{"report_id":"fa7f8f14-5ba8-4fd0-9615-456a1611b891","version":6,"status":"done","tags":[],"date":"2026-03-21T17:34:03Z","url":{"schema":"http","addr":"prvr-reward.xyz","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"prvr-reward.xyz/","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"title":"PRVX | Distribution","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"prvr-reward.xyz","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-25T17:34:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"prvr-reward.xyz","ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-20","domain_rank":0,"first_seen":"2026-03-21T17:34:05.624006Z","last_seen":"2026-03-21T17:34:05.624006Z","alert_count":20,"request_count":20,"received_data":5363413,"sent_data":9534,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-15T22:16:12.279722Z","alert_count":0,"request_count":3,"received_data":148101,"sent_data":1665,"comment":"","tags":null,"fingerprints":null},{"fqdn":"presale.alexbeckertoken.cc","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-09-02","domain_rank":0,"first_seen":"2024-10-20T20:21:41.614725Z","last_seen":"2026-03-12T20:03:09.136309Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":461,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-15T22:19:58.945817Z","alert_count":0,"request_count":1,"received_data":10794,"sent_data":474,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"prvr-reward.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"82da2d0c3f18651b6d476b13a3c83db9","sha1":"b37478c30ec1a8cdfa75864e00b89ea4ecf26b11","sha256":"e5d24eb7c529c5be14d30383dda3ce6c9347b47a51d3da8158809eadae1d447b","sha512":"0892f5054d5fbb6f60b23af0c4c1448508d110e9cb0c6f887678e3c08a382af7a251bc56ad4da2b919c00306af5a743d02ee4cd66c31bf68d7eed50ffd2a5100","ssdeep":"384:aDr4B4E+8rR4BrfTo/J8mnC4X1PLwwotkc1zqEYgWsgs0dkCXbi7C5/TQUV8lDWE:aDrM4BrTeJxFpLVotksO/sCcuNF85WE","tlshash":"43d2d7ca3de6ba68937974f0586b30e673bdac8534446508c201f8f5bc217289b6bf5d","size":28432,"data":"","first_seen":"2026-03-21T16:57:47.700877Z","last_seen":"2026-03-21T17:34:26.993323Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/123/saved_resource(1).html","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a9e3f632be9238b847fcbe67c3abb41a","sha1":"72f916b7074574967321c4467aeaf54daed2ed0d","sha256":"8647e955556a870555f00cb33aceaf2c7d4eff3d4ad1456ecd30949cc9010fc7","sha512":"9e80458fe22fba7558288cf13e075cb38eea93aa88e83b35ad9045f96b7bc3663fe2e08414f8e7f55cb32fa8f06e118a3c10483f2a90c5a426a908dcb19628f3","ssdeep":"","tlshash":"b7d0a7a62c758d3067a8025f61b7d394266165906a12a60081ddcc3a5f20fd344f1a9c","size":236,"data":"","first_seen":"2024-12-13T17:42:20.448064Z","last_seen":"2026-06-09T03:33:23.056069Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/dff7d5f6-378f-4fca-b5fb-bee9e639424e","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"7df73988252e4e56e97ba60a379b1adb","sha1":"71fcb419a05752a6816ec8cb8d6ff66f2b286575","sha256":"795b58fa3e79ac5f0fe3f40fd1a8780febc568757a02fb88cece17317ec0a0d3","sha512":"76bbb9908159d4a89749d84c7cfc019cebaecb2a738e68d09f3e7194cd362e8991548472274377a2b829abdeccdd6a077443dca3c4c9f205ccf78d4a3568702e","ssdeep":"768:FVX6Xl2NCM1idz41CAr7cC2Iq5a87XZUXfl2rsi14UcCs+Wl4:FVLCl","tlshash":"6ca333131cbe346b048f4b63f5295e47af5ffa43da16624cb2bc26852fb7d56c982204","size":107243,"data":"","first_seen":"2025-12-16T18:55:46.047375Z","last_seen":"2026-06-12T10:52:23.92013Z","times_seen":454,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/chunk.47.2ghauuvt.js","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eba5611ba4b706a4c1365a8508e69a6b","sha1":"7a2f80031985324b767c45b339b355d2626b4969","sha256":"89dd870a32f56331493537a930be9ecc95233edd06ac7f0b63e8cb112bb48a70","sha512":"7e8ee792d304e324dcc72c2ebb949b177407f52bdf7e5ce7a65627d257a0e2e066b5775657b8633fcb1f95ac277565a8c124acf14858652a502ad2612f6eed4e","ssdeep":"1536:dmO9IPeLqG8cAxHnihJ4MqEWJVoNqf3yyWx+:dmO9IPAacKHiXf0oO39","tlshash":"d41461e5db87c0ac8d5910ded473f841e0685927ce6cf493aa6edec27519f22808b17b","size":208305,"data":"","first_seen":"2026-02-16T15:03:14.731838Z","last_seen":"2026-03-21T18:07:36.565724Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6195e50b8549b1f808f3930656233a5d","sha1":"09d735de888484534a9ef43a43e295ce728670c0","sha256":"3643aebb306a21d1053729c91ccb3095987d6ce7be1c3a01d8e2452f15a841ee","sha512":"3461c2b9cd5d0e6728377755377cbc232644e6dad34d086502ed337b1f4ee633dba4b9c93bfd0f35f470d5155f344d2462bd9b518bae31ecdf2c87abb7b89f74","ssdeep":"","tlshash":"1351e40db6d21592aa1362244f3f0605367b93136016cf0a394ff7915f9ae3ad85bcf9","size":2670,"data":"","first_seen":"2026-03-19T16:51:21.360226Z","last_seen":"2026-03-21T18:07:36.573375Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a9e3f632be9238b847fcbe67c3abb41a","sha1":"72f916b7074574967321c4467aeaf54daed2ed0d","sha256":"8647e955556a870555f00cb33aceaf2c7d4eff3d4ad1456ecd30949cc9010fc7","sha512":"9e80458fe22fba7558288cf13e075cb38eea93aa88e83b35ad9045f96b7bc3663fe2e08414f8e7f55cb32fa8f06e118a3c10483f2a90c5a426a908dcb19628f3","ssdeep":"","tlshash":"b7d0a7a62c758d3067a8025f61b7d394266165906a12a60081ddcc3a5f20fd344f1a9c","size":236,"data":"","first_seen":"2024-12-13T17:42:20.448064Z","last_seen":"2026-06-09T03:33:23.056069Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a869600d92b9e32597b6214b2dec518a","sha1":"a115e49beea076aeb1272ae1736e0e353972fca6","sha256":"efafc76e99dd5ca7898d39620fc5c1ec3d149cfe8c356bea286587a8ff5e5add","sha512":"ec584d4baeac89f1a7ca609b713b8b3abb25043ccd49bf0bd0a681f2b7cf315613d4cc327b91c060385ac5682a17d8bbd9e632248ac1b6612719f5b269cdc087","ssdeep":"768:/QtE+XncQ4NFZ5HgI8ofrPNQn8G3HfHqEQbx:/QS+XncfFZJ/8ofjNQn8GXC1","tlshash":"4db273c679f6796883bea0f4187b34d6b3faac8830084914d310f8f97825719a567f9c","size":25661,"data":"","first_seen":"2026-03-21T16:57:47.635025Z","last_seen":"2026-03-21T17:51:20.207342Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/123/jquery-3.6.0.js","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a750b5e10f34fe9be3d2b152dd12aa4","sha1":"4c7631e6cb74b97f42f146067ffc24c47b329763","sha256":"29223fdf1c42ac27b10aea5dcd02513f507a22a83ed8d03e5f6bb7f1c41daaaf","sha512":"0e003607f4ed747440d2d38b09a30a8fcb9d6dcc65f80ef56abf712674eb83592f45a4bc41d8a136350796a0b0f5cd972f9ca8b45516794644636f4385ec2ffe","ssdeep":"6144:9aaKxfbLY8Cv4okFFmwiFbP6s3JdB/HD0KUWrE4/Xp89ZwvY1Z5COsi2+pHeJwn1:FOiFbP/j70KUWrE4/589jjbvHeyb7PV3","tlshash":"f054b4d9734f116f4ba233aae43b5149ff7dd1b0520550acb58d997c24a081883bafbe","size":299461,"data":"","first_seen":"2023-03-07T12:22:54Z","last_seen":"2026-06-13T11:37:43.490051Z","times_seen":2078,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/123/toastr.min.js","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1515ed21d8bd30ca0fae0970f85a7fb3","sha1":"b7808c728fe5fcf884620df5e2154ce988e920c7","sha256":"f2bb0e8511764611ff0081b549ff188c326c7376bf86e28513782b0a48f9c7aa","sha512":"38ba3736b75c78b1c2149cc18022eb235144c162d3fd9d817318e05be6359e7d192fe81b0546b54bd4e9ab56c601c1b87d7b152dfdef3c4646e6a342e7a3f6dd","ssdeep":"96:IVkLdCZR1JHduRv75dR+FIEHXX9oxNDP9mA1UZsEyHGJAcCwV02UfrwH:ekL4BtcvvRqIQcNa74ccrwH","tlshash":"09b19384b220bb8b6b731169919f144b937673b2ccce55007639a5987e7082c97b7fdc","size":5544,"data":"","first_seen":"2023-03-07T13:20:43Z","last_seen":"2026-06-13T16:46:40.412455Z","times_seen":456,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"prvr-reward.xyz/123/styles.css","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /123/styles.css HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:39 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\netag: W/\"69bd4015-75670\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 34722\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2R2fxnPFLlqhmRCahbWMoiVXN1ca6WCSyuV3CIKEL5UxG%2BzFooESFsx8LiTkXsgln2jyyTihMsw77F1Ddiay%2BnsX2%2BBauBwTwQjuhNzCBg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9dfeb3f32d688a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":480880,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20196), with CRLF line terminators","md5":"04571f9334a9ec7d194aadf0619b97b0","sha1":"217028f2a47144021542a5bd3da227fa6b95c238","sha256":"5170301acec4e30a994bdbb46e99ab410f0e3203e629b4ec775a2c05000a65c0","sha512":"1497f5dfa87505a51e50f9d66da6975dffa8f01d5da34f27f4fc07dbf98f76a2593578556cff347cc863dd66824ba2f3a2f4c6b8d1866bdf543b731bfdddfa58","ssdeep":"6144:/S6XuVsQboD9yIyYMN6el5gTVyF24buT+:TeWQbo5y0MoeTgx/T+","tlshash":"c9a43b295a111512b733cb3c2bfd5244f7944817ee8349bd7add1a808ff21b8b962e8d","first_seen":"2024-09-20T21:38:21.078438Z","last_seen":"2026-06-09T03:33:23.036953Z","times_seen":77,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/123/jquery-3.6.0.js","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /123/jquery-3.6.0.js HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:39 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\netag: W/\"69bd4015-491c5\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 34722\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wg%2FgkGvXAIixlQF4MOSB3WwDyD0njRrgwOQg09sGJzEwQHe7ZOSBO3d6AhrqpQ1YZ4L43a0e3r2B2aV8L8dxtjJMYg%2FnVp%2FE5mOcQQJ%2BFg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9dfeb3f33d6f8a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":299461,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"8a750b5e10f34fe9be3d2b152dd12aa4","sha1":"4c7631e6cb74b97f42f146067ffc24c47b329763","sha256":"29223fdf1c42ac27b10aea5dcd02513f507a22a83ed8d03e5f6bb7f1c41daaaf","sha512":"0e003607f4ed747440d2d38b09a30a8fcb9d6dcc65f80ef56abf712674eb83592f45a4bc41d8a136350796a0b0f5cd972f9ca8b45516794644636f4385ec2ffe","ssdeep":"6144:9aaKxfbLY8Cv4okFFmwiFbP6s3JdB/HD0KUWrE4/Xp89ZwvY1Z5COsi2+pHeJwn1:FOiFbP/j70KUWrE4/589jjbvHeyb7PV3","tlshash":"f054b4d9734f116f4ba233aae43b5149ff7dd1b0520550acb58d997c24a081883bafbe","first_seen":"2023-03-07T12:22:54Z","last_seen":"2026-06-13T11:37:43.490051Z","times_seen":2078,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://prvr-reward.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 16 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 430553\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T17:34:01.852112Z","times_seen":209940,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":76,"dns":1,"connect":8,"send":0,"wait":10,"receive":10,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"presale.alexbeckertoken.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"presale.alexbeckertoken.cc","domain":"alexbeckertoken.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-reward.xyz/123/saved_resource(1).html","date":"2026-03-21T17:33:40.245Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: presale.alexbeckertoken.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js?","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-reward.xyz/123/saved_resource(1).html","date":"2026-03-21T17:33:40.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js? HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://prvr-reward.xyz/123/saved_resource(1).html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Sat, 21 Mar 2026 17:33:40 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9dfeb3f6ce828a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28432,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (28432), with no line terminators","md5":"82da2d0c3f18651b6d476b13a3c83db9","sha1":"b37478c30ec1a8cdfa75864e00b89ea4ecf26b11","sha256":"e5d24eb7c529c5be14d30383dda3ce6c9347b47a51d3da8158809eadae1d447b","sha512":"0892f5054d5fbb6f60b23af0c4c1448508d110e9cb0c6f887678e3c08a382af7a251bc56ad4da2b919c00306af5a743d02ee4cd66c31bf68d7eed50ffd2a5100","ssdeep":"384:aDr4B4E+8rR4BrfTo/J8mnC4X1PLwwotkc1zqEYgWsgs0dkCXbi7C5/TQUV8lDWE:aDrM4BrTeJxFpLVotksO/sCcuNF85WE","tlshash":"43d2d7ca3de6ba68937974f0586b30e673bdac8534446508c201f8f5bc217289b6bf5d","first_seen":"2026-03-21T16:57:47.700877Z","last_seen":"2026-03-21T17:34:26.993323Z","times_seen":3,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-21T17:33:39.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 21 Mar 2026 17:33:39 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vDuZnzyztALVQdkgyilNcGgZMYgttYdbU18OxiJt%2BoP5b3dE5GfGlO03Xaa3Eoz0jWb6rjlDrbkOCIcpgR6Mds827dQblqX%2BtDshAnmBvw%3D%3D\"}]}\r\nage: 98580\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9dfeb3f1e94d5cf6-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":126175,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7736)","md5":"5d54e54261a152ddf823e8bb3b63fed2","sha1":"01d6681cb8a3bb34179b234e11646fb6a48dc41a","sha256":"f69072d9b131600c00b5811081cf5746f18bf5669050a8e1c7e481ce0e222e42","sha512":"703fb93a1e95fa1a6d7d59e00a598918e5bfa1e5c860ab187dcf5102a44ef4fbbe1f717ef6798bbe565f0d6b56b21f0accc64c4edaf4c2ab6c18a8466cd5d323","ssdeep":"768:rzaVGkYv/Gwxgr3dlB/ioD2L6Ujw3Vv8ZvRujjUPEJfJmrzyFAgFvqU3rwIC43Kd:rcs/G+gBl8Zpbg2J1lKi1TXBnDR","tlshash":"ddc3841bb9904218790381ba1dff7b5e3935a0074d84ef9bbdcd2560df8b2a3e891764","first_seen":"2026-03-19T16:51:21.348089Z","last_seen":"2026-03-21T18:07:36.550103Z","times_seen":4,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":83,"dns":51,"connect":8,"send":0,"wait":23,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/becker-logo.jpg","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /becker-logo.jpg HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:39 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 44916\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\netag: \"69bd4015-af74\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 98579\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OHQk3XUR5i0GmQUWF8894nEjt%2BTlpQlmSPIpmDqt%2Brz3R%2FURKVt97j6WI95eUiFw3KOyt9d6GsfOvDLCgBnaxDLh2f7IPPW484R%2FC5TjJg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9dfeb3f33d6e8a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44916,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.3], baseline, precision 8, 400x400, components 3","md5":"023462c67f5210da2074aad0ed6ffddd","sha1":"09b061bc27e4bd4c19393b6b6d2ca5a697574470","sha256":"559523cf02d9171a2f4064cccdf3b5d12114df7df7a9cee4f2448ec72f17dda6","sha512":"cd0baf32e0e4696175cb1d0bcf011495cd9479dcc9c7329fb3f77ac31f872617f006bfe6f815d38d0aa6f0f2acb07a17bb46d9f60e9d529daab31cb2ced5d495","ssdeep":"768:fcQDqITWp7lHqm6YB3ogHGkfPKk3jVhT4t2lpHWeRs4Z1YihC8c1lacxU:fcpIE7X6g3ogmkljVOIb2qn1vbcDtxU","tlshash":"de13f128ab0512d5c6578d30d0b32adea64f7974c5bd234eaf811936d4843e6e184eef","first_seen":"2026-03-19T16:51:21.336684Z","last_seen":"2026-03-21T18:07:36.555119Z","times_seen":4,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/123/toastr.min.js","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /123/toastr.min.js HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:39 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\netag: W/\"69bd4015-15a8\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 34722\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ktJ0vnBIpPF8TKeHgBOx%2BbpfjghbAmyrx%2F5hRYWSaUgEY%2FciZAGBvqWYpEaXDlvFRXU0TuiRHYwmKeWqxXlNqM3XJ3O%2FYpmLh0qki1AREQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9dfeb3f33d708a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5544,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5215), with CRLF line terminators","md5":"1515ed21d8bd30ca0fae0970f85a7fb3","sha1":"b7808c728fe5fcf884620df5e2154ce988e920c7","sha256":"f2bb0e8511764611ff0081b549ff188c326c7376bf86e28513782b0a48f9c7aa","sha512":"38ba3736b75c78b1c2149cc18022eb235144c162d3fd9d817318e05be6359e7d192fe81b0546b54bd4e9ab56c601c1b87d7b152dfdef3c4646e6a342e7a3f6dd","ssdeep":"96:IVkLdCZR1JHduRv75dR+FIEHXX9oxNDP9mA1UZsEyHGJAcCwV02UfrwH:ekL4BtcvvRqIQcNa74ccrwH","tlshash":"09b19384b220bb8b6b731169919f144b937673b2ccce55007639a5987e7082c97b7fdc","first_seen":"2023-03-07T13:20:43Z","last_seen":"2026-06-13T16:46:40.412455Z","times_seen":456,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/powered_by_meta.png","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/powered_by_meta.png HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:39 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\nage: 34722\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KR4Af83Wi31e%2B4b%2BAxvs5tPHlL3rfazTklAj%2F11G10J5NeDcNnSTVbJEaIxAOGA%2FkXtnDcsSpLiufRfYxsrn3hubXS39mYk%2B6iswjJZ8AQ%3D%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9dfeb3f33d728a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":126175,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7736)","md5":"5d54e54261a152ddf823e8bb3b63fed2","sha1":"01d6681cb8a3bb34179b234e11646fb6a48dc41a","sha256":"f69072d9b131600c00b5811081cf5746f18bf5669050a8e1c7e481ce0e222e42","sha512":"703fb93a1e95fa1a6d7d59e00a598918e5bfa1e5c860ab187dcf5102a44ef4fbbe1f717ef6798bbe565f0d6b56b21f0accc64c4edaf4c2ab6c18a8466cd5d323","ssdeep":"768:rzaVGkYv/Gwxgr3dlB/ioD2L6Ujw3Vv8ZvRujjUPEJfJmrzyFAgFvqU3rwIC43Kd:rcs/G+gBl8Zpbg2J1lKi1TXBnDR","tlshash":"ddc3841bb9904218790381ba1dff7b5e3935a0074d84ef9bbdcd2560df8b2a3e891764","first_seen":"2026-03-19T16:51:21.348089Z","last_seen":"2026-03-21T18:07:36.550103Z","times_seen":4,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/sprite.svg","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/sprite.svg HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:39 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\nage: 34722\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0XM2M1%2FqLGIVno9JUo%2FJ08RqMmNFGgela4wecXaIlsB4F1ESgCGpltLVuKnSfYXoAAmNyw%2BbL5aX6Exn8Yfnj%2B8wY1c20x5l05n5Snp5PQ%3D%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9dfeb3f33d718a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":126175,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7736)","md5":"5d54e54261a152ddf823e8bb3b63fed2","sha1":"01d6681cb8a3bb34179b234e11646fb6a48dc41a","sha256":"f69072d9b131600c00b5811081cf5746f18bf5669050a8e1c7e481ce0e222e42","sha512":"703fb93a1e95fa1a6d7d59e00a598918e5bfa1e5c860ab187dcf5102a44ef4fbbe1f717ef6798bbe565f0d6b56b21f0accc64c4edaf4c2ab6c18a8466cd5d323","ssdeep":"768:rzaVGkYv/Gwxgr3dlB/ioD2L6Ujw3Vv8ZvRujjUPEJfJmrzyFAgFvqU3rwIC43Kd:rcs/G+gBl8Zpbg2J1lKi1TXBnDR","tlshash":"ddc3841bb9904218790381ba1dff7b5e3935a0074d84ef9bbdcd2560df8b2a3e891764","first_seen":"2026-03-19T16:51:21.348089Z","last_seen":"2026-03-21T18:07:36.550103Z","times_seen":4,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/123/index_1.html","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:40.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /123/index_1.html HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:40 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\nage: 34722\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qIGfCFzAkAViRFhbiN6C825V7LudZX8Nf99ywOsEm9ii6Ip%2BlrknTsvQLVn%2Bq4pW08JPkqRKXI9OMN5ah6ji4ZGyKbhR8%2FzA7tk3XBEkNg%3D%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9dfeb3f56e148a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1510,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (1431)","md5":"7ac863c20d80c754ff2fdf93ca02c1b1","sha1":"ebbec8729a0a4183f564ddfa1624ab4cd89429bd","sha256":"c350fa88b72d686b998af69bcc3a95567d0233a8478c39c0e7ee10a664aaddd9","sha512":"3a0af7592404e133ff8608a0150d0654263a4f136e969b182bc5e0450f4b6a5207e1d0909fa271508a4de07d1ff70f3e55f32d290403f15d7fd160fa5c283efc","ssdeep":"","tlshash":"613185b67e1950308695618631bef36c38329224ba029040c2ece878cd9cfd718afdbd","first_seen":"2025-08-14T22:48:24.824269Z","last_seen":"2026-06-09T03:33:23.035415Z","times_seen":67,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/sprite.svg","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:40.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/sprite.svg HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:40 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\nage: 34722\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vLPiznLVD9%2BjPU6c3L6SErDAq9MjgqMoGUTCEaf%2Fgp8HVveY3TRGdfayNTXWbDVwJTco3ZtyJz40g9l9awyQcpr1hXLQpdlx92PKMBtY%2FA%3D%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9dfeb3f5ae3c8a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":126175,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7736)","md5":"5d54e54261a152ddf823e8bb3b63fed2","sha1":"01d6681cb8a3bb34179b234e11646fb6a48dc41a","sha256":"f69072d9b131600c00b5811081cf5746f18bf5669050a8e1c7e481ce0e222e42","sha512":"703fb93a1e95fa1a6d7d59e00a598918e5bfa1e5c860ab187dcf5102a44ef4fbbe1f717ef6798bbe565f0d6b56b21f0accc64c4edaf4c2ab6c18a8466cd5d323","ssdeep":"768:rzaVGkYv/Gwxgr3dlB/ioD2L6Ujw3Vv8ZvRujjUPEJfJmrzyFAgFvqU3rwIC43Kd:rcs/G+gBl8Zpbg2J1lKi1TXBnDR","tlshash":"ddc3841bb9904218790381ba1dff7b5e3935a0074d84ef9bbdcd2560df8b2a3e891764","first_seen":"2026-03-19T16:51:21.348089Z","last_seen":"2026-03-21T18:07:36.550103Z","times_seen":4,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/123/css2","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /123/css2 HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:39 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 2421\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\netag: \"69bd4015-975\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nage: 34722\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TySwAxdTnJXy9TfIo6zI5FvgcQH%2BxjO52FnxB3rbhI8j3hkDzoAHciKcsDKuuJf%2BDWEnHFKgMkQg0wTml2%2BT61zx%2Bo1AUCiPWyhHzjcGlQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9dfeb3f32d6c8a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/123/toastr.min.css","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /123/toastr.min.css HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:39 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\netag: W/\"69bd4015-fed\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 34722\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sU%2FYOc7L0hd9Qvd%2BC9UkfvTRoyhQ4KqALdquaWJ0AUzN51jZwjx5XqoL4FfxJ%2FIbFokoaujdX0w8q4Uia9HFbLMHBRoS9%2Fm0OeRg8XSLEQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9dfeb3f32d6b8a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4077,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3790), with CR line terminators","md5":"7bb5a088537dfb8154a867fde2e73704","sha1":"53bf6a20858090281d87c9f9ca6b2696d502855d","sha256":"f51995faee855b1f8c0174398f957dc33a368423abd98da8cab4fcfab87e377a","sha512":"f5b06972fddbb702dab54c3c34b3acc5c62b5235c6b13bf911e84bb564bdca126168b1628e684caf4b52f82ffa9634491903b3cc5034d016d9aa0276178e0e68","ssdeep":"","tlshash":"ae81c011cb80332dbea3961ef455664a2609e1b3e6ee5eed651fa5bcc3c27d41c33284","first_seen":"2024-09-28T07:03:36.213793Z","last_seen":"2026-06-09T03:33:23.045374Z","times_seen":77,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"63:D1:AE:99:1E:49:D7:6C:71:F3:BA:F5:BA:47:74:1E:EB:90:E7:D6","sha256":"69:90:BB:9D:82:60:82:88:FF:CE:F6:B3:3D:DD:B5:B5:FB:F0:56:17:FD:FA:0D:BC:9C:5B:83:51:98:0D:2F:CF"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 21 Mar 2026 17:33:39 GMT\r\ndate: Sat, 21 Mar 2026 17:33:39 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-06-13T17:36:49.813069Z","times_seen":30185,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":96,"dns":1,"connect":22,"send":0,"wait":31,"receive":0,"ssl":84},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://prvr-reward.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 16 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 430553\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T17:34:01.852112Z","times_seen":209940,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":161,"dns":0,"connect":21,"send":0,"wait":8,"receive":4,"ssl":135},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/powered_by_meta.png","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:40.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /PRVX%20_%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Distribution_files/powered_by_meta.png HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:40 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\nage: 34722\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NPbWBRcDDWd1YYnvvyyBmX%2By9NgGZbUP6N2UVHDzH%2Fd7deCTXhQra1%2FY2MYOH8EOz%2Bb%2BWQ1ADnbOhw37S8%2FgoovNyrjW%2FgSXGPmwS8UrPA%3D%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9dfeb3f5be3d8a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":126175,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7736)","md5":"5d54e54261a152ddf823e8bb3b63fed2","sha1":"01d6681cb8a3bb34179b234e11646fb6a48dc41a","sha256":"f69072d9b131600c00b5811081cf5746f18bf5669050a8e1c7e481ce0e222e42","sha512":"703fb93a1e95fa1a6d7d59e00a598918e5bfa1e5c860ab187dcf5102a44ef4fbbe1f717ef6798bbe565f0d6b56b21f0accc64c4edaf4c2ab6c18a8466cd5d323","ssdeep":"768:rzaVGkYv/Gwxgr3dlB/ioD2L6Ujw3Vv8ZvRujjUPEJfJmrzyFAgFvqU3rwIC43Kd:rcs/G+gBl8Zpbg2J1lKi1TXBnDR","tlshash":"ddc3841bb9904218790381ba1dff7b5e3935a0074d84ef9bbdcd2560df8b2a3e891764","first_seen":"2026-03-19T16:51:21.348089Z","last_seen":"2026-03-21T18:07:36.550103Z","times_seen":4,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/123/saved_resource(1).html","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://prvr-reward.xyz/123/index_1.html","date":"2026-03-21T17:33:40.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /123/saved_resource(1).html HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/123/index_1.html\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:40 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\nage: 34722\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hhKfT49UvMwUAvRMYGab4eS%2FQ7jJhNg1gvvdnlPLFhgvAcaTw1l%2BRF6Sc%2Fe8BGm8KcsjWXSQXbDCAmyW%2FzyCnvzyzC0K8ip9Ytll%2BckI5A%3D%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9dfeb3f65e688a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":507,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (464)","md5":"f2718e61138ef0530f5b6c285a3ab392","sha1":"050f5abfcde20b35cf02cda68ce79493aa71e946","sha256":"5b47e35bb125f373e1324ecf6a05860779edb8b6b50383d33fa5e870a5ef464c","sha512":"dcaf7c003a81fdd8ec642ce3b73a875c0a996b5ae8ab9d71ef4cf2b989fa3e1155f73fcb3b97b9fd0adefb414a548191d0b37d99035b2a78decdb869e48557c3","ssdeep":"","tlshash":"89f00ef72c2ac82123b00386a0fae25c05205150b502c941c1e8e87d1e48fda98a3a48","first_seen":"2025-08-14T22:48:24.827007Z","last_seen":"2026-06-09T03:33:23.036174Z","times_seen":65,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-reward.xyz/123/index_1.html","date":"2026-03-21T17:33:40.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\ncontent-length: 0\r\ndate: Sat, 21 Mar 2026 17:33:40 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9dfeb3f66e6a8a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25661,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js?","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-reward.xyz/123/index_1.html","date":"2026-03-21T17:33:40.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js? HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Sat, 21 Mar 2026 17:33:40 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9dfeb3f68e768a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25661,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (25661), with no line terminators","md5":"a869600d92b9e32597b6214b2dec518a","sha1":"a115e49beea076aeb1272ae1736e0e353972fca6","sha256":"efafc76e99dd5ca7898d39620fc5c1ec3d149cfe8c356bea286587a8ff5e5add","sha512":"ec584d4baeac89f1a7ca609b713b8b3abb25043ccd49bf0bd0a681f2b7cf315613d4cc327b91c060385ac5682a17d8bbd9e632248ac1b6612719f5b269cdc087","ssdeep":"768:/QtE+XncQ4NFZ5HgI8ofrPNQn8G3HfHqEQbx:/QS+XncfFZJ/8ofjNQn8GXC1","tlshash":"4db273c679f6796883bea0f4187b34d6b3faac8830084914d310f8f97825719a567f9c","first_seen":"2026-03-21T16:57:47.635025Z","last_seen":"2026-03-21T17:51:20.207342Z","times_seen":4,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/chunk.47.2ghauuvt.js","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /chunk.47.2ghauuvt.js HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:39 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\netag: W/\"69bd4015-32fb1\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 34722\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uj7oTvYOhjKbIJCBOdENnr0%2BcYM7%2BRDiaxo6ELMZnprwAn8H79DOJm%2FzshnJC9vQzSeeeJuIycs%2BR53ZKgbgUtYDY4ROJP42rmXHcGp4Rw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9dfeb3f32d6d8a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":208817,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (52762), with no line terminators","md5":"eba5611ba4b706a4c1365a8508e69a6b","sha1":"7a2f80031985324b767c45b339b355d2626b4969","sha256":"89dd870a32f56331493537a930be9ecc95233edd06ac7f0b63e8cb112bb48a70","sha512":"7e8ee792d304e324dcc72c2ebb949b177407f52bdf7e5ce7a65627d257a0e2e066b5775657b8633fcb1f95ac277565a8c124acf14858652a502ad2612f6eed4e","ssdeep":"1536:dmO9IPeLqG8cAxHnihJ4MqEWJVoNqf3yyWx+:dmO9IPAacKHiXf0oO39","tlshash":"d41461e5db87c0ac8d5910ded473f841e0685927ce6cf493aa6edec27519f22808b17b","first_seen":"2026-02-16T15:03:14.731838Z","last_seen":"2026-03-21T18:07:36.565724Z","times_seen":14,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:39.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://prvr-reward.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 16 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 430553\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T17:34:01.852112Z","times_seen":209940,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":86,"dns":1,"connect":7,"send":0,"wait":8,"receive":4,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/secureproxy?e=jscdn/getFile","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:40.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://prvr-reward.xyz/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://prvr-reward.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"i26j21cuqog7erubli03\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lp8pf9kXeLmSYiqhKfhXVsHDCXp2jtYbp08D72kNvUOzTAHkn%2BYgk6bR2ZvTpMEJJqfBQj3hbW0eT6QPBUA%2FLwwM6iZIHIIhfsisSfljkySPXg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: 9dfeb3f62e5f8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3517306,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c7fbeacf88f33e010d79e6b4a7c23b2e","sha1":"2159d23bddf7d444bca12a57b9a928c955df15bf","sha256":"0baa0609ab6581908e0285c225a25280106895ca78362b932ae51d89da92795d","sha512":"851484aef605d05814cc73a26e9615652de47683342cf5f535e244c11b074cfddeacefd32419ee5904d4c1a1342a0b111691a4bae1bd59473fb7c92edd66f7ff","ssdeep":"24576:sQlg6vCCCgvnQsyjCq4rCMBZ849RxN4soD5JaHTRsq4Bk:jgKdWdMhfxNeeHFV7","tlshash":"6b252390ac6b51ab474c266a31775e2966e06f0404e5a1cfe654ddc23ebffa0c38f46c","first_seen":"2026-03-21T17:34:09.52313Z","last_seen":"2026-03-21T18:07:36.559175Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":621,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://prvr-reward.xyz/123/saved_resource(1).html","date":"2026-03-21T17:33:40.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/123/saved_resource(1).html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\ncontent-length: 0\r\ndate: Sat, 21 Mar 2026 17:33:40 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9dfeb3f69e7a8a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28432,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prvr-reward.xyz/becker-logo.jpg","fqdn":"prvr-reward.xyz","domain":"prvr-reward.xyz","tld":"xyz"},"ip":{"addr":"172.67.216.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://prvr-reward.xyz/","date":"2026-03-21T17:33:40.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prvr-reward.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 12:00:23 GMT","end":"Thu, 18 Jun 2026 12:00:22 GMT"},"fingerprint":{"sha1":"20:7C:39:BB:4A:16:9F:98:71:E6:AB:CC:CE:1F:A5:A8:4A:11:18:AD","sha256":"64:12:BD:E2:2F:A3:EC:21:30:B2:1E:71:38:D8:68:B4:AE:14:7B:A2:E4:26:06:F8:34:02:BF:BA:0A:D8:48:C0"}}},"request":{"raw":"GET /becker-logo.jpg HTTP/1.1\r\nHost: prvr-reward.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://prvr-reward.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 17:33:40 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 44916\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 12:39:49 GMT\r\netag: \"69bd4015-af74\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 98579\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MPgy9mLPebVsZaN9Zl%2FHMN%2FHXbq2rx8UhxKPmWy2HgVKmHL1p%2BTuMXqd6ns30MCVe%2FtRF7wsOS4ZVUqLMpgf6Tr9uF7DaNgb9BWT%2Bnt5tg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9dfeb3f6ce808a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44916,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.3], baseline, precision 8, 400x400, components 3","md5":"023462c67f5210da2074aad0ed6ffddd","sha1":"09b061bc27e4bd4c19393b6b6d2ca5a697574470","sha256":"559523cf02d9171a2f4064cccdf3b5d12114df7df7a9cee4f2448ec72f17dda6","sha512":"cd0baf32e0e4696175cb1d0bcf011495cd9479dcc9c7329fb3f77ac31f872617f006bfe6f815d38d0aa6f0f2acb07a17bb46d9f60e9d529daab31cb2ced5d495","ssdeep":"768:fcQDqITWp7lHqm6YB3ogHGkfPKk3jVhT4t2lpHWeRs4Z1YihC8c1lacxU:fcpIE7X6g3ogmkljVOIb2qn1vbcDtxU","tlshash":"de13f128ab0512d5c6578d30d0b32adea64f7974c5bd234eaf811936d4843e6e184eef","first_seen":"2026-03-19T16:51:21.336684Z","last_seen":"2026-03-21T18:07:36.555119Z","times_seen":4,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"prvr-reward.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}