent-Type: text/css\r\nVary: Accept-Encoding\r\nExpires: Wed, 29 Apr 2026 17:43:02 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 509605\r\nContent-Length: 1731\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3536815019254498752\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6791,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ea85c663276a6bfe8cbb08eb6f5d6d15","sha1":"c40a8d2f4d32431d8f012864fc1f3769fbb908a1","sha256":"b357b677cd1238ab1b7c38fc95b44f82bf3c5af5a722ad05c34d828d21cc79b4","sha512":"d74eb56bc56cd786396965c04e1dbdf0017cf61efaa6f9dfe19fe773c91b8f717f0d01ae0de4f4d86c16ba850ba32ef7778944bd3c626119a7600b58b64c3975","ssdeep":"96:88F7OYqvNIF7Ju8Ffr8FfFy0KOFCaFITFaVeKfkN:NF7OYqmF9u8Fj8Fk9OFBFITFaV6N","tlshash":"14e1b1d3ebb71992b41b5ae92f72db82031d508f659ac37c7f80b20ccf844a5666674c","first_seen":"2024-08-19T13:00:02.284125Z","last_seen":"2026-05-05T03:18:00.165934Z","times_seen":33,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":27,"dns":0,"connect":21,"send":0,"wait":23,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/nav/home_on.svg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/nav/home_on.svg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:14 GMT\r\nEtag: \"68c4c746-903\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:05 GMT\r\nContent-Type: image/svg+xml\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Length: 2307\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11288185777583138905\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2307,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f6de427142908e18277c88920a83ae4d","sha1":"81a1ae4fad46cfa7a50bba0462d9d02d5fd34d6d","sha256":"f24a892fd29a47f69c82a8ec62bc2250229e0055fa1dab28ff8d715d213f4e7a","sha512":"7f9b74247c7653bdd34b49f7580930d1890c52d5768a3bee54f379757dfcb2a7122fac22bc6f429aa46fc54e3784b9510346ea9baaf6b119d49600de36d57a6d","ssdeep":"","tlshash":"8c41e85bc24855b898cf53ad5f1499c02a6538ee3184d26cd0a1e9d0c8b39722d09dec","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.13831Z","times_seen":33,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":230,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/js/vendor.js","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /js/vendor.js HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:21:44 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c728-73475\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 16:47:25 GMT\r\nContent-Type: application/javascript\r\nVary: Accept-Encoding\r\nExpires: Thu, 30 Apr 2026 04:47:25 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 469742\r\nContent-Length: 155197\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16280221455743758379\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":472181,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"c1cd3ce414316a5bd432aa9263408faa","sha1":"7e3759d409725940162f4ec4cfdac3aaefdf4311","sha256":"05cfc43afcd81458993d97f6380b5096777b1ac6394c11ef3a60655d56283140","sha512":"f5a682eb98c68abc98dff9b55a7506db4ef542b6cecbe7ac7b6bb7aac2ae092bcf0d6927f4ae9b8c91a4febf23cf2139b38a15dcb5deea35c5b1fbfdaf710ecc","ssdeep":"6144:nOFpqG9a98Hr1WGmwpU9/KvjOVlFYQ1674J:VGNWJ92jOTFYs68J","tlshash":"fca4078d7240392246eba1a5107b160bb237599db509846cb47ccede6e7cd8831bbf7c","first_seen":"2023-03-14T18:50:12Z","last_seen":"2026-05-05T03:18:00.162017Z","times_seen":35,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/publicsans/v21/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:28.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/publicsans/v21/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rhewgi.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 26832\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Apr 2026 08:22:47 GMT\r\nexpires: Fri, 30 Apr 2027 08:22:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 413621\r\nlast-modified: Mon, 15 Sep 2025 16:32:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26832,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 26832, version 1.0","md5":"e4c9b081863ae33b18b6eb412185c13c","sha1":"fd76a14fbbcac582cfb04514f3d04e7594a975b5","sha256":"5ed4d31c988e73b258894244f209069ebe77dc7e564861954b21198b6de90d68","sha512":"a81562ce1e80596f124a86091aa0043a2117324070536ae34bbe888130cfd824751091e38d513b1514c8902d02587d848d7bdce5cd676092cda91d690cc216c8","ssdeep":"768:G942ZYV3MrL60NUBN4MHVss4fRitIWAQoRvTu:GPLvUB16ZfRiuWMRv6","tlshash":"fec2f1577a35e100f0546c79d1eb4db1e0d7a8287408f7046f998c53832fba9acd6ba7","first_seen":"2024-10-01T06:40:49Z","last_seen":"2026-06-06T18:05:23.374284Z","times_seen":6206,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":98,"dns":1,"connect":21,"send":0,"wait":22,"receive":21,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/css/style.css","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:20:52 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c6f4-1b932\"\r\nServer: nginx\r\nDate: Tue, 28 Apr 2026 23:04:10 GMT\r\nContent-Type: text/css\r\nVary: Accept-Encoding\r\nExpires: Wed, 29 Apr 2026 11:04:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 533537\r\nContent-Length: 21430\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12615902029387946824\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":112946,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (436)","md5":"2ce7b1e99be00b7173491a70da0bb86f","sha1":"4b4b4698c3d542f38fdd243577d3395769a705ec","sha256":"bafc2be212d5ab82943f98582cfad792c8dc96c0bf6dbe450210996b8b36c013","sha512":"8df2a9afed404e042031b7631de4267d168bfb1f2be449b14ddc30f9a06d52b277c5b1c282bab3fc5b97c62abfc1563e8ad5fbf213f1c586ca9b56a22124b5dc","ssdeep":"3072:5bFpxVfnRQH6qfKwwFXqU9v8O+9AIqZePh:5bFpxVfRQH6qfKwwFXqU9v8O+9AIqZeJ","tlshash":"5bb382e5aeb10904701bc99866c69f95f32d4093940fce7cbbee204cdf896d8916fb49","first_seen":"2024-08-19T13:00:02.283529Z","last_seen":"2026-05-05T03:18:00.145424Z","times_seen":33,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/v2/ba.png","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/v2/ba.png HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:31 GMT\r\nEtag: \"68c4c757-3450\"\r\nServer: nginx\r\nDate: Tue, 05 May 2026 03:14:32 GMT\r\nContent-Type: image/png\r\nExpires: Thu, 04 Jun 2026 03:14:32 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 115\r\nContent-Length: 13392\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17338863165386983667\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13392,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 241 x 241, 8-bit/color RGB, non-interlaced","md5":"e6299aea7bd55dfb0a7e9c494896f92d","sha1":"583cefd6ac51c8c62e2d69c1004fb318137b5dbf","sha256":"bb547087adf59bdaeb0b781678129e513011da50a6df6302d38e0f2eaf4f2093","sha512":"186f5bf074f129b0f0b9fc835318f681e2142b25c00856498e7c8e0d32ae96c0a7fd2b10538f12604ddf152facf1d82360e8384210673421c345dd13a2ef95ce","ssdeep":"384:xYnG023tDiOSb9jE8CfH3Bm9DU80KhZ87pjBBRtex:e1Rb9jlCPBm9DU80+M9w","tlshash":"1d52b0a4d22a2071f2d6f48947dc6ad2d11877f4c8bd855f27d543bf0f55dc0aab4111","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.177494Z","times_seen":35,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":272,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/js/add-to-homescreen.min.js","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /js/add-to-homescreen.min.js HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:21:25 GMT\r\nContent-Encoding: gzip\r\nEtag: \"68c4c715-10593\"\r\nServer: nginx\r\nDate: Sat, 02 May 2026 14:22:30 GMT\r\nContent-Type: application/javascript\r\nVary: Accept-Encoding\r\nExpires: Sun, 03 May 2026 02:22:30 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 81704\r\nContent-Length: 13619\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18378707205364535279\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":66963,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1611)","md5":"e3d3cbf9c48140e3fb42f50da2ab3872","sha1":"88f5b149bc78e23a451d681a67438d8563af22a5","sha256":"5dd9e3431e485ee54a4b204bd4d43cac0a5a4bfdab7ed6ec017922be0e8db37d","sha512":"c8529da8172a30b9c9181b51271d6b8ef76ba99e96e59fa72fde0ba3500c528dfede45d71dd5532e6938ebef8d7dd280da0c3afb68fdf8fa2c5db68d1b66ec09","ssdeep":"768:NxIVrVc8yBM+ZESguAqfE+zIieeNpKMeCym22qk5QmdE4vYArKMXvQF1q4E9drsF:NerVc8yBPC/yQMD1rK4Qt","tlshash":"9863c7c947d6223742122543db0fb6227364086b5368a4963dada47c0fd8e7c51fbefa","first_seen":"2025-10-07T18:38:40.448263Z","last_seen":"2026-05-05T03:18:00.184207Z","times_seen":29,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":8,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/icon/fairy.png","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/icon/fairy.png HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:21:54 GMT\r\nEtag: \"68c4c732-5471\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:04 GMT\r\nContent-Type: image/png\r\nExpires: Fri, 29 May 2026 05:43:04 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 509603\r\nContent-Length: 21617\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3197232654316076391\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21617,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 420 x 104, 8-bit/color RGB, non-interlaced","md5":"923dd58cbd681d8f687ccbf2501dc4e3","sha1":"a51b086783ff4a7d53dd171d851f756bbfe8fc8b","sha256":"ee6c54a6ad04e3344d2baca46050df6a6a10f279832eff98b56e68d80ab3adac","sha512":"789ff46746b83492e5f48b624dc50986b6f5806a487bb9ac8700667ef227839dd55d04f03aacb7e1669ed2495bf9f73ee5f1fb6fb9bbd1b0f15e995049548949","ssdeep":"384:397njCWXGhpOoh9P1r5vrZv/nBY7q7PD4MQp8R99iLI0G5hXDAl6bDxJLF5bFpY9:N7hhyFjZHn0ujQpIWc0VlsDXb/8dzn9r","tlshash":"10a2c12bdf13a5718540f1ade1f5b0ab893745c459568648b8ffce344db04ea8c0bac5","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-07T21:13:33.377692Z","times_seen":75,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":267,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/nav/mining.svg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/nav/mining.svg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:17 GMT\r\nEtag: \"68c4c749-d4b\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:05 GMT\r\nContent-Type: image/svg+xml\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Length: 3403\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8885732913084793501\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3403,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e612fac3b1854d35475d37aa17b42279","sha1":"f416fa2ddf26576420cc22dc96d0c16da3e0a627","sha256":"095896b32f242de39c8628571c4c5fa857f649a4662526935706d633c2e25266","sha512":"e396e79801788ad64a35caa8f0f49f3e5840d4785190f8a18e7b6c5196d877ba718efdc3b8a75a53df814fed362e81f3beef982636730237810fca95b4abe038","ssdeep":"","tlshash":"0f61a9b45643b45414250ffc4f8dbeccba2b78bbd4a206a96360663407526cabd2cde9","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.150447Z","times_seen":33,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":229,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/icon/chacha.png","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/icon/chacha.png HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:21:52 GMT\r\nEtag: \"68c4c730-b65\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:06 GMT\r\nContent-Type: image/png\r\nExpires: Fri, 29 May 2026 05:43:06 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 509601\r\nContent-Length: 2917\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1017736801470216975\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2917,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 16-bit/color RGBA, non-interlaced","md5":"da9bd447bf7db4a1823393dbcf23920b","sha1":"488f83a293b8fc98361e31781f630b8b70aff389","sha256":"63816084437edc72223d157218d4f7f6848a04ee12009682f58d8bdf2a4b6430","sha512":"df20901af8137923d76bee2dc7eefd63ed1c305f2252d6e883f2ea1f5a1b31b95a3e137e1f1846d6157592459acbed044ec0e970eec5e31ccc6b7a4aeaf3b277","ssdeep":"","tlshash":"8d514b97176b3840c36bd2bec53715f044a18c062832701cfad6bea4af6d7f24582d40","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.161207Z","times_seen":35,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":229,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/v2/hd_bg.png","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:28.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/v2/hd_bg.png HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/css/imtoken.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:35 GMT\r\nEtag: \"68c4c75b-25624\"\r\nServer: nginx\r\nDate: Sat, 02 May 2026 17:57:56 GMT\r\nContent-Type: image/png\r\nExpires: Mon, 01 Jun 2026 17:57:56 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 206312\r\nContent-Length: 153124\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15476449671951091955\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153124,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 640 x 360, 8-bit/color RGBA, non-interlaced","md5":"04fcc3cd6b6bdab788e4d456f499e7a2","sha1":"8c39fb9f7e8f614e580f85246ad76e27de3029ca","sha256":"2bf5d8143ee1c2e796671e62e34b476be5465a6d3ac2e61cc69d117f307788cf","sha512":"bba0b3f9bd6caedb927f8d9d7eb00d9c940d4bbb89938d90d7711e42f51950980f60b49c605f6bf5f975b6c14a87b57180096dedc54990adbec880530f7ec911","ssdeep":"3072:Y5eTd+Rr3KemKAkC1cEq25XkPfirh8rVA6VfYQwjwL35Ic81R:Y7RTKroCNq2usuaGJ3/MR","tlshash":"06e312c248bc22a163baeeb7799a4e59186310bd4cc674e05f35d76ae253c0eccd125b","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.142454Z","times_seen":35,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/css/responsive.css","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /css/responsive.css HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:20:51 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c6f3-8fd\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:03 GMT\r\nContent-Type: text/css\r\nVary: Accept-Encoding\r\nExpires: Wed, 29 Apr 2026 17:43:03 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 509604\r\nContent-Length: 737\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 582438495157730289\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2301,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c41c071484796bc48dd3c0d885f8145c","sha1":"72b5fb49969732576379409e67fed324b38a7c2d","sha256":"fddb5160d4a4ac54f8ba2b99ef588e4d3ef01e158a12f95d70aad0ee83d3b864","sha512":"30431cb27e5c4e9691697ef7171564a1f6ebce6a31383f804d1e7c0c60c8050e113b1f576528dd3aa99bf1c7578aed6dae7a9c41326ab7afde142b0a324f8149","ssdeep":"","tlshash":"04417b17bf84951cb908ca6caeae1f87f2372407a84b0c717b92519cf75816542eef0c","first_seen":"2024-08-19T13:00:02.282918Z","last_seen":"2026-05-05T03:18:00.18645Z","times_seen":33,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":27,"dns":1,"connect":22,"send":0,"wait":25,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/v2/2.jpg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/v2/2.jpg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:23 GMT\r\nEtag: \"68c4c74f-5cc6\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:05 GMT\r\nContent-Type: image/jpeg\r\nExpires: Fri, 29 May 2026 05:43:05 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 509602\r\nContent-Length: 23750\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14898006471997288324\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23750,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x278, components 3","md5":"f4ed92f8afbf0603048d5a00ffc5d33c","sha1":"79f595b1296d9dfde2de51557c01d86160a48a15","sha256":"4170ae50292716cbbe70bacb6754d8d53f85f901c7fab87dfbc886fc83b60765","sha512":"4317df37cb2c803d854c52a8743b660c251e1eb9b6ef74d902891f043059059b9ca809ee7543abfb7a880c5d8fdcef616aaef64a63bd8c1e18b9d37fb951c777","ssdeep":"384:D0bO86EvTAif7cxlezScwTuwk0d5dx5MkPuP53p5vD8uNulYjYp+V:DfwT9QxnTQAr/a53p5TQY8p+V","tlshash":"3fb24b439c05d742a62c53e1be135dac1fa31b0cd9a2a5be51260e8f3e586b34dde1bc","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.185091Z","times_seen":35,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":289,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/v2/7.jpg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/v2/7.jpg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:28 GMT\r\nEtag: \"68c4c754-3ddf\"\r\nServer: nginx\r\nDate: Tue, 05 May 2026 03:14:50 GMT\r\nContent-Type: image/jpeg\r\nExpires: Thu, 04 Jun 2026 03:14:50 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 97\r\nContent-Length: 15839\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2344304426558721329\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15839,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"File source: https://commons.wikimedia.org/wiki/File:Pkf_logo_blau.JPG\", baseline, precision 8, 640x281, components 3","md5":"daf265373398b16e29660a9faf69b818","sha1":"5de86342a5a90105610f5fb507364bc7c60327cb","sha256":"678f2247c90da36b2e9f60b88a8dc2c1ebfe071759dcc1d82a837f8437b6c1ba","sha512":"cdce5e4a6213e9a9447b3ddf4a65d70a63dccad9480a1a4c3454bb226e07315af13b19a4f9e6df42ee9ba41fc99042fb8762271f63574c2d9b95a2e98efff9c6","ssdeep":"384:AUsQ7pbVDeRR1bsovPJAA1tvgQKEvizUEAzXZfFbD4:lpbkR/syWA1tCEvoANFA","tlshash":"b162afdf37a9b027c984c17f4a6e252ba3341351b41902ae57c417e3986706eff1bc24","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.173692Z","times_seen":35,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":215,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/layui/css/modules/code.css?v=2","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trx-tron.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 00:00:00 GMT","end":"Fri, 29 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7E:D1:42:EC:D1:65:1A:C4:3E:90:50:8B:48:61:77:FA:74:87:79:9A","sha256":"26:93:04:E8:D1:7A:14:A0:15:03:37:A3:D1:09:E3:BA:2A:47:9F:FF:18:97:0C:EC:56:F6:0B:C6:A7:D2:BC:68"}}},"request":{"raw":"GET /js/layui/css/modules/code.css?v=2 HTTP/1.1\r\nHost: www.trx-tron.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 02 Apr 2023 03:49:50 GMT\r\ncontent-encoding: br\r\netag: \"6428fb5e-527\"\r\nserver: nginx\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nexpires: Sun, 21 Dec 2025 07:46:41 GMT\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=43200\r\ncontent-length: 442\r\naccept-ranges: bytes\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\nage: 23951\r\neo-log-uuid: 11183517097257539077\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1319,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1319), with no line terminators","md5":"986d0d70b033a195fc1bd1527b06993b","sha1":"69ea79bb09bddd3b988db70ef8b10be9ed0f0065","sha256":"3f27194c2e479212781a76f993b778d724ac9838e780b19472c0357cd3081431","sha512":"a3d1ffa0ba90c8ed8f1330c456760ad7098b683756f1f5d2aae6ec89502c0fe1ff6287e7b1180b9df8f50d517118b610566e9315de055d4780a230488eda10e0","ssdeep":"","tlshash":"d721493aa3852118354bf21574fcbcbca03cb1d6a5ea0eaaff416797c944c51083674f","first_seen":"2023-04-11T12:12:51Z","last_seen":"2026-06-06T21:32:21.651965Z","times_seen":34263,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/icon/mist.png","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/icon/mist.png HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:01 GMT\r\nEtag: \"68c4c739-3bfb\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:03 GMT\r\nContent-Type: image/png\r\nExpires: Fri, 29 May 2026 05:43:03 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 509604\r\nContent-Length: 15355\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2335607000825838322\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15355,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 422 x 102, 8-bit/color RGB, non-interlaced","md5":"5f1b4aac068a9265dba6de91fb5640e4","sha1":"97aaccc1f1437beffe0c4408c254365ec07b6283","sha256":"0b66f80e0beaae7d3e59b92b8602980c6fd93a311507104c25bd8ad5af509b42","sha512":"51995249ad96692bf738214acf28264580480dc936803ae9679bcfbc8d5829cd87a577e78bf8d620f64ebc081a5afe8fdbb60d88ac53bfd9e45c3cb73a4731a9","ssdeep":"384:srX7n84AvstM8QHr6gz+WZQTJfyxqWUrgQygT:K7pM8Q+gz7ZIJfCUrek","tlshash":"c162b04f7b01ed40c22e3b153aca8117e27bba80a7d0c9e06cdede012d791565e913e7","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-07T21:13:33.354199Z","times_seen":75,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":268,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/css/vendor.css","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /css/vendor.css HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:20:53 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c6f5-773f6\"\r\nServer: nginx\r\nDate: Mon, 04 May 2026 09:46:13 GMT\r\nContent-Type: text/css\r\nVary: Accept-Encoding\r\nExpires: Mon, 04 May 2026 21:46:13 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 63014\r\nContent-Length: 77622\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1420886319850670671\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":488438,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"dc87169acb59cc89c4760952e8dec1ba","sha1":"890fa6131379819d2a4401898023301aecb34372","sha256":"a419e072e47dc55c07a8e6c2e683d78b5729dd6b8eefa87100c4edadd9ac9029","sha512":"be64e3859038af223f1e2f2e4e821cd6e81c22edd92d706b5b811cfb8b8281ece7a683c780cb41415b1032026b03aee17875d0db49c7307c198412b5963cae1c","ssdeep":"6144:lsNNzleSQmuxpqaNLf85PyVA2I2sgW6Uuf:9pqaN785N2sgW6UM","tlshash":"97a4236994fb1884660ac45827df2b947328b09b891d8c6cf6cf7a4ccfc56a485d2fcd","first_seen":"2024-08-19T13:00:02.285915Z","last_seen":"2026-05-05T03:18:00.178415Z","times_seen":33,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/v2/5.jpg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/v2/5.jpg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:26 GMT\r\nEtag: \"68c4c752-380a\"\r\nServer: nginx\r\nDate: Mon, 04 May 2026 05:03:28 GMT\r\nContent-Type: image/jpeg\r\nExpires: Wed, 03 Jun 2026 05:03:28 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 79979\r\nContent-Length: 14346\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9766839500184289431\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14346,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x227, components 3","md5":"baac985738d0b95e2d5f78ed8dffaccd","sha1":"faef7b70f55db5214fe2cb87f668e8db31936e15","sha256":"655937967f5f5020c99318340a5eb3af152e18c35f394c80874801c097dd0ac9","sha512":"3458b3c0ab9d64a4bce6d712fd2b9b2d9bbaf45f54c7dcba0c192bea31939b7e449eb76a24a222e8f7c670911fa38ff37102aa8a2fd0a7058475c77fabec1185","ssdeep":"384:oYd92UzC/nOpxzvYx2Gvot9eQiqzSjtlDoNxay2amj:oY3P2/nGxcx23t9diySjwNxaZ","tlshash":"f6528db3181a4e929a2de6adfe0b16a41f093b74f4933afe00915ec776209760e5c13d","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.170821Z","times_seen":35,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":281,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/v2/6.jpg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/v2/6.jpg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:29 GMT\r\nEtag: \"68c4c755-8c9a9\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:06 GMT\r\nContent-Type: image/jpeg\r\nExpires: Fri, 29 May 2026 05:43:06 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 509601\r\nContent-Length: 575913\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13599363698739099592\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":575913,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 200x200, components 4","md5":"d40ded81b10c6763be9e22f10a719044","sha1":"5858a9c07908e1b3ff3f9147e6e016389659e500","sha256":"f745595ac23ff5b0be72ab1559717f1f84c8a0b26f99dc49d981e7beb150984c","sha512":"996f61699fc7944fee74444e3f72f4b4b38a3c1468f17f973acd8d2261e366d08facea63276046e183065ecb36d108643151be8ba0b73a9e7a5ab3a0035e69a7","ssdeep":"6144:YequwWvJbIV13s1RIw47cteq4o6dfXHB116T0BoTyN4TQF1CUyeEiaPKaMac/oy/:fEBc1RE7PzxnET/ySTy5aSJn2fWYxir","tlshash":"30c4020e61d38cd6db51e73218e6df3e85e4dd12aca1db5132fa3d5c71f6a809a43228","first_seen":"2023-05-26T06:30:10Z","last_seen":"2026-05-05T03:18:00.171589Z","times_seen":35,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":207,"dns":0,"connect":0,"send":0,"wait":24,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/nav/mine.svg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/nav/mine.svg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:15 GMT\r\nEtag: \"68c4c747-9ac\"\r\nServer: nginx\r\nDate: Mon, 04 May 2026 09:46:15 GMT\r\nContent-Type: image/svg+xml\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Length: 2476\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8900443242598572799\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2476,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2398c00b18f8ab4c937bea5b53bda23d","sha1":"76bcff82bc4a9d6286cb99fc44b1eeb781c065db","sha256":"2c162d7fbe59af6d5f8b86fd5318e1e7c0b6d89506a978fb9811ffbe56857191","sha512":"4179daf8b2889eefab8364cd02dbaf4b866c940404c6252d05c341353be3acf6e550d69973030e7586238345cabf51ebf736eca3ddcd984713f9ff29fa301c1a","ssdeep":"","tlshash":"6f51b99de394e5d1e80f83d6db5a29697e4730f69909c2ac40919c24c4f79ed0b05a4d","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.152997Z","times_seen":33,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":232,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/icon/down.png","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:28.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/icon/down.png HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/css/mystyle.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:21:54 GMT\r\nEtag: \"68c4c732-48c\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:05 GMT\r\nContent-Type: image/png\r\nExpires: Fri, 29 May 2026 05:43:05 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 509603\r\nContent-Length: 1164\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9027328524069489723\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1164,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 10, 8-bit/color RGBA, non-interlaced","md5":"0d418f1ac7ac1404fa16507cd8d9f33a","sha1":"b08935404185d8d3dea7e566afafc8098cdcce31","sha256":"f9cb7c4e5f95e155f5b67ce409f7af16a7fe1531d8cefb1c4dc34a539452ce49","sha512":"ce42a4722df373b4d83824bd4a235151f34e58ca724ce794a32d594698483a2776e46b4606b7cbc57e6d2fa868e60d86f746415816593769252f4395e4aca733","ssdeep":"","tlshash":"442100650ea0a5e2c0ce92305cd78909a9bbcd53ba45c943739cdc665f851c91d9b3cc","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.176771Z","times_seen":35,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/web/machine/siteConfig","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:28.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"POST /web/machine/siteConfig HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 11\r\nOrigin: https://rhewgi.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":11,"data":"merchantId="}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 05 May 2026 03:16:28 GMT\r\nContent-Type: application/json\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://rhewgi.com\r\nAccess-Control-Allow-Credentials: true\r\nStrict-Transport-Security: max-age=31536000\r\nTransfer-Encoding: chunked\r\nX-NWS-LOG-UUID: 4723200524901094894\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Miss\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":546,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"ca25c4adca2d0a523340299a87aa04cd","sha1":"af8757aae51f9b3e823c689c6fde7bc8a753eee5","sha256":"22ff155f2e38508b68fcf4524e56aba79148a2de6c5992d3b0aaa0faf25686d5","sha512":"cbedcd27b94a914b89bea121419a2d493e4235bc17ce184067cee9b4c03bb7c777723e3aa798ff469087f87e9c4bb2b37d89ea82bc7f1019eaf36e67102449d8","ssdeep":"","tlshash":"07f08b899abb5a12259d47c360f60914817cb4a97d45db63364d9a3980a9839a310039","first_seen":"2026-01-18T21:22:43.75082Z","last_seen":"2026-05-05T03:17:32.557942Z","times_seen":4,"resource_available":false,"data":null}},"time_used":776,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":776,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/wallet/wallet.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trx-tron.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 00:00:00 GMT","end":"Fri, 29 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7E:D1:42:EC:D1:65:1A:C4:3E:90:50:8B:48:61:77:FA:74:87:79:9A","sha256":"26:93:04:E8:D1:7A:14:A0:15:03:37:A3:D1:09:E3:BA:2A:47:9F:FF:18:97:0C:EC:56:F6:0B:C6:A7:D2:BC:68"}}},"request":{"raw":"GET /js/wallet/wallet.js HTTP/1.1\r\nHost: www.trx-tron.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 06 May 2025 00:45:23 GMT\r\ncontent-encoding: br\r\netag: \"68195ba3-23bbe\"\r\nserver: nginx\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nexpires: Fri, 19 Dec 2025 08:39:35 GMT\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=43200\r\ncontent-length: 10503\r\naccept-ranges: bytes\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\nage: 23952\r\neo-log-uuid: 359381370667935701\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146366,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (23387)","md5":"28a3649855e9283341ff99f1ba80eb4f","sha1":"3d2c4d12a632a117cc07264ea553101d9380b222","sha256":"dc753482b21e8f9908646070a45ba8a1f567041456e672ace5f27ce42d2dcda5","sha512":"fbd6daa49cbe0fe5640647285bf7672d12fa088fac00024a42395170f2121704f667cdcb4de288a56a47210833c1b58579922bd7d02379fe51a6aef3c85502b0","ssdeep":"768:7FjDNAMzGJM6D4To3L+AKTo3L+AKTo3L+AKTo3L+AKTo3L+AKTo3L+AY0jK6gsr2:9FzG2qNNNNN/m6bgTr","tlshash":"09e32a8c1016aefe88ca6fb541cb1759e46071a3e1cc8c80789c8e79cbed55ac46e75f","first_seen":"2025-06-28T20:44:58.769074Z","last_seen":"2026-05-05T03:18:00.179844Z","times_seen":38,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/icon/certik.png","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/icon/certik.png HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:21:51 GMT\r\nEtag: \"68c4c72f-2449\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:03 GMT\r\nContent-Type: image/png\r\nExpires: Fri, 29 May 2026 05:43:03 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 509604\r\nContent-Length: 9289\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7324362413125454735\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9289,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 420x102, components 3","md5":"bd18e0cb2a8a57525a20eccae7c7a725","sha1":"f18149e75f972fc3db0cc7cf385a94ce842a3d26","sha256":"e5f72352935c86dcc18e93bce5e3cd4b01c6b58234e25b1529c18d5cc588ecd5","sha512":"8c287c5e834a38be5b9bdf146809e98a80041df22601f97b9aab734fbf398e7ec5c72d13d74444a602d0bbcefb15d838963b052cb8a02ba4dd76d1329d712bd1","ssdeep":"192:8UfgdyghtQGoSYIeZyCopPh5dKs/t0wRxxdyw2EFZAwOj1p:8D1LQGoSyZABdKsl0Ed3TEj1p","tlshash":"d2127d2787179393e41812eabc53b980bf2b877dedb1265e7432648b6c183b3489c51e","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-07T21:13:33.303316Z","times_seen":75,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":271,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-05T03:16:26.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:20:40 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c6e8-4671\"\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 21:57:20 GMT\r\nContent-Type: text/html\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Length: 3660\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2902599514760694383\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]}],"data":{"size":18033,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"636b46667341578fdea190a5a64d7eb6","sha1":"f450ed85d5e62f702baa31c4889288afc7a2b73d","sha256":"37353c28dd175344fbfcc35991db743c706c2f82d819e1acf25859afcdab5c39","sha512":"a3c1d0a435fdb855bb71088b0cfaf00386cb6e9e537a458f22717bf3b6914b7269be91c5c390fc3c18a5f68c9e45c0ba810bdcbb55fae674136fd2914506168a","ssdeep":"192:vALJLjzrxZFAEj1UO/UCz4fdPYXq/H6FeDKiCyhM:vtEj6Uja/jM","tlshash":"0d82a72058fa057b00c3a5e06e756f1aae829707d62b9a18b7fc1bc51fe3c4acd1b51d","first_seen":"2025-10-07T18:38:40.498696Z","last_seen":"2026-05-05T03:18:00.147398Z","times_seen":29,"resource_available":true,"data":null}},"time_used":1845,"timings":{"blocked":916,"dns":893,"connect":9,"send":0,"wait":11,"receive":1,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/js/main.js","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /js/main.js HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:21:37 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c721-1e9a\"\r\nServer: nginx\r\nDate: Tue, 28 Apr 2026 23:03:59 GMT\r\nContent-Type: application/javascript\r\nVary: Accept-Encoding\r\nExpires: Wed, 29 Apr 2026 11:03:59 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 533548\r\nContent-Length: 1872\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5226093212732586860\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7834,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"d38ea453e46555c540efce7a6b99fdc8","sha1":"9db4b968558a05242ac1cd94852f483deaeae5be","sha256":"6be4508adecebda16cb4eb34bda0e4719af9bf77a2c43815cd53222f15c2f514","sha512":"3f734078d2a5e01f3fa93c6929f36bba2e8454fbf352305277517637f7aaee9b5340236e8db00b7140f93a4302ff8c703ec830bb5f1933fd58b9e5da9b997fcc","ssdeep":"192:MzQ3z0qRNvCuCFHXqCGeiaY/afSfIsGcmiQcqqCYQqf:l5","tlshash":"b7f1ea28bcf11892647bf13a5bff5101eb3a205bd60ede14794e1b840f102a869de7da","first_seen":"2023-03-14T18:50:12Z","last_seen":"2026-05-05T03:18:00.181962Z","times_seen":35,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/js/mining.js?v=23008","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /js/mining.js?v=23008 HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:21:38 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c722-532f\"\r\nServer: nginx\r\nDate: Tue, 28 Apr 2026 04:23:43 GMT\r\nContent-Type: application/javascript\r\nVary: Accept-Encoding\r\nExpires: Tue, 28 Apr 2026 16:23:43 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 600764\r\nContent-Length: 5450\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3620169230899543990\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21295,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"bb16c1e9597bf3163f9becf7c05edd9c","sha1":"f1c85283f422a1c968bd8ec3c1c3a6bc87f1a518","sha256":"962098dc63aae4ebcb54876d0738b018afd3993a1875aee15f7832f79cc79ea0","sha512":"50cf22dcc9d0efbd90e1a1965482bf43b0e386cc2edd771db7f52ba1ea56277d2717afecd9b88bec812f30e84252049185a9bfcc477a532f881e7a5b992dea94","ssdeep":"192:Nvb913ZTbRyZLZ8HMNTXbInKjPb1r6NyMjO9t1LTckyfaGfSTrLZ8xxkzVWLx4xE:Dob0Nrey2RZRELxPQs","tlshash":"1a922f5ca5f301214473b4bc5f5ff018ae349427a119ce643e4e6bd0af88569cba2f9e","first_seen":"2025-10-07T18:38:40.51184Z","last_seen":"2026-05-05T03:18:00.163578Z","times_seen":29,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"E9:E5:B7:DA:0A:AE:59:02:EA:10:61:71:9B:52:3A:08:42:A0:67:A5","sha256":"F6:1D:CE:31:AA:9C:7B:58:1D:1D:14:96:99:B6:58:CC:FB:AE:D5:3C:F8:FB:40:E3:45:2D:4A:54:11:B4:E2:F3"}}},"request":{"raw":"GET /css2?family=Roboto:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 05 May 2026 03:16:27 GMT\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"4c8ef72eb043b6205edde8d9e910787e","sha1":"fa8b1cd29ea6e9bd2113a33d10ab096306430f37","sha256":"0031e12119f0b0e9820611dc4e888b0decf9c9924e4b2bea291397e70105305a","sha512":"80bf1edac61df533f32176b490302e90a6213b72b5ea335092fa25128a4229cc7967e5c4cdc6cec06c923335260d0ecb779fad1b36a26ff616b4eb4465e34e7f","ssdeep":"384:89fM919W969yh9/qY4X9N9t9i9fD9O9d9B9ya9/qY4Q9G9m949fd9k9D939yQ9/O:8yjooYhREHPM5svvYaR7AIWP2ZZYQRVs","tlshash":"8c721fa1041744009b838ce223cebf35fe1f52117142d0b5abfd9b6baddbca6526936d","first_seen":"2026-02-19T23:44:13.889102Z","last_seen":"2026-06-06T22:21:45.848681Z","times_seen":4176,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":116,"dns":1,"connect":22,"send":0,"wait":35,"receive":0,"ssl":91},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/v2/ba.png","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:28.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/v2/ba.png HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:31 GMT\r\nEtag: \"68c4c757-3450\"\r\nServer: nginx\r\nDate: Sat, 02 May 2026 17:57:56 GMT\r\nContent-Type: image/png\r\nExpires: Mon, 01 Jun 2026 17:57:56 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 206312\r\nContent-Length: 13392\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16568977140995193338\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13392,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 241 x 241, 8-bit/color RGB, non-interlaced","md5":"e6299aea7bd55dfb0a7e9c494896f92d","sha1":"583cefd6ac51c8c62e2d69c1004fb318137b5dbf","sha256":"bb547087adf59bdaeb0b781678129e513011da50a6df6302d38e0f2eaf4f2093","sha512":"186f5bf074f129b0f0b9fc835318f681e2142b25c00856498e7c8e0d32ae96c0a7fd2b10538f12604ddf152facf1d82360e8384210673421c345dd13a2ef95ce","ssdeep":"384:xYnG023tDiOSb9jE8CfH3Bm9DU80KhZ87pjBBRtex:e1Rb9jlCPBm9DU80+M9w","tlshash":"1d52b0a4d22a2071f2d6f48947dc6ad2d11877f4c8bd855f27d543bf0f55dc0aab4111","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.177494Z","times_seen":35,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/jquery/jquery.min.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trx-tron.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 00:00:00 GMT","end":"Fri, 29 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7E:D1:42:EC:D1:65:1A:C4:3E:90:50:8B:48:61:77:FA:74:87:79:9A","sha256":"26:93:04:E8:D1:7A:14:A0:15:03:37:A3:D1:09:E3:BA:2A:47:9F:FF:18:97:0C:EC:56:F6:0B:C6:A7:D2:BC:68"}}},"request":{"raw":"GET /js/jquery/jquery.min.js HTTP/1.1\r\nHost: www.trx-tron.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 02 Apr 2023 03:49:38 GMT\r\ncontent-encoding: gzip\r\netag: W/\"6428fb52-15851\"\r\nserver: nginx\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nexpires: Tue, 16 Dec 2025 12:53:13 GMT\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=43200\r\ncontent-length: 34489\r\naccept-ranges: bytes\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\nage: 23952\r\neo-log-uuid: 8611395617703511116\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":88145,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-06-06T22:19:54.305072Z","times_seen":132798,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/publicsans/v21/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:28.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/publicsans/v21/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rhewgi.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 26832\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Apr 2026 08:22:47 GMT\r\nexpires: Fri, 30 Apr 2027 08:22:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 413621\r\nlast-modified: Mon, 15 Sep 2025 16:32:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26832,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 26832, version 1.0","md5":"e4c9b081863ae33b18b6eb412185c13c","sha1":"fd76a14fbbcac582cfb04514f3d04e7594a975b5","sha256":"5ed4d31c988e73b258894244f209069ebe77dc7e564861954b21198b6de90d68","sha512":"a81562ce1e80596f124a86091aa0043a2117324070536ae34bbe888130cfd824751091e38d513b1514c8902d02587d848d7bdce5cd676092cda91d690cc216c8","ssdeep":"768:G942ZYV3MrL60NUBN4MHVss4fRitIWAQoRvTu:GPLvUB16ZfRiuWMRv6","tlshash":"fec2f1577a35e100f0546c79d1eb4db1e0d7a8287408f7046f998c53832fba9acd6ba7","first_seen":"2024-10-01T06:40:49Z","last_seen":"2026-06-06T18:05:23.374284Z","times_seen":6206,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":73,"dns":1,"connect":8,"send":0,"wait":38,"receive":12,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/wallet/wallet-api.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trx-tron.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 00:00:00 GMT","end":"Fri, 29 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7E:D1:42:EC:D1:65:1A:C4:3E:90:50:8B:48:61:77:FA:74:87:79:9A","sha256":"26:93:04:E8:D1:7A:14:A0:15:03:37:A3:D1:09:E3:BA:2A:47:9F:FF:18:97:0C:EC:56:F6:0B:C6:A7:D2:BC:68"}}},"request":{"raw":"GET /js/wallet/wallet-api.js HTTP/1.1\r\nHost: www.trx-tron.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 12 Feb 2025 10:09:07 GMT\r\ncontent-encoding: gzip\r\netag: W/\"67ac7343-11fb\"\r\nserver: nginx\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nexpires: Tue, 16 Dec 2025 20:45:42 GMT\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=43200\r\ncontent-length: 1022\r\naccept-ranges: bytes\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\nage: 41453\r\neo-log-uuid: 10883369524330943235\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4603,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"7096821f02731910889eb9fac894c80d","sha1":"564f9965ef45130a8b6cbbcb6475ef62bd7c7068","sha256":"d902bd1a701a0d013c9232f51c7a925d3134ca96dc6d7d743c29112c3b24c45a","sha512":"2acdc79f33e012a284cb06c09baac8d30eb6001b2167dcf534752252a804afbcd5b43fbd389af65a74fa05ac43eac207886cd18fe18a59ab1ba225b41adf646d","ssdeep":"96:MGwN+3EGqBI7iQVGB77iQuaBj7iQg5YFBv7iQt+FBbF7iQ9qTBw7iQgxpFBk7iQ3:MGVEB2iQ8piQrJiQtFhiQ0FTiQGWiQIW","tlshash":"26919f582ba96603505275f9ac5bd02022b8f203be4c9a113e4e45e1bf6d90df6f2d9f","first_seen":"2025-03-04T22:38:36.33529Z","last_seen":"2026-05-05T03:18:00.187746Z","times_seen":33,"resource_available":true,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":19,"send":0,"wait":24,"receive":0,"ssl":86},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/nav/product.svg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/nav/product.svg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:19 GMT\r\nEtag: \"68c4c74b-18a3\"\r\nServer: nginx\r\nDate: Mon, 04 May 2026 09:46:15 GMT\r\nContent-Type: image/svg+xml\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Length: 6307\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10549182876199740735\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6307,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"62748befad66320102c6d6049170ee3a","sha1":"d0b48d3acce12ff8b83d703532316542bf588e68","sha256":"21efe2d79d955e5ef5c969346de8a4be5ac2d334514f1165c5caba828adc8a27","sha512":"8233cfa4bd4612b3f87803d2f79bd25ba94d9d037e8b041468ea067cbd5b26bb5844ee6cfe1e50992366dc58f35fe2ecf261a68794adfdb46eb0618de4184dc2","ssdeep":"96:LBdqpfAyGrAvCjfOiPQoPaTurOEqYFSu+nDRxOpEo9UMLUQNm:LjqpfosXOeuVYuC9xWEo9ULQNm","tlshash":"a4d1ab859b4ce9e4e65351b1fd0f2f0c9215284765c5ecff8a83bd4499c78faaa088c7","first_seen":"2024-08-19T13:00:02.310399Z","last_seen":"2026-05-05T03:18:00.144096Z","times_seen":33,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":244,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/js/lang.js","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /js/lang.js HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:21:34 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c71e-1ec47\"\r\nServer: nginx\r\nDate: Tue, 28 Apr 2026 04:23:43 GMT\r\nContent-Type: application/javascript\r\nVary: Accept-Encoding\r\nExpires: Tue, 28 Apr 2026 16:23:43 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 600763\r\nContent-Length: 41427\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15358079081603338032\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":126023,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (1406)","md5":"de9ff49732f78f65f23cbcd827f238d7","sha1":"108060b057758d5a10971fcc3c3de2a553effb9e","sha256":"562813109189618147b7ec569a3300e530fd4d77aad92d1ae92b29595bd638f1","sha512":"a9eff68b0dbde3b616d531a5aca2baaab6e9b115b9f9e5bca45b51cc3c055dc07c6f17a1287eec326e05e05161988123a3ff154ffb7489bac411398419faa1fc","ssdeep":"3072:b9wHpJ6WGbBBZWBxazoMS0L2uWmQJO/fzK8rqilml9I:MpJXGb8OzoMQmN+8rqiI/I","tlshash":"d4c3a3f2199b85650056200bda4d3b0ff86f46bb7f15b2543aad06683fde40e817eb2d","first_seen":"2025-10-07T18:38:40.435441Z","last_seen":"2026-05-05T03:18:00.155638Z","times_seen":29,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":22,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/wallet/TronWeb.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trx-tron.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 00:00:00 GMT","end":"Fri, 29 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7E:D1:42:EC:D1:65:1A:C4:3E:90:50:8B:48:61:77:FA:74:87:79:9A","sha256":"26:93:04:E8:D1:7A:14:A0:15:03:37:A3:D1:09:E3:BA:2A:47:9F:FF:18:97:0C:EC:56:F6:0B:C6:A7:D2:BC:68"}}},"request":{"raw":"GET /js/wallet/TronWeb.js HTTP/1.1\r\nHost: www.trx-tron.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 10 Oct 2023 16:43:09 GMT\r\ncontent-encoding: gzip\r\netag: \"65257f1d-b12e1\"\r\nserver: nginx\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nexpires: Thu, 18 Dec 2025 01:40:48 GMT\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=43200\r\ncontent-length: 243257\r\naccept-ranges: bytes\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\nage: 23952\r\neo-log-uuid: 1746113760892013619\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":725729,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"abaca054d61c258df25e736a145c8673","sha1":"d67b93870dbc0a762420469c16fd28cd11158462","sha256":"13ac10a9c04905d1641c0c679ef02c5e5652574049df12a0c07dd937217d201c","sha512":"16c200b877058ce6d42cd29895ee3066921d9ceae7d9c58b89b72bf7b71568dcb80d8b6515053d8e5dfe39d49e5afcf26c4619879f19d69819505728ed5da78f","ssdeep":"6144:baJJTR3ZD6QzBTg2qXJX4VIvV3xHwU6n4wJPUEv9ilUgHNxe/u5CNvmsVBCl:0BBEvV4cZhLyPrUl5x35amsVcl","tlshash":"95f42a8872d6f0a2479320a4043b500af27aad6d684d586cf354e8f73cb9dd9927bf35","first_seen":"2026-05-05T03:15:52.817828Z","last_seen":"2026-05-05T03:17:06.01011Z","times_seen":2,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/layui/css/modules/layer/default/layer.css?v=3.5.1","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trx-tron.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 00:00:00 GMT","end":"Fri, 29 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7E:D1:42:EC:D1:65:1A:C4:3E:90:50:8B:48:61:77:FA:74:87:79:9A","sha256":"26:93:04:E8:D1:7A:14:A0:15:03:37:A3:D1:09:E3:BA:2A:47:9F:FF:18:97:0C:EC:56:F6:0B:C6:A7:D2:BC:68"}}},"request":{"raw":"GET /js/layui/css/modules/layer/default/layer.css?v=3.5.1 HTTP/1.1\r\nHost: www.trx-tron.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 11 Feb 2023 11:49:24 GMT\r\ncontent-encoding: br\r\netag: \"63e780c4-37bf\"\r\nserver: nginx\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nexpires: Sun, 21 Dec 2025 07:46:41 GMT\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=43200\r\ncontent-length: 2820\r\naccept-ranges: bytes\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\nage: 23951\r\neo-log-uuid: 12339270364705919984\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14271,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14271), with no line terminators","md5":"c234eb06d5f32055092294e78957f17d","sha1":"f15ee0bcb9694f32f5e1d524f2653aa0dd043402","sha256":"5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540","sha512":"3f06b51116d7f8026d81c7eb6a3c4d871462d09fe0a5b8cc8b7feaf20cbc88b0b6a545f0ec7cbc17566a9ff609405f58fad6eddfb3a8b3f6d530ede8fa3fad5c","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXi0nMLPD2OtLzAyPHL/LztJDzyv2OQ7KGx1j9d2/nWUU:1ELr2Otzrzzt42OQ7KGx1j8WUq4S3cU","tlshash":"f75242e144911299b0278721d6dc7eba32f88d43e5630caef2573c1f874c6dba2b6647","first_seen":"2023-03-10T11:40:20Z","last_seen":"2026-06-06T21:32:21.69735Z","times_seen":53164,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/css/mystyle.css","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /css/mystyle.css HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:20:49 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c6f1-8886\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:03 GMT\r\nContent-Type: text/css\r\nVary: Accept-Encoding\r\nExpires: Wed, 29 Apr 2026 17:43:03 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 509604\r\nContent-Length: 6589\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13971839106887589553\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34950,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"90543d0f339a11e436171ca17b1cfa9c","sha1":"50cb4b323edc40f6d3dded1d2e0c6097b8dcf628","sha256":"17a0a97e763add8cd4a8b2aa058a364a2af3e78a688e91b7270da0ccbd046722","sha512":"73a9d1eb7b9001d3c3c53d089fe495b531f613e4aedcf65debf464de29009768682611ee6e7995a1441b14aaa828a42898a6bb5e89dc7f820acbdc635f0a32bc","ssdeep":"384:l4QFgaqfngFfgD+bFzklm+5sxF7fZOF0si2m:l4QFgHhDqFwDWFcF62m","tlshash":"53f2efa39b7b6644b859ccba7f266b5a130d444f220bc138bfc1764ccf850d956a6bcc","first_seen":"2024-08-19T13:00:02.281668Z","last_seen":"2026-05-05T03:18:00.15734Z","times_seen":33,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":27,"dns":1,"connect":22,"send":0,"wait":24,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/v2/3.png","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/v2/3.png HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:24 GMT\r\nEtag: \"68c4c750-42fb\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:06 GMT\r\nContent-Type: image/png\r\nExpires: Fri, 29 May 2026 05:43:06 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 509601\r\nContent-Length: 17147\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12411218301620708079\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17147,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced","md5":"3afa7498b981e090fe0ed0006e09b705","sha1":"36b59369037e29b890000fb955ec6785dd2ffd93","sha256":"25f8b2bbe9ec359f934e3bcdb59d9da85a4eb1c102c71726cb2f89fb16439395","sha512":"8542ed4aae785f27fc66affdae92ce7444a10af5e5c94e087ad03dabe3c36d54244a8d116d78efab96f0af5f1e03617367f5d448de930dd66edaa8312985ceb6","ssdeep":"192:4MmrUPsknD7Ue/4yDH7RuQDx7uVPoViLRgB7LvTGupsd8PrmJIiVssvKPbuAeZ+u:4R4PskD7V7UVWiLR85sIiUPbg+r6","tlshash":"8972d0d6f698ad27d1218b3c0d03b60cbcd26290067779427e0b1ddfe4b538eaa924d6","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.136308Z","times_seen":35,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":207,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/nav/pact.svg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/nav/pact.svg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:18 GMT\r\nEtag: \"68c4c74a-619\"\r\nServer: nginx\r\nDate: Mon, 04 May 2026 09:46:15 GMT\r\nContent-Type: image/svg+xml\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Length: 1561\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11592671643779270131\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1561,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"98d0a5b4500b3e21fb6047b2b4aa5d2a","sha1":"77663d4152ee8b3f7f58c2800fb249983ea26100","sha256":"8bf50f14dc6145499a3e4b95af2945c203f1ba08dfd190ec195a67f883c9cae1","sha512":"955c657d9ad243ef9e6cad47ee8ed8a584da8b2079b82bb7c0dc1e871dc3d5d16c8afd3000075fc1d565e444132672861eedf915ffb59882771a4eb63237086a","ssdeep":"","tlshash":"4f3149c8e325a3b4de48d31749b424be692b20cd4e6615284acfcd2afee16de084409d","first_seen":"2024-08-19T13:00:02.309158Z","last_seen":"2026-05-05T03:18:00.151705Z","times_seen":33,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":218,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/wallet/web3.min.js","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trx-tron.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 00:00:00 GMT","end":"Fri, 29 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7E:D1:42:EC:D1:65:1A:C4:3E:90:50:8B:48:61:77:FA:74:87:79:9A","sha256":"26:93:04:E8:D1:7A:14:A0:15:03:37:A3:D1:09:E3:BA:2A:47:9F:FF:18:97:0C:EC:56:F6:0B:C6:A7:D2:BC:68"}}},"request":{"raw":"GET /js/wallet/web3.min.js HTTP/1.1\r\nHost: www.trx-tron.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 10 Oct 2023 16:43:12 GMT\r\ncontent-encoding: gzip\r\netag: \"65257f20-158d0f\"\r\nserver: nginx\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nexpires: Thu, 18 Dec 2025 01:40:48 GMT\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=43200\r\ncontent-length: 391490\r\naccept-ranges: bytes\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\nage: 16030\r\neo-log-uuid: 4945961575436604885\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1412367,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63688)","md5":"728afad9e9cfa7e73627910c970e35cc","sha1":"3bbabed8f10da63f27f3049aec67e0d311e27e04","sha256":"a14b5b9a0a919603ac90e0be0af6745d8b2a630ef36f9f7a74c675c1d20c35d0","sha512":"95cf874b204beb83c73ed8f03b73388a62dee5cdd48af90bab45b924b443655a3381c8380f29f1f384726a33e8afe1bff68ea2c3287c7728b3e572af277ac919","ssdeep":"6144:p0wjJAm/ZgZzvLcPpMtjwV33+ctnM5VeDrAvnhYd2MLIpXBKhICNvmsFcca4EhlZ:lKO33+UPGTrTKeamsuH4Ed","tlshash":"3325f9c47691b091c3a365a1406f900fe33ebd682c4c4168f756ecf72cb9a99552bf3a","first_seen":"2025-07-27T10:34:08.230801Z","last_seen":"2026-05-05T03:18:00.164333Z","times_seen":37,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.trx-tron.net/js/layui/css/modules/laydate/default/laydate.css?v=5.3.1","fqdn":"www.trx-tron.net","domain":"trx-tron.net","tld":"net"},"ip":{"addr":"43.169.14.138","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trx-tron.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 00:00:00 GMT","end":"Fri, 29 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7E:D1:42:EC:D1:65:1A:C4:3E:90:50:8B:48:61:77:FA:74:87:79:9A","sha256":"26:93:04:E8:D1:7A:14:A0:15:03:37:A3:D1:09:E3:BA:2A:47:9F:FF:18:97:0C:EC:56:F6:0B:C6:A7:D2:BC:68"}}},"request":{"raw":"GET /js/layui/css/modules/laydate/default/laydate.css?v=5.3.1 HTTP/1.1\r\nHost: www.trx-tron.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 11 Feb 2023 11:49:21 GMT\r\ncontent-encoding: gzip\r\netag: W/\"63e780c1-1cc5\"\r\nserver: nginx\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 16:27:56 GMT\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=43200\r\ncontent-length: 1924\r\naccept-ranges: bytes\r\ndate: Tue, 05 May 2026 03:16:27 GMT\r\nage: 23951\r\neo-log-uuid: 6093703970813513898\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7365,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7365), with no line terminators","md5":"e9078eef34fe9a44e44bdd55b48fdc55","sha1":"73ef00229810ee179915661786d9b66b7fc2d568","sha256":"ab9dbdf922a26509951347fcfa83704d86afd2df855c827740c23df72fd8ab3f","sha512":"dbf200ca6effc6bee2f7e8f516dafe6b25fa66093f19fff117a8bd87732a3ca0206480319d5f733eb07d18f564cba1dfc6143587cbc5ea1d5d370948d8ab3921","ssdeep":"96:7OyDQi4ijYyC43i7hlVVZ4LyLk5bYsBE2rBOB:7OQQfyPCoiFVqHbrBE2rBA","tlshash":"45e1cc71b1542cd4702bc222b4a87cbfaef8dc02dae3265ce5b8621b85c15b7957d34b","first_seen":"2023-04-11T12:12:51Z","last_seen":"2026-06-06T22:56:08.033123Z","times_seen":34221,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"www.trx-tron.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/css/add-to-homescreen.min.css","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /css/add-to-homescreen.min.css HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:20:43 GMT\r\nContent-Encoding: gzip\r\nEtag: W/\"68c4c6eb-3746\"\r\nServer: nginx\r\nDate: Wed, 29 Apr 2026 05:43:02 GMT\r\nContent-Type: text/css\r\nVary: Accept-Encoding\r\nExpires: Wed, 29 Apr 2026 17:43:02 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 509605\r\nContent-Length: 2603\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8344340020792726854\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14150,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"2147e7d2d1b3625e5f75538b76516494","sha1":"6d4f3b779d22a261332f36aca3de0d1637b4746c","sha256":"f8f2af0c71820154576549dd653e5e5977352657d01d626ccce6f2dfc6ba6747","sha512":"e501c52639949f943825617574723f7ead95c2fd43af63912b872811756ab209a3dd00d62766dc8d36f566ebc3cbf168492cdde39610108e12857b9c24af236d","ssdeep":"384:lvY84GXfiFTNHflikWbfhBHOlCF7cnMnF7ou7ydl:lvY84GXfiFThflikWbfhBHOlCF7cnMnu","tlshash":"4152028d4ee80218fbfaa00e38c24aaa27b9e543e735fe7a75b6508ced540f4121c745","first_seen":"2025-06-28T20:44:58.794256Z","last_seen":"2026-05-05T03:18:00.148317Z","times_seen":31,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":29,"dns":2,"connect":21,"send":0,"wait":21,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/img/v2/4.jpg","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.152.140.76","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /img/v2/4.jpg HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 13 Sep 2025 01:22:25 GMT\r\nEtag: \"68c4c751-1dd5a\"\r\nServer: nginx\r\nDate: Sat, 02 May 2026 17:57:55 GMT\r\nContent-Type: image/jpeg\r\nExpires: Mon, 01 Jun 2026 17:57:55 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=2592000\r\nAge: 206311\r\nContent-Length: 122202\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11195341218040887352\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":122202,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2560x1060, components 3","md5":"3445d598f55d82cb1bbe990495507d88","sha1":"319fbcf7ae1fcce2bd66b706c86fab870e58f2c9","sha256":"853d99cea5cad19df9fba75f5d95a13865467604b0208d67ba03bff0d3f29c38","sha512":"e7b28ef4815b9b9651e4d23dcc1103eb81b98571eb3bb802f6d868f8af1b0ab9d5f5ecc2894bc540a866ee9477db9c1976ae93310fff6d547169bc214e317269","ssdeep":"1536:Lyp2PpPpPpPHPF1JKXw/efhFWQug4nzj1dZ5lQ13wXdL4AOH4SPSjd:e8xxxvF1J0w+XWjzjhA1AtLrSPSjd","tlshash":"9cc3f7139c08db83646843e4be571ead6f0a6b1ce5923aff05525ecf3e611225dde02e","first_seen":"2023-05-23T14:38:53Z","last_seen":"2026-05-05T03:18:00.180529Z","times_seen":35,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":268,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rhewgi.com/pwa/index.js","fqdn":"rhewgi.com","domain":"rhewgi.com","tld":"com"},"ip":{"addr":"43.175.169.141","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:27.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rhewgi.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:12:34 GMT","end":"Fri, 31 Jul 2026 05:12:33 GMT"},"fingerprint":{"sha1":"87:17:67:3E:0B:79:8D:D2:88:7B:7A:6B:E5:54:18:3E:39:0A:39:29","sha256":"57:BD:B6:E5:5E:D4:23:B4:5B:EF:68:6A:21:05:E1:34:DB:08:FF:A2:42:C6:5A:5F:75:B8:BB:8A:0E:0C:6A:9F"}}},"request":{"raw":"GET /pwa/index.js HTTP/1.1\r\nHost: rhewgi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rhewgi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 26 Mar 2025 04:21:52 GMT\r\nEtag: \"67e380e0-0\"\r\nServer: nginx\r\nDate: Tue, 28 Apr 2026 04:23:43 GMT\r\nContent-Type: application/javascript\r\nExpires: Tue, 28 Apr 2026 16:23:43 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=43200\r\nAge: 600764\r\nContent-Length: 0\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12764065296691130576\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T22:09:47.054277Z","times_seen":16193308,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/publicsans/v21/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rhewgi.com/","date":"2026-05-05T03:16:28.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/publicsans/v21/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rhewgi.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 26832\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Apr 2026 08:22:47 GMT\r\nexpires: Fri, 30 Apr 2027 08:22:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 413621\r\nlast-modified: Mon, 15 Sep 2025 16:32:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26832,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 26832, version 1.0","md5":"e4c9b081863ae33b18b6eb412185c13c","sha1":"fd76a14fbbcac582cfb04514f3d04e7594a975b5","sha256":"5ed4d31c988e73b258894244f209069ebe77dc7e564861954b21198b6de90d68","sha512":"a81562ce1e80596f124a86091aa0043a2117324070536ae34bbe888130cfd824751091e38d513b1514c8902d02587d848d7bdce5cd676092cda91d690cc216c8","ssdeep":"768:G942ZYV3MrL60NUBN4MHVss4fRitIWAQoRvTu:GPLvUB16ZfRiuWMRv6","tlshash":"fec2f1577a35e100f0546c79d1eb4db1e0d7a8287408f7046f998c53832fba9acd6ba7","first_seen":"2024-10-01T06:40:49Z","last_seen":"2026-06-06T18:05:23.374284Z","times_seen":6206,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":77,"dns":1,"connect":8,"send":0,"wait":49,"receive":8,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}