{"report_id":"4bb7f887-d22d-4f9d-b2bf-bca626917d45","version":6,"status":"done","tags":[],"date":"2026-03-05T06:03:01Z","url":{"schema":"http","addr":"www.xmrwallet.me","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":0,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"www.xmrwallet.me/app.html#/login.html","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"title":"Monero Web Wallet - Login to your wallet | xmrwallet.me","dom":{"size":42238,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (751)","md5":"871caeffac1de757ce64fb30fc861c19","sha1":"b1ceab47ce5bc7c6c623bbeb2ac2f2cb123bc249","sha256":"5b214de35e7e70385808c35fd2f04eb704deec5bd6f1aff5d6b6cf7ff0842e64","sha512":"82124ff707909f5cd55e6b09ec6dffea9168317fb1072d2a4784fb933ce34050b5716d6aded70ce8d4124207cd4f2c99ccc75a6084d59d4b362ef5cebd268f61","ssdeep":"768:x98g5glTt1dYFb24Dl2lZhZA087ZBregXWqhVBz/jR:x98g5glTtcFvDl2l8ZBregXWAV","tlshash":"b4133c90e7ac1028471b20bd9a7e539a7c7c807399049cb17e2c47140ff5ea6e76bd7a","dom_hash":"domhash9b4a24f1e4f47fc3d903859599d316a0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.xmrwallet.me","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":0,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-09T06:03:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.xmrwallet.me","ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2026-02-26","domain_rank":0,"first_seen":"2026-03-05T05:08:20.705097Z","last_seen":"2026-03-05T05:08:20.705097Z","alert_count":41,"request_count":41,"received_data":4503551,"sent_data":23247,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.xmrwallet.me/app.html#/login.html","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"88b0fcd153e725118b5c32a180a1c188","sha1":"bb4c4cfd5affdc6ecf08d1b8112977a48d2a6711","sha256":"176c194242fbd26cc65d7aa251a990875008f84e78ad3a7c6f64d7496a42c129","sha512":"845ca9aa7e5fec4943cb8044dbad9cd36f20f9aad01b12b80c48fe63c7d0c987c3923ca7bb4baa8169bf1558a152754129de2df00f93beb3fee3787de03dc4bb","ssdeep":"","tlshash":"c9f0ecbe88320030479731b13fdb7f59382080035546d1097b3c55448f61b0ac98db5b","size":483,"data":"","first_seen":"2025-07-13T12:50:12.368115Z","last_seen":"2026-03-05T06:04:31.386784Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/js/app.js","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ecb5df7b04d429c0fc1ef6eb306ada5","sha1":"6a7bb790d706d1d3d0ce975b1a5c4625ca57029b","sha256":"847b39ee0470202ad3019c405c35ffd7be6e3594d82eec9ba102387b447f8534","sha512":"7fd766f65a970faa30984946e15ab88d149821409ec82f1f675a0ad4b9c77463319a1ff3fe9d54bf327c8b72e3a25e3d3afca6b5e611689532b9b3437e21fd47","ssdeep":"24576:lGwRwRwK1BOsw7OE+SODkFO77YDrHLjmkqbSioNydiW/2VdtuAX1yKPXkqjOLaxB:lGw7OE+SODsO77YDrHLjmkqbSioNydix","tlshash":"8a6549362789323683e647d13a5f514ff2f8401a3704585cfe3d80a92f75ea9e176ba8","size":1436264,"data":"","first_seen":"2026-03-05T06:03:06.203936Z","last_seen":"2026-03-05T06:04:31.387719Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/app.html#/login.html","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb1d9f34e368486a25f234726cbbabbe","sha1":"e00b02bf9849dd542dbfc2d594593868cdea978e","sha256":"94049a4990da092000ae585a463445f472697334f4a67ce593efc28148b67e62","sha512":"61b61815dfeb05814323adea61d4dd76c34d3bffdbd19a5d2329fc12f8c37872793ab44e5cd9deafe7d848c0f3c6c027fc4812657137eb9a199757a2d1c7710b","ssdeep":"","tlshash":"3c718cddda970118b75f703e839e0120252090ab08c8bc717f1c27119f65a35dee4bb9","size":3632,"data":"","first_seen":"2025-07-13T12:50:12.371916Z","last_seen":"2026-03-05T06:04:31.389453Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/app.html#/login.html","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"9bb61c59597316f77f2c24140163afd6","sha1":"1e08ab325d6dee5c9fc57be8db1a851e0daed55d","sha256":"5b8360cc2e3751ecf76e790ec6867088f8ea1f4e9961c8bc62acd108fdf0bd23","sha512":"97a0194904c54368e8e507ffb31aa68dcab1da1445738f6fa7c0204f1817d3d9673f2cf47b873384459e78a8f20c0b503a9a916347aa746fd3aaaa0adb5b3089","ssdeep":"384:XRUZhI0dqgP4NOFPhWD7p27AfvCvZhb1A08Nht7FNcc2rbiZB:Xb24Dl2lZhZA087ZB","tlshash":"2c82e8d0f34c259c0759112a992a52da783c90b30d446cb6be6c1a2a27f4e7de37de36","size":17904,"data":"","first_seen":"2026-03-05T06:03:06.205173Z","last_seen":"2026-03-05T06:04:31.390108Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/js/jquery.js","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"0cfb5b30b8061e04baae7e703f6ce455","sha1":"a5d551dce75ae0754c1a001aaaf7654878e7aee4","sha256":"3095da81424eadc32e00c1d6cc61b5be32252ce1a5f5b1e7a1ac514aa9cac1ea","sha512":"40fcd49d4611a2e0bea9d0aff879dbbd9394653fcc7331b195b58653e0a0d4da57a613b17144bbdf141a889768c342088184eb9bcd88141a067adc9266bf03e2","ssdeep":"6144:lgTIp2wD3W7LgNbKLzuiTfpQpWTbpcsUokmpCFxTmC33QwhsM76m7tOhXb:lgstTWb7SMnmsUokm06Cww7Ohr","tlshash":"c2c42a5fb746333206d321513a8b52ebf23a113c2659c4b859acc06d27b5e7c933b7a9","size":549260,"data":"","first_seen":"2026-02-21T03:18:55.169048Z","last_seen":"2026-03-10T21:29:00.069743Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/js/scripts.min.js","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"a6c06e89e82a8a7bdfc00996a7674848","sha1":"7a9fd7c34f36dc4c225636673540040f0d3f5ad9","sha256":"d662c3adafb0f4f250360d76b4a47b8677b1d115fee9ec93e7923039d8e1de48","sha512":"fa120c9930aa10a319ba2afadf6c4cb34fe19d3935294bb8c0cd3577329ee09cf330e97a9b700c93b43c2d67a7eef4f8ead3b84a241d63d062a8c5643d515bdd","ssdeep":"3072:lHZ6nNJiRTBCzvyMwjn0SpADH79cVONlqqMb8:5Z6nNcpeyMwjn0SpADH79cVONlqqMw","tlshash":"57d3188db36472a151e7225a539ed10263b65845b80ac4a470768cd7acbde8c03bfffd","size":141097,"data":"","first_seen":"2025-05-26T06:04:46.716427Z","last_seen":"2026-03-10T21:29:00.054828Z","times_seen":53,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"76a5f62f269a508bfb1edb248e601ff3","sha1":"6cebb859572629aa9e2808d34fe24cced2d1bc90","sha256":"56c014f2cc365d8ce0b5dcf725c6cc2da6691527f22c36441a04470ad11caf51","sha512":"75caab5bf60ff3f88a07b3498363970a91a8abcb66ae33b889f6b56fe7815f19432e570cdd04a3d925554af47ebc7bf87bd5f592899155ae0cef1d3921bb8284","ssdeep":"","tlshash":"23f086eb45f483405ee600c38ea33102393b60ef198c88911702bb143c0a33faa2eb85","size":587,"data":"","first_seen":"2025-05-26T06:04:46.730755Z","last_seen":"2026-03-10T21:29:00.068599Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/app.html#/login.html","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"22099935009ebff94f02a13197aad632","sha1":"f890ef1ec104198742905f7ffb4de9ff1c3b148d","sha256":"9df9ae5e7f71cf66b262d06c6de4c391a2f15b09bad630844d65f927d83b17d5","sha512":"bcef45d7cd40a748e4b264785ce1cbade09856f13cc09b9d224bb91e41b50999f8e757a56ba55338a481dc2e207c4cd7ed5621d84b9a5d05dbd284bebd59980b","ssdeep":"","tlshash":"92c012ab70ee0520adae25ab0c27e3caba644485780ab794060d20694031996303fa28","size":180,"data":"","first_seen":"2025-07-13T12:50:12.370065Z","last_seen":"2026-03-05T06:04:31.388772Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/app.html#/login.html","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"82dfdf4dc3f0f37d188146f31877c5cd","sha1":"3e12014171c6c6ac703a217df3f76e79e556c88d","sha256":"24425e370ca97e7156dea284db62bc5668e2568dd11f1090f21af26b699d52a1","sha512":"53dd8e698756f1fa00b6b2dd13713b8ac22ab2dc54787610420ca141d12177f38dbc4f5e494a27d5a41f9783dbd7584f23bcaa447ba0ed20b06d85a677457379","ssdeep":"192:bnzeLFLVLKRhE+DLtLtLmU24j8azTdeEWCOG+1Tj:byBB2TZD5570azTrjZ+1Tj","tlshash":"5002a7746a726040ce7b603987bf13661cb98173b20dc5b6b51cd4448f91e9bfa63d8e","size":8393,"data":"","first_seen":"2026-03-05T06:03:06.207673Z","last_seen":"2026-03-05T06:04:31.392537Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/app.html#/login.html","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"9b857e9e341cafde15e0284242b2d2bc","sha1":"5b7bbd905a3c206e608377ad12c5d03964a582f2","sha256":"d6a533b47e57ec8907ef0933e0cbc46053fe8a499fb45aa22ffb6884bf318e64","sha512":"54999fb86ba1236b0cbeda7e00a6d71f814614da2972185c3e1fe176d1911a5b4acc44dfb45a9d8e28df7c4f9d4876c6a01b2caccca11e8f5da3a86034888a19","ssdeep":"","tlshash":"97700080000080220c20082c2a020b2c00c200202020800a20e8000000802880800020","size":18,"data":"","first_seen":"2025-07-13T12:50:12.379204Z","last_seen":"2026-03-05T06:04:31.393642Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/app.html#/login.html","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a6dea35e4d8a8c73484a61c752db9f6","sha1":"1d759467724ffefcb59cef9c104ac258ec8f557d","sha256":"6705992339b9fb46cfc9e568eae743f5a594ae5a02ecf0511d219ec2c88e99d7","sha512":"883797e1e645168e561fdf519b47784a6c3883bbe246b9e6cad7ac9bf140d2e9d949585f6115409271e5dd1b7394e12b6942c5c6bcd0b144ce0ae76793230349","ssdeep":"","tlshash":"efa0110083000230000033a22b80aef03808000ae802b0bc0aac000888b8800eac0a82","size":75,"data":"","first_seen":"2026-03-05T06:03:06.209803Z","last_seen":"2026-03-05T06:03:06.209803Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"b62f6cab7993c1daca83127bc89803e7","sha1":"6e242dbd9a05d565f85da6b1a8422fc1e58b893a","sha256":"6f68706261f62d2444d4c43517e2d80a015a52a29a55fd91d5e37f458670fef4","sha512":"b39b0a2c5b723bb8ceaca9aee386d9f5e3cbb36f95b4374d61b53f17d58d1d99dc96f437cfe5102f67f92eccb5e3f812563cb964b59b1e49e25a862ee7520f01","ssdeep":"","tlshash":"edf0279872286c7d420722465f1f27dde47514d1ef1ce819a470754224e0f511ed8712","size":466,"data":"","first_seen":"2025-05-26T06:04:46.73239Z","last_seen":"2026-03-10T21:29:00.06911Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.xmrwallet.me/tor.svg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /tor.svg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=TaBj5yan5oSvJuto; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:39 GMT\r\nlast-modified: Thu, 19 Feb 2026 00:06:57 GMT\r\netag: \"1cd6-64b2215354208\"\r\naccept-ranges: bytes\r\ncontent-length: 7382\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":7382,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9a46fd37fd16b007b97c52cf8b7c24ba","sha1":"60c073a1fdf1a8b859d0a8ee3ea25269ee6df008","sha256":"9d490aaeb13bd8189d64ec8ebbd77544d59e36809fe729d79b7ec31fcb5bd931","sha512":"83717cb76bf750a49ff69a34caa403202ef34992b2fd2262c49df719b0cbc14f4483d17b2e6cab63c33f25bd6f6380ec6ed3521b054ca1e12aa2a703c9b22664","ssdeep":"96:VkoIanHMDKxr5MOMMpmSkAE2XWWpW3wxLOt4ypArPCKMveSDNc24aVnvDfCT08:VksiC5MO9dxS6ypADI92Bof2p","tlshash":"cee186f5c3a942f0f7ee1b158cf0190d67a2a4b62a109e14f7dda8c48fb2e586104dd7","first_seen":"2026-02-21T03:18:55.180529Z","last_seen":"2026-03-10T21:29:00.061895Z","times_seen":20,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:40.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KM7NbBh7NySSC2Yx; __ddg10_=1772690560; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=jAExsWVbn4jE58nZ; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nx-powered-by: PHP/8.2.29\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-length: 6721\r\ncontent-type: text/html; charset=UTF-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":28671,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (795), with CRLF line terminators","md5":"f93917b409f88665063f6bc5e9532765","sha1":"a15948ea38bc399eb866354bb96c5837defe12e6","sha256":"73c5e2cf3c2190a4c25e9586355417b2b621eb2a0d796d2fafce872a0682ab3b","sha512":"50d4c818c67d259032a0b73af8af54f67ce561630175780b46a12987bc449b945896898aadae71272d5c6b5b33a3240519a9be16616c064059d47064c2605a08","ssdeep":"768:GvlWQLMwnU1RwKBI7KaJ2KKh3UxFz+oB7m+0vFEjVvZUkLm:6QQLMwnU1M6+w","tlshash":"ced25262b2c86636025353d3603277faf1ab8560ce669431f3fcb3377ba4c656927186","first_seen":"2026-03-05T05:08:23.931423Z","last_seen":"2026-03-05T06:43:02.827665Z","times_seen":5,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/app.html#/login.html","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-05T06:02:45.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /app.html HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=csSDujMLTEd6N3am; __ddg10_=1772690560; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-User: ?1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=mc6RzgmgWm4JMj3c; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:45 GMT\n__ddg10_=1772690565; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:45 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:45 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:46 GMT\r\nx-powered-by: PHP/8.2.29\r\nstrict-transport-security: max-age=600\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nx-content-type-options: nosniff, nosniff\r\nx-content-security-policy: allow 'self', allow 'self'\r\nreferrer-policy: same-origin, same-origin\r\ncontent-length: 3766\r\ncontent-type: text/html; charset=UTF-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":13400,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (416), with CRLF line terminators","md5":"c33970a1af37b5bdbd1b9290fd1e50b8","sha1":"5678558ae79fa4e5b14f62f829d5a1bc2eced3ee","sha256":"3773a27a798adb6f8573254488061890de9d814ab2eb8f7694750f70a5ba9cba","sha512":"15dc68588bc7440993870d2dc06987007112fe692c689072e21afe8aae89fb545e23eb766144198cc7517e5a0b81fd34a634d405ee041ab7de9382f75b931798","ssdeep":"192:+qeeb00S5/9LJEw4CbjLoLILKECbr51MLGL2LEx2llAS0sZlHE:+MS5F/k029X51MyCK4AS0sZlHE","tlshash":"ce5208a5541110148e737271cbae57a1f8754123e306cba2b66c93432f70e90ea73eeb","first_seen":"2026-03-05T06:03:06.178772Z","last_seen":"2026-03-05T06:03:06.178772Z","times_seen":1,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/login.html","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.xmrwallet.me/app.html#/login.html","date":"2026-03-05T06:02:46.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"POST /login.html HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/app.html\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 24\r\nOrigin: https://www.xmrwallet.me\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=af14Igog8BCL1k43; __ddg10_=1772690566; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":24,"data":"session_id=\u0026session_key="}},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=XF8LsWXZ7OGjOC6B; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg10_=1772690566; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:46 GMT\r\nx-powered-by: PHP/8.2.29\r\nstrict-transport-security: max-age=600\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nx-content-type-options: nosniff, nosniff\r\nx-content-security-policy: allow 'self', allow 'self'\r\nreferrer-policy: same-origin, same-origin\r\ncontent-length: 7256\r\ncontent-type: text/html; charset=UTF-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":29254,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"c6511986fec549d393644bfdd5899a89","sha1":"f9297b8f5d13dd4454b4c6aa3d5dd72ab593a2e0","sha256":"27e675b4a8d1ac33cdbd2e9bc1095f8a0aa585b180712ab4dfb259836c30f66d","sha512":"9228721f0427bcda14ff8993b4527aa1ee21e97e3072a9aa7947c5b07ece690172b601b0346f9b16ae4b62a974b09485664dc8c6a5eb64a64de3d8795424183f","ssdeep":"384:+g+oeVOxDVQGT+n2qB8r+nGIK1bUHxXL9oG/jQEG3QTK8gqxONuhAyCC:+g+oeUZVZ+nJBhYURXnsEGgTK8lCC","tlshash":"8dd2f690b38e616d07bb53aa813a9316fc6cc1730a4025b5b2ad17171ff6d60e367e39","first_seen":"2026-03-05T06:03:06.17979Z","last_seen":"2026-03-05T06:03:06.17979Z","times_seen":1,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":150,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/css/main.min.css","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /css/main.min.css HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=uEi0wVynUteUZypb; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:39 GMT\r\nlast-modified: Thu, 19 Feb 2026 00:29:30 GMT\r\netag: \"ea3f-64b2265e07222-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-length: 11603\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":59967,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (58039), with CRLF line terminators","md5":"8c2d249787867ab9ea8b395c91e028d7","sha1":"c64241b21ceb448d87740b78f8ef63ba6063e467","sha256":"f69b42f78220120198354610c63b66496ed2cf2be2d80c959a686f0a214e4866","sha512":"7ac22f53fb7285bb20d8a429c50a382b23a762087b0846b468004e42e12420b97b59bcef53e9d373deca8baee10fc52dcd4b8de52cad54105c41515e347cfdcd","ssdeep":"768:Cbb6s7SEL8m/f+ifi5oAJmXA8zHwZ3D7hsrj0WNBs3/WG:+6uS4VDfi5ohXpQZHhEjqH","tlshash":"5743c7371600332cb13bcf659bd416a99634c423a2130bfef691bd65c7eb6a5027a74e","first_seen":"2026-02-21T03:18:55.166085Z","last_seen":"2026-03-10T21:29:00.062968Z","times_seen":20,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/bg-3.jpg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/bg-3.jpg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=Gqx2eOl1oIf2Sex3; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:39 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:00 GMT\r\netag: \"e5c2-5fd8cd7b89400\"\r\naccept-ranges: bytes\r\ncontent-length: 58818\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/jpeg\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":58818,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3076x4146, components 3","md5":"22793d4658b47ad97d9f7b826f06bc22","sha1":"06621b6455b956d83e253c4dd70e963419bb3c2a","sha256":"a4f78aea3aac7159cb7ae772a4e464ccd777a5d31ebbad52a4216e9b1cd616de","sha512":"2b7271cca70dd76edc0e99030063692fd5f25180fee4e7d046fc40abd29d9fd8954ee68a3e5f8e0ee1e3a1e125cd42fbd3be99b6926927630d8d24f6a6fffe1a","ssdeep":"768:Lqds10HdXSpwiUWAEwSyDOfboiLukVQ45QZ915iQdp:uG16dCuiUW1yDOU075IoYp","tlshash":"00432973eb8592a3c5ac173094db23283f264da1c74c5a0397991d33f9f67a8fd2a152","first_seen":"2025-05-26T06:04:46.705605Z","last_seen":"2026-03-10T21:29:00.059294Z","times_seen":53,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/main-bg.jpg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/main-bg.jpg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=wSYO0BaZwXrOrINI; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:39 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:14 GMT\r\netag: \"27bc0-5fd8cd88e3380\"\r\naccept-ranges: bytes\r\ncontent-length: 162752\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/jpeg\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":162752,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 5400x3600, components 3","md5":"f2dc5954242b8216e4f666e56e13442b","sha1":"62a572a7a9596713dfdf736dcad0a8b054a11ef4","sha256":"e9248abdcdbce1a575f0110f42e440a462e606c2980b2bf5c0ca2e75c9e7eb52","sha512":"48f8c33d5861f3188bd90058465d670b656bdeab61010b2460e14004dea204e701ff0a855671dab8bdb22d8f11182f13aaa387aa581c5e194f2797bb69c0b9c7","ssdeep":"3072:y+wRC4pwkEw7ryCys0ZvYbrTv4V1vdxMgH1IE4zNEfRVDCdORjQGJ:yfgIEf/6bI5Ay1IpNEfX7lz","tlshash":"66f3bf77dba2ab57d39c2330868b07303b37c968839a4a074a695f71b1947d8fd7b142","first_seen":"2025-05-26T06:04:46.711018Z","last_seen":"2026-03-10T21:29:00.059791Z","times_seen":53,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/fonts/Inter-Bold.woff2","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:40.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /fonts/Inter-Bold.woff2 HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.me/css/main.min.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=uGdi7BdqveQV36fB; __ddg10_=1772690560; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=KM7NbBh7NySSC2Yx; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlast-modified: Tue, 28 Sep 2021 17:24:20 GMT\r\netag: \"1a15c-5cd117be07900\"\r\naccept-ranges: bytes\r\ncontent-length: 106844\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106844,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 106844, version 1.0","md5":"9aa03c46fbe41e25c51289a3e78e9454","sha1":"9739b96f20de3e9fa4032545fe6b2e021299aff3","sha256":"01191e5d895aab8717f1aa2424b83f29b06735a8f61a67add5b107434d0e7187","sha512":"1de1b749fa89591bd3d61c96738f313a1b1a546890334b50e225f207c07b7352ddee59637ff9f3e4bc51f7023c6baeeb8f6ecb3c4fcc37a44635d30abfa44644","ssdeep":"1536:H97PTz0LyHhs2SxUZi1lRrjNcXwpysPtbSsBfX/5eB4gwcp7wawAW2m0Y5vxtzTl:dngJvyRsPtb1fvoRp7wa3W2m7V9o6lIu","tlshash":"0ba31235c683cc81fd45387d1237730b446b85badc16eb2e84131582dbadae5aee670b","first_seen":"2023-04-10T16:29:48Z","last_seen":"2026-04-03T07:13:01.217291Z","times_seen":313,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/favicon.ico","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:40.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=jAExsWVbn4jE58nZ; __ddg10_=1772690560; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=csSDujMLTEd6N3am; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlast-modified: Thu, 12 Jul 2018 15:41:10 GMT\r\netag: \"47e-570cf313a5180\"\r\naccept-ranges: bytes\r\ncontent-length: 1150\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/vnd.microsoft.icon\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"80b0a659516f5460db2590fe2cf2a85a","sha1":"f8f686a9ee57b657e3e97cf26ed6f3366304a873","sha256":"2c63a044d1eb522df9d5934220a76e391961baaf6b6437827fac498d2c1b9b6e","sha512":"0e08dd9fcfcdeae78f69d0d3c0da08ec061f48b15e9468d79043943bcb23c35e2c6a5e460f3115841a88dc015c03a5488f04cc708270666bf5f24b5bd810bd81","ssdeep":"","tlshash":"35217d5f95d94d0dd294a63d50ef230860b4d306eac31743d1d67426a3b67888c6262e","first_seen":"2025-05-26T06:04:46.708322Z","last_seen":"2026-03-10T21:29:00.062384Z","times_seen":42,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/font/roboto-regular.woff","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.me/app.html#/login.html","date":"2026-03-05T06:02:46.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /font/roboto-regular.woff HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.me/css/style.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=Pt5KyIV8BPPcwkO0; __ddg10_=1772690566; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=RlwBiIJc4GQ6XeO8; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg10_=1772690566; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:46 GMT\r\nlast-modified: Fri, 16 Mar 2018 15:18:50 GMT\r\netag: \"eaec-5678920154a80\"\r\naccept-ranges: bytes\r\ncontent-length: 60140\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":60140,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 60140, version 1.0","md5":"454625170cb66e17dbd380ce7df9f60c","sha1":"f6114b613b18d7a2b68585d1265d6c348057dd34","sha256":"999685b9281358d0260346ca0006004b9460b858ea163a0a0b18f7e62e588579","sha512":"f459e3b2b30d7f8c3e77d4b3f4724ff23bf78228d5846be42bc8d2a9d405319a09bbad8f38e7ec7247711b9d72ab27446255a8f41ba76d9eac38cc089a6c93ee","ssdeep":"1536:1XzBz5D5D5w2yX2DCmj186OVl3z0ErcIRt6Zg5:RbD5D5Xg2DC16O/gErcIRtz","tlshash":"4e430289df06c22a8bbb45d33dc12af4f09dd5c1581636cc7806b957ebd6ae8a3071a1","first_seen":"2025-07-13T12:50:12.324154Z","last_seen":"2026-03-05T06:04:31.351996Z","times_seen":3,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":51,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/bg-2.jpg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/bg-2.jpg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=z8Rp9crAp2hI6IUC; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:12 GMT\r\netag: \"1301b-5fd8cd86faf00\"\r\naccept-ranges: bytes\r\ncontent-length: 77851\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/jpeg\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77851,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3000x3000, components 3","md5":"7d405c84c057b3cd9b1126f7bd1e81ce","sha1":"fb9dcc59737fcd04933e0f466e8d781cee088763","sha256":"c27edc9fff36d2995489f7baa21e2abecea314580b2fa63490fe9d8d251ef09c","sha512":"a0753fe08f990ee0f695b3e95dd06c4060ae51f874612638ffe0a43d6f74f13c28947f25fc1266a1b428d11354d9293c011ee3741fe2e315390f3bd7703a2009","ssdeep":"1536:Fnd45mDUF/SGQBv321l3nu9QFxTNKbV+sV/5HewuTwoPmv:FnxURo8l3IGxoR+OtewJv","tlshash":"4673b07a4bf25e7ec38c0f30eb4727302913cc61675b518b096b4e66b5d07e8ae7a251","first_seen":"2025-05-26T06:04:46.712778Z","last_seen":"2026-03-10T21:29:00.06409Z","times_seen":53,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":136,"dns":0,"connect":0,"send":0,"wait":56,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/ico-5.svg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/ico-5.svg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=JwQSGagj7PP6uYF4; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:43:58 GMT\r\netag: \"13a3-5fd8cd79a0f80\"\r\naccept-ranges: bytes\r\ncontent-length: 5027\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5027,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"94fabc3ca067f88cb391a5ff5aa99679","sha1":"580c51d480cc29b7bc13b2a8dd6a5f0d3e75821a","sha256":"98f125506abf1d8f277a3e365a5efef067caba4cca844f0cf4db75f6a1e0b3d2","sha512":"37e55e532e95f3aba4d7947da6a1e6a398f45fbb55783a9e14ffe7e8cb46b7fe00995f2db6e5e4c1e62b7dc62e078e7cf1914a62d4866f4078ac29bf05f86187","ssdeep":"96:WxEFiLlOhYEyEk3KgVrbCPL3bGhAqGsGEQUOGW:tFiLlOfw3Ki/CD3bCGLDN","tlshash":"7ea182f4a778f38c55d3b81deb31f924530e64b9b49bc4894d9f8368904b985fb6b810","first_seen":"2025-05-26T06:04:46.713707Z","last_seen":"2026-03-10T21:29:00.057753Z","times_seen":53,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":140,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/blog/smart_practices_using_web_wallets_s.jpg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:40.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/blog/smart_practices_using_web_wallets_s.jpg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=uGdi7BdqveQV36fB; __ddg10_=1772690560; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=y8CAsabUL7eOUWNe; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlocation: https://www.xmrwallet.me/\r\ncontent-length: 292\r\ncontent-type: text/html; charset=iso-8859-1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":28671,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/fonts/Inter-Medium.woff2","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:40.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /fonts/Inter-Medium.woff2 HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.me/css/main.min.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=uGdi7BdqveQV36fB; __ddg10_=1772690560; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=BGj0KsjbpaMW93ij; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlast-modified: Tue, 28 Sep 2021 17:24:22 GMT\r\netag: \"19e7c-5cd117bfefd80\"\r\naccept-ranges: bytes\r\ncontent-length: 106108\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":106108,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 106108, version 1.0","md5":"eea97ded621cd8a18067c7243b19ceea","sha1":"d88b0b7a77cbb6ea033f692c05d5855a7be7d0ea","sha256":"d6e2531976fa618cede5863027366e4011760b0610d7136a8f7d7ed149c26348","sha512":"3ae400bb27c8db14d060ff83506d70b90de06612bf40ede0c7fbe1d4b302fabeeecee8d85c886b37b7aca06d4b7daeae473c8b542faa98083036de7fd3506c72","ssdeep":"3072:goH303tZuta/VoRorlduZwOLYGhLDSCWTXUP:gcAnsCVoRGlGwwPxx","tlshash":"8fa3123cb10d4bb3cdd99b3aba1735b5a0891a04774f24f6c14ca73662ad9e0b40bd5e","first_seen":"2023-04-10T16:29:48Z","last_seen":"2026-04-02T08:16:35.400965Z","times_seen":310,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":51,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/android-icon-192x192.png","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/app.html#/login.html","date":"2026-03-05T06:02:46.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /android-icon-192x192.png HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/app.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=RlwBiIJc4GQ6XeO8; __ddg10_=1772690566; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=psxs1piUlMwDb8qu; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg10_=1772690566; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:46 GMT\r\nlast-modified: Thu, 12 Jul 2018 15:41:14 GMT\r\netag: \"4af1-570cf31775a80\"\r\naccept-ranges: bytes\r\ncontent-length: 19185\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/png\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":19185,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"2799252d15801b41dd05db2f16a8f412","sha1":"5152de752d867100498555cacf5bfaa9aa36e67f","sha256":"93cd21bffd407521b482f49f494cac28173efc42475b522bb12f055e3b1fec5f","sha512":"e3b47754c02e45a538954025e4f206748b624491733e4fe387ba7d20c8837e6fbdc54965af27352e4c797d126722c1bf5cb49267b0f39df5bfbafcffd2386774","ssdeep":"384:q8k7l9MUs3Ee1g/yUpK8/Xiw4Q7Y2Pv/eK/AK9QLixc4agql/i:q8URs3Ee4Q8zbPdN9Oixc4ati","tlshash":"dd82e045a513fa85e7d2a67d3c830b5e7b92ea255bb06c734e1cb31ad2170422908ffd","first_seen":"2025-07-13T12:50:12.366018Z","last_seen":"2026-03-05T06:04:31.354563Z","times_seen":5,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/font/roboto-medium.woff2","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.me/app.html#/login.html","date":"2026-03-05T06:02:46.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /font/roboto-medium.woff2 HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.me/css/style.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=RlwBiIJc4GQ6XeO8; __ddg10_=1772690566; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=xP3KQb32GcfOoYnl; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg10_=1772690566; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:46 GMT\r\nlast-modified: Fri, 16 Mar 2018 15:18:42 GMT\r\netag: \"d1d8-567891f9b3880\"\r\naccept-ranges: bytes\r\ncontent-length: 53720\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53720,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 53720, version 1.0","md5":"4fcb1a44214288a25d5f2c0feaf868e7","sha1":"41d3b968662c9e61ad23185fffecf247c7044be1","sha256":"013d78a693d2a2b8fe399ed119a0e39e633cc08c0d88d54754e4bb3c14172485","sha512":"665ae7218c540328d1c91be0f368ccafdb85d90870d7cf229c1c244d40233ace38c1e03c6eece437ca0468e3dfef04c91680a248624374a7f4bdb3de8007250b","ssdeep":"1536:Fot58x9RxywbDROp7pOiCBuc0Tn6bihvVCz8aj:Fot5YxnRQ7pWYz9VCz8Y","tlshash":"ef33125de51f8936c9b24a724e98e3c24fbc7b1bf6760cf712163a84087a3676c0e195","first_seen":"2025-07-13T12:50:12.330945Z","last_seen":"2026-03-05T06:04:31.374421Z","times_seen":9,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/ico-2.svg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/ico-2.svg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=MgRvqYcTsysufYOW; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:39 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:43:56 GMT\r\netag: \"12b3-5fd8cd77b8b00\"\r\naccept-ranges: bytes\r\ncontent-length: 4787\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4787,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"09a0223623d4ee4816d623a93770f296","sha1":"af53226be27f48a2bbab966c326ea391f0e8f653","sha256":"08b546948de3d545112d01e3f672187b72b0903eca3ea62827bc1f406beef132","sha512":"3e59723736e28bc63e973d00c6123713c0e97e7670a7bda4587f3f84adbc09ca51f7f0c5288e8b440ede2bac5f591b061d449a724e1267b238f075d56805f169","ssdeep":"96:z3UvtOs8Pp67ZsTBNvRlXVStc6vP2USTY8a7LziuYYvbvOjrW:wvf7uzLaDbXij6","tlshash":"63a162f982bca2dd4487a729ef31d4a5232ea0fab157c5c48d9f93748053d84fb27840","first_seen":"2025-05-26T06:04:46.715407Z","last_seen":"2026-03-10T21:29:00.057233Z","times_seen":53,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":31,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-05T06:02:39.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=KmzshUd2ACe9fxAg; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg1_=9FGq7DESu0NQ2lCddm4S; Domain=.xmrwallet.me; HttpOnly; Path=/; Expires=Fri, 05-Mar-2027 06:02:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:39 GMT\r\nx-powered-by: PHP/8.2.29\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-length: 6721\r\ncontent-type: text/html; charset=UTF-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28671,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (795), with CRLF line terminators","md5":"f93917b409f88665063f6bc5e9532765","sha1":"a15948ea38bc399eb866354bb96c5837defe12e6","sha256":"73c5e2cf3c2190a4c25e9586355417b2b621eb2a0d796d2fafce872a0682ab3b","sha512":"50d4c818c67d259032a0b73af8af54f67ce561630175780b46a12987bc449b945896898aadae71272d5c6b5b33a3240519a9be16616c064059d47064c2605a08","ssdeep":"768:GvlWQLMwnU1RwKBI7KaJ2KKh3UxFz+oB7m+0vFEjVvZUkLm:6QQLMwnU1M6+w","tlshash":"ced25262b2c86636025353d3603277faf1ab8560ce669431f3fcb3377ba4c656927186","first_seen":"2026-03-05T05:08:23.931423Z","last_seen":"2026-03-05T06:43:02.827665Z","times_seen":5,"resource_available":true,"data":null}},"time_used":330,"timings":{"blocked":83,"dns":1,"connect":19,"send":0,"wait":162,"receive":1,"ssl":61},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/logo.svg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/logo.svg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=btpOax0UcTcBdyAy; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:39 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:43:46 GMT\r\netag: \"8bf-5fd8cd6e2f480\"\r\naccept-ranges: bytes\r\ncontent-length: 2239\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2239,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"95bdfdf5418cf1395b3a9bf0d31ad20e","sha1":"b025ab1dd42a32b3adaea6fad05c2ed0553521e6","sha256":"15e72fdb916883d853277aa3739c37ceea6b07f5daf89ceae59bc5a254b0da1a","sha512":"99cc491b2cf78c88ad891daf91d5e68a3e94e5941130e0361a2b24888eefc6cc5b1eace6fe08e41827ea592688bea21f7549abe97131834b5507cdafb84e5517","ssdeep":"","tlshash":"734160f4a3a0a0cd09a30874fb7a19ca573d68fab00048ccadae545935e7b93e44bb41","first_seen":"2025-05-26T06:04:46.726526Z","last_seen":"2026-03-10T21:29:00.053823Z","times_seen":53,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/font/roboto-bold.woff","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.me/app.html#/login.html","date":"2026-03-05T06:02:46.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /font/roboto-bold.woff HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.me/css/style.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=Pt5KyIV8BPPcwkO0; __ddg10_=1772690566; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=PNJqPI7JeCFiErKd; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg10_=1772690566; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:46 GMT\r\nlast-modified: Fri, 16 Mar 2018 15:18:16 GMT\r\netag: \"ea8c-567891e0e7e00\"\r\naccept-ranges: bytes\r\ncontent-length: 60044\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60044,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 60044, version 1.0","md5":"e472dc4ba094086ab8df595130f9a1ce","sha1":"b984cdadf731644ef91ec78b1ec28fa7d56d8e0f","sha256":"87a50591814d1bd442b7273bae3297b4c3df51d10fad2162f5c9cab48e730e70","sha512":"4aa488973e693b6dac470b5e152db4c282cd92545a74902c6a1e14009fbe4d55eccd8778b76379611e9b2f457993dabbf5e8355f85a5549527a37fc433f9c4e9","ssdeep":"1536:xAItrXhqh51oqoVeQPkvRMcUaTU7QqrkhYNu86666QdzUPV/IRt6Zg3:xr345qgfU7proYkvdo9/IRtp","tlshash":"8f4301b61e33540aed5f8af432d092ef4d38c8d05278295078af5da4bd1acdc6ac4e72","first_seen":"2025-07-13T12:50:12.318598Z","last_seen":"2026-03-05T06:04:31.353678Z","times_seen":3,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/ico-7.svg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/ico-7.svg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=JtdGirv0sdPbAbIt; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:04 GMT\r\netag: \"c48-5fd8cd7f59d00\"\r\naccept-ranges: bytes\r\ncontent-length: 3144\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3144,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"931a91a28ee2a8254154843aa1f0f855","sha1":"bfe66874d2c83dda00e7aa373192d3a3c1bb027e","sha256":"ab9226498b999eae84e141cce8aaad49a943fd282f94593828b5e9c43df0de82","sha512":"fdeb255495ac4324c53e94ddc1be78e5caea69fdf969ceb647dffd4eab0f01dd2c29bba6f38915f0012c83fc28163cbb09545a474eacddf033d8272fb948299b","ssdeep":"","tlshash":"445175e692a8faecb886923ddb67e161231d60b6b162dc4d5c4f4f5c9407bc1fa03530","first_seen":"2025-05-26T06:04:46.729341Z","last_seen":"2026-03-10T21:29:00.058242Z","times_seen":53,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":177,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/blog/manage_multiple_monero_wallets_s.jpg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:40.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/blog/manage_multiple_monero_wallets_s.jpg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=uGdi7BdqveQV36fB; __ddg10_=1772690560; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=VNubonIg2kr2SzpQ; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlast-modified: Mon, 31 Jul 2023 14:11:36 GMT\r\netag: \"13662-601c902207600\"\r\naccept-ranges: bytes\r\ncontent-length: 79458\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/jpeg\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79458,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=474, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=948], baseline, precision 8, 600x300, components 3","md5":"4207847cc955e497e48907df41ebe084","sha1":"77e6d4b20604062458ae19c00d46283f7ee4cc75","sha256":"a7ba66a7f394dda8d9869d11f046cd0c4dfcb655900e5aeae4b4640eb8d859a4","sha512":"915be91fb466a65d0d6cb1abb44955c6a6e4af1b7532f1c13e12c5a573857dcf9f32136a45c22e011fb9bba32e392fb6f9a5639f77478bc5fd0b8440525f19e4","ssdeep":"1536:GK9lGtkMkq03KN03pPmRV7mJqASj458ks34At+zUx2dC/lj+a0h:PdrdKNWKUsFoArJjqh","tlshash":"8e73f10d9796ac14eae605f694d0d6096b1fbca65e63716a3e9c39143b20bf04c6cb0b","first_seen":"2025-05-26T06:04:46.717446Z","last_seen":"2026-03-10T21:29:00.055447Z","times_seen":52,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":106,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/fonts/Inter-Regular.woff2","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:40.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /fonts/Inter-Regular.woff2 HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.me/css/main.min.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=uGdi7BdqveQV36fB; __ddg10_=1772690560; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=4LzspdoQhzvSMgaf; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlast-modified: Tue, 28 Sep 2021 17:24:22 GMT\r\netag: \"18618-5cd117bfefd80\"\r\naccept-ranges: bytes\r\ncontent-length: 99864\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":99864,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 99864, version 1.0","md5":"24a88db8dcb2ace5ed6efdc866dd03f5","sha1":"ef868b77f19fe390d938740bf0af834967e28e4e","sha256":"413a527c0ed1833fea654b2bb065bda9ebe46bc1f585cf2d481f8a79dbc51610","sha512":"87926cdb2d70150b65ddcb422f21ef04d8f4c897115438a6f570c3022f101a9e7affed780663548153c8aa0f2d11614557ed2a6af219e17ee16525bfc2637e61","ssdeep":"1536:rRxbPen3CMDtqnb2+M8f5JtdkhqZNYoPTSIDq8NtChKIyKq/Xrf7DrtmCE4Fiw8t:9xzenSMi2H84oPTTNAoeeXrf/pma8rJ","tlshash":"7fa312457744efdcd5be8737eb53f73db22aab1aa43632c09d15132a9b6882453c490c","first_seen":"2023-04-10T16:29:48Z","last_seen":"2026-04-03T07:13:01.185732Z","times_seen":431,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/font/roboto-regular.woff2","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.me/app.html#/login.html","date":"2026-03-05T06:02:46.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /font/roboto-regular.woff2 HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.me/css/style.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=af14Igog8BCL1k43; __ddg10_=1772690566; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=fdBwafAX1vQrULfo; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg10_=1772690566; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:46 GMT\r\nlast-modified: Fri, 16 Mar 2018 15:18:52 GMT\r\netag: \"d43c-567892033cf00\"\r\naccept-ranges: bytes\r\ncontent-length: 54332\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54332,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 54332, version 1.0","md5":"0193d03cafc78874f0851fac197a8d28","sha1":"6b4439167341790c05cf455e6fc2e29bff285ce4","sha256":"73e7fe9d63a03fda1841fea659f40721314ef57c2cbab41c8d50a0d078b46b20","sha512":"4ff956548a820614e0b596f60db59b00afc1aaf475e62c938ee9232a13aabf2be022c84469626fb8ab442c2fa3ca3c20049f93b07bfe7fa12984814922683e31","ssdeep":"1536:2hpVKIDvaVaPLdqREKVr6M3mZ6qdB8tKtxYw:2ZvawD4REK9130BMeb","tlshash":"c433016483ce783de0b653711a02d241b4039ca1ee8b1aaff73f85140741e856af87bd","first_seen":"2025-07-13T12:50:12.361266Z","last_seen":"2026-03-05T06:04:31.373648Z","times_seen":7,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/i/flags/en.png","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/app.html#/login.html","date":"2026-03-05T06:02:47.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /i/flags/en.png HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/app.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=xP3KQb32GcfOoYnl; __ddg10_=1772690566; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=oKAQXevNLb6d9Jp8; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:47 GMT\n__ddg10_=1772690567; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:47 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:47 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:47 GMT\r\nlast-modified: Fri, 16 Mar 2018 13:46:44 GMT\r\netag: \"161-56787d6b53900\"\r\naccept-ranges: bytes\r\ncontent-length: 353\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/png\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":353,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"3b8a0264cfbfd81ec917f3ddc4e12a59","sha1":"0810170047b18a64c7284ae04ae588ba43dfce6a","sha256":"e080695b4f82b4ae26d46e8d5e41e78438de2cd203ae9fb5ceb908cc6f0f6db6","sha512":"b8322547e5a3e7a818081fcae4d59879f454a0710aa493e18e0c4f0676f85dacd53edb19b4044d18aff1c313dd3065a0bd491a1ea76e65ccb1abdf518062a19b","ssdeep":"","tlshash":"07e0c0f537d7a0aec317777fa35c0951ce36a71c6b802d3c930e00f98083641500b9a2","first_seen":"2023-07-05T11:31:45Z","last_seen":"2026-04-02T14:33:58.113555Z","times_seen":36,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/i/loadingaccount.svg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/app.html#/login.html","date":"2026-03-05T06:02:50.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /i/loadingaccount.svg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/app.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=oKAQXevNLb6d9Jp8; __ddg10_=1772690567; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=anAn6CYx5ZjV5MDU; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:50 GMT\n__ddg10_=1772690570; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:50 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:50 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:50 GMT\r\nlast-modified: Fri, 09 Nov 2018 15:54:24 GMT\r\netag: \"a4a-57a3d5d82cc00\"\r\naccept-ranges: bytes\r\ncontent-length: 2634\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":2634,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d737fefe9756a98076f6a76836e4f85b","sha1":"ee64e077d8f7cafffe9faaee777f53f1726e9012","sha256":"bcee380e6e472de181e0cbf9c451c1c692eb31e1942530fcfc8ac97a4e7174d4","sha512":"ecebeb037a1bdea93c6b2f9e17b6301359b1937fed9afc6fd45951e1109cdea90d17762901b1a9a57da06a199f3505eadca08234f500f93093ffba806b72b468","ssdeep":"","tlshash":"da510531c6d91ecd2e48ca71fb4a3404839fd27b510ab954a8b7eb37e885e7ed41c426","first_seen":"2026-03-05T06:03:06.19414Z","last_seen":"2026-03-05T06:03:06.19414Z","times_seen":1,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":85,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/ico-3.svg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/ico-3.svg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=W1mV69P5VONL7kDR; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:39 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:02 GMT\r\netag: \"18bd-5fd8cd7d71880\"\r\naccept-ranges: bytes\r\ncontent-length: 6333\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6333,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"20d7c60ff3a7d518b53322afd7532b8e","sha1":"8f323bd27da6fe14984d51124890acc8cde0bf9e","sha256":"859eb46de6abdfc0566e306f934cc7d53ce2124aa0935cfa6bd8daa864574d81","sha512":"e961247cf1034b492eff7fcc8b156ff57c6373bd56ed9b74e4616f668d66ed5f3a4011acfb9b7a7426be3dd3033dd00567d99027713c9db2bed407dd547ac75b","ssdeep":"96:WY6Hht3QSsD0kPxk4+TEciCVXS/d7uWrArfWqVK4QmO8LwGSM1SmeHtEMcsOFW:j6Bt3k4BXS/gWrWL1FO8Lwm1SDfcrg","tlshash":"49d130f5975ca6dda8cfea1ddf22c4a8230f64b6f46786c88c5e87b59007a81fb17410","first_seen":"2025-05-26T06:04:46.727487Z","last_seen":"2026-03-10T21:29:00.067642Z","times_seen":53,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":83,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/ico-4.svg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/ico-4.svg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=swppY5VnukaZpqB6; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:39 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:10 GMT\r\netag: \"14af-5fd8cd8512a80\"\r\naccept-ranges: bytes\r\ncontent-length: 5295\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5295,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4d4be919a7101a53da0671b651d88339","sha1":"511e4dc53c757a67c1b994a061768bce6d992d20","sha256":"9fd2a9ad8f3df4e00ea67a63182eddaf84f1c18f95c6dc5b7efc3b4244b39622","sha512":"5e1192f294a0b98bcd2ca99a46dbcd25542df7d5dac411a49791bddcf30aca6df9d021e262241d823756a66eeaeb38e49acbd60985f65c4dfd11c1614b7eaab4","ssdeep":"96:uQRUSUuWgsRRHmEVonUA5giJJoYTD44yFPmwtiXceTgIWhhjcOyW:9OSURg4OIPYnitiX7g/P7p","tlshash":"fbb184f4522c539d98c7d52def23d9a0530f60bab98681c58ecf87a8a40b6c1fa03854","first_seen":"2025-05-26T06:04:46.728393Z","last_seen":"2026-03-10T21:29:00.068142Z","times_seen":53,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":120,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/main-bg-mob-min.png","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/main-bg-mob-min.png HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=YbIz32a6XsoqFZ5u; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:39 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:18 GMT\r\netag: \"4ca0d-5fd8cd8cb3c80\"\r\naccept-ranges: bytes\r\ncontent-length: 313869\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/png\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":313869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1537 x 1025, 8-bit colormap, non-interlaced","md5":"881adc56fe142da9cf25fa73a0a4700e","sha1":"6c14d018a613d0f2aedb2581116bad3607327d50","sha256":"cc94edd838df4adc55ce2633c00a9fcbcc870200650df140329f4f1fd0c49414","sha512":"904bcc8c61dd6d1db992d88ada1c3f6e7d8b0664b41cc5b437fe652b47cce164e539fc76389579785958a77ca9959215aa9993215eae40ec7a3fef57a7fa875e","ssdeep":"6144:7LfpgcHSJRT7mc3oU+56l+4uSWnDpY01+MnE7vP3Lny58D0oWQ:7rtSJRvmc3a6o4oH+Mn0vfuc","tlshash":"b7642363f014c331e52d9b56263fc594b2b8e3b0c261fd20ebab1a9a6d49dd2c90075b","first_seen":"2025-05-26T06:04:46.722334Z","last_seen":"2026-03-10T21:29:00.067127Z","times_seen":42,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/ico-1.svg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/ico-1.svg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=tnALmWc3IljgFva9; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:39 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:10 GMT\r\netag: \"167e-5fd8cd8512a80\"\r\naccept-ranges: bytes\r\ncontent-length: 5758\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5758,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fe25036dd4b136fd06e95c704769d560","sha1":"745f4cefdb320b27c4d151e3e72d36d14748e795","sha256":"9d39530709b9e8614f396330a965280adba383beede90bab89fd5edc4c6bbcd9","sha512":"3f1b4188d83a6e837f2915ecbc48c44523c557cdc9ced04bf1409c210006f30dcc6bc6386a74c0d798fe31dfce2b0ca4cb3a06756313ec4c14898972bdb106c7","ssdeep":"96:/N3Wt6EEEuzixIDlcKdCuaAyGaUheCob15P5v6P5Kmg+4r9gQnjCWDlVObW:FmUixKlXtTaUKi5Q12K","tlshash":"39c131f5576c939ca087a2adff27e8a1130fa0b5386ac1cc5d9fc7a4904b981fb17840","first_seen":"2025-05-26T06:04:46.711969Z","last_seen":"2026-03-10T21:29:00.063567Z","times_seen":53,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/blog/exploring_best_monero_wallets_s.jpg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:40.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/blog/exploring_best_monero_wallets_s.jpg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=uGdi7BdqveQV36fB; __ddg10_=1772690560; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=6vKN63pdax7wtaqi; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlocation: https://www.xmrwallet.me/\r\ncontent-length: 292\r\ncontent-type: text/html; charset=iso-8859-1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":28671,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/img/ico-6.svg","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /img/ico-6.svg HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=gtsZdEfUNWetyUdc; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:20 GMT\r\netag: \"15c9-5fd8cd8e9c100\"\r\naccept-ranges: bytes\r\ncontent-length: 5577\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":5577,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bb74ce444cc695190233989c68a9c988","sha1":"1d64ae8afe27f44c984d21b43ea41c8aed4e01fb","sha256":"700e57eb67e4186237739be928d0e05c2dea1a817b8394ee029580176318a60b","sha512":"d2181c856b5c5bccc3d3e87f8a90cb2dace2227ac5f68e447cbdbc7974674e43187d3284b53a7725bfffe8b1541a0a144b1817db338b4cd37490f5668cf6b12d","ssdeep":"96:2+vM8CRXr9lra+u2/nhhdtfzYG/vExxQP7A4/cNkySSXEQcc1sJ6Xw/ASiTqOg1W:C8QJrPBxUKJA+ySSIHMg/ALgw","tlshash":"ccb1a5e8532c62dd64c7d22eef32ec50531ea0b9b06781894dafc768a0579c0fb4bc90","first_seen":"2025-05-26T06:04:46.719503Z","last_seen":"2026-03-10T21:29:00.054352Z","times_seen":53,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":140,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/fonts/Inter-Black.woff2","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:40.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /fonts/Inter-Black.woff2 HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.me/css/main.min.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=uGdi7BdqveQV36fB; __ddg10_=1772690560; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=f9OoNEEzGRFYqhiF; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlast-modified: Tue, 28 Sep 2021 17:24:20 GMT\r\netag: \"19dc0-5cd117be07900\"\r\naccept-ranges: bytes\r\ncontent-length: 105920\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":105920,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 105920, version 1.0","md5":"e0435a12e8f7002db1aa83f0f30d6a7e","sha1":"d92ed6e383e5b5b1d06ec5ae5d18b54968edacec","sha256":"eec0ae4bb52981a6ca92d58df2a6c7d9cc64f08ffbad2e1dbc3740e8a8a026f7","sha512":"9b1cbd44026819ae5a33ec19c5a565d32c187750576269b24ebaa0cc1a022984009883c96fdfc2d1d3b9aea3bd671dc8f51f5cbab462f5e06508dc1ab4881d7d","ssdeep":"3072:7S8mjOB4T8LcrTbghB6V8sSjFs2LdEyKua1t0gbBYG:tB0Zbghi+CmEyKH","tlshash":"94a31239154c66b7d91fdc343a65f908f2247a22d302ebd7ceb7482a27f82473741a96","first_seen":"2023-05-23T08:48:37Z","last_seen":"2026-03-24T14:05:37.753182Z","times_seen":92,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":51,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/fonts/Inter-SemiBold.woff2","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:40.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /fonts/Inter-SemiBold.woff2 HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.me/css/main.min.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=uGdi7BdqveQV36fB; __ddg10_=1772690560; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=om5Q9CWIsOMsqe6a; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlast-modified: Tue, 28 Sep 2021 17:24:24 GMT\r\netag: \"19eb8-5cd117c1d8200\"\r\naccept-ranges: bytes\r\ncontent-length: 106168\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106168,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 106168, version 1.0","md5":"696df71a855c273da7f4df3f1e7c746f","sha1":"d539f97171c8e2d189f07a216b0d14d5468aac61","sha256":"07d609457ea2e93be9e7b5dd8e9a9a156d2e80144bcd94cf0adf05c553da053b","sha512":"438310edd8e7e9482806d1cb7a0069ef3e61653e9f216ddfb86cbbbf071271af5c4f0f60ab5b782ca6ef00a8d499bde4670783db37f5d8cb06af70e26dd1cc2f","ssdeep":"3072:HtKolW2ERaWRCe4qlaY4nydQKMnbAiCRVFr:HtKolW2iCe4EAFKMnbAiCRn","tlshash":"91a312ecd619c3beca274a3e86df277b0111b3678708964ac6d69f8452f33b8441d4a7","first_seen":"2023-05-07T22:36:59Z","last_seen":"2026-04-03T07:13:01.152179Z","times_seen":249,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:40.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KM7NbBh7NySSC2Yx; __ddg10_=1772690560; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=sKhPKCOam9JiLzij; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nx-powered-by: PHP/8.2.29\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-length: 6721\r\ncontent-type: text/html; charset=UTF-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":28671,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (795), with CRLF line terminators","md5":"f93917b409f88665063f6bc5e9532765","sha1":"a15948ea38bc399eb866354bb96c5837defe12e6","sha256":"73c5e2cf3c2190a4c25e9586355417b2b621eb2a0d796d2fafce872a0682ab3b","sha512":"50d4c818c67d259032a0b73af8af54f67ce561630175780b46a12987bc449b945896898aadae71272d5c6b5b33a3240519a9be16616c064059d47064c2605a08","ssdeep":"768:GvlWQLMwnU1RwKBI7KaJ2KKh3UxFz+oB7m+0vFEjVvZUkLm:6QQLMwnU1M6+w","tlshash":"ced25262b2c86636025353d3603277faf1ab8560ce669431f3fcb3377ba4c656927186","first_seen":"2026-03-05T05:08:23.931423Z","last_seen":"2026-03-05T06:43:02.827665Z","times_seen":5,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/css/style.css","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.xmrwallet.me/app.html#/login.html","date":"2026-03-05T06:02:46.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/app.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=mc6RzgmgWm4JMj3c; __ddg10_=1772690565; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=I4zjS5mRHyhkMJ8m; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg10_=1772690566; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:46 GMT\r\nlast-modified: Wed, 04 Mar 2026 22:15:14 GMT\r\netag: \"81005-64c3a277ccfc1-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":528389,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2343)","md5":"ba990b448b57ab21a92e6e8d41d0bdd0","sha1":"e15965ae54b88198f8da83819ec3fad97b409869","sha256":"522bfab43df3a0d650bcc8d576619bf00446ecd6b57c40a3707b3248e1d58d63","sha512":"ae8a7cef86ff5d3ab82b49b06bf27af10dfa1e25e400de899a93387306ba9845e84837d6a1a108deef64742c3211d5cf47dc8521c6dcd4f0756139d3b11d19b0","ssdeep":"12288:JHtFsDzdURpJXKXJw/h6rLrTFKFGIJN51pa8uczYePShbikV5R92XARAL7cLCGfk:VQik5RMXARAL7cLCGf8Gtr0","tlshash":"dbb42a56ce8821399f5f063bf4de1767830a64033a65c4eeb24ee1494b74c4e937e93a","first_seen":"2026-03-05T06:03:06.198511Z","last_seen":"2026-03-05T06:04:31.379528Z","times_seen":2,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/font/roboto-bold.woff2","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.me/app.html#/login.html","date":"2026-03-05T06:02:46.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /font/roboto-bold.woff2 HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.me/css/style.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=af14Igog8BCL1k43; __ddg10_=1772690566; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=Pt5KyIV8BPPcwkO0; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg10_=1772690566; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:46 GMT\r\nlast-modified: Fri, 16 Mar 2018 15:18:18 GMT\r\netag: \"d3fc-567891e2d0280\"\r\naccept-ranges: bytes\r\ncontent-length: 54268\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":54268,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 54268, version 1.0","md5":"c0417afdef40e5bc269c2c00411bd613","sha1":"95087b116ba8e299ed69c9dcc821bd90724c8001","sha256":"74637bbe52aef05736b210e88411d1e381103496fc7f97b0b098173865121d53","sha512":"95917a9fae1eb8e7923f0341c5aeda42b04c2c536a7695302beefb7ddb17bc6b74e5167a2c37c813887792cbc12432deaa6ecb038fde215cbb208160a6d6aff9","ssdeep":"1536:SKenvPVuz3mwpB5vB2sulk5jJjcD3Rl6aCtYl+:SKevPVuzjB72w5F+RYa9l+","tlshash":"9e33029cca693a84f893dbb6506dc7f3df1e2683315854029bb462582c13c6cb73e569","first_seen":"2025-07-13T12:50:12.363639Z","last_seen":"2026-03-05T06:04:31.361566Z","times_seen":5,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/js/jquery.js","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /js/jquery.js HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=jrOK07mRVY8uQxG0; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg10_=1772690559; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:39 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:39 GMT\r\nlast-modified: Wed, 18 Feb 2026 17:38:58 GMT\r\netag: \"8618c-64b1ca9ab3080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: text/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":549260,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62413), with no line terminators","md5":"0cfb5b30b8061e04baae7e703f6ce455","sha1":"a5d551dce75ae0754c1a001aaaf7654878e7aee4","sha256":"3095da81424eadc32e00c1d6cc61b5be32252ce1a5f5b1e7a1ac514aa9cac1ea","sha512":"40fcd49d4611a2e0bea9d0aff879dbbd9394653fcc7331b195b58653e0a0d4da57a613b17144bbdf141a889768c342088184eb9bcd88141a067adc9266bf03e2","ssdeep":"6144:lgTIp2wD3W7LgNbKLzuiTfpQpWTbpcsUokmpCFxTmC33QwhsM76m7tOhXb:lgstTWb7SMnmsUokm06Cww7Ohr","tlshash":"c2c42a5fb746333206d321513a8b52ebf23a113c2659c4b859acc06d27b5e7c933b7a9","first_seen":"2026-02-21T03:18:55.169048Z","last_seen":"2026-03-10T21:29:00.069743Z","times_seen":20,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/js/scripts.min.js","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrwallet.me/","date":"2026-03-05T06:02:39.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /js/scripts.min.js HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=KmzshUd2ACe9fxAg; __ddg10_=1772690559; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=uGdi7BdqveQV36fB; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg10_=1772690560; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:40 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:40 GMT\r\nlast-modified: Wed, 03 Nov 2021 15:41:20 GMT\r\netag: \"22729-5cfe43dcea800-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-length: 37276\r\ncontent-type: text/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":141097,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65280)","md5":"a6c06e89e82a8a7bdfc00996a7674848","sha1":"7a9fd7c34f36dc4c225636673540040f0d3f5ad9","sha256":"d662c3adafb0f4f250360d76b4a47b8677b1d115fee9ec93e7923039d8e1de48","sha512":"fa120c9930aa10a319ba2afadf6c4cb34fe19d3935294bb8c0cd3577329ee09cf330e97a9b700c93b43c2d67a7eef4f8ead3b84a241d63d062a8c5643d515bdd","ssdeep":"3072:lHZ6nNJiRTBCzvyMwjn0SpADH79cVONlqqMb8:5Z6nNcpeyMwjn0SpADH79cVONlqqMw","tlshash":"57d3188db36472a151e7225a539ed10263b65845b80ac4a470768cd7acbde8c03bfffd","first_seen":"2025-05-26T06:04:46.716427Z","last_seen":"2026-03-10T21:29:00.054828Z","times_seen":53,"resource_available":true,"data":null}},"time_used":236,"timings":{"blocked":181,"dns":0,"connect":0,"send":0,"wait":54,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/js/app.js","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrwallet.me/app.html#/login.html","date":"2026-03-05T06:02:46.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /js/app.js HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/app.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=mc6RzgmgWm4JMj3c; __ddg10_=1772690565; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=af14Igog8BCL1k43; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg10_=1772690566; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:46 GMT\r\nlast-modified: Wed, 04 Mar 2026 22:46:07 GMT\r\netag: \"15ea68-64c3a95ec82e8-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: text/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1436264,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62413), with no line terminators","md5":"5b21ccb6f3bd25f67dabf54f70381aff","sha1":"1cd8dea50b297515c2a68a5b68cefa0bab8c63b9","sha256":"b5a0210655e2a07f4cd4531a6f9489932217e8f8baafae142d843c1273275813","sha512":"b260566c509f0906a470c187e2b7d543d2360998be9f4e925a02b537e883ee1e22ff6ede2d5bc2c20f00ad59625a7d7455d43a3c84ab3d8390ffc8652a635e42","ssdeep":"24576:lGwRwRwK1BOsw7OE+SODkFO77YDrHLjmkqbSioNydiW/2VdtuAX1yKPXkqjOLaxh:lGw7OE+SODsO77YDrHLjmkqbSioNydiR","tlshash":"d635293a7389323692939bc1391f916ff2f490293b14445cff3d80e92f71da99236a65","first_seen":"2026-03-05T06:03:06.201172Z","last_seen":"2026-03-05T06:04:31.372394Z","times_seen":2,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.me/favicon-16x16.png","fqdn":"www.xmrwallet.me","domain":"xmrwallet.me","tld":"me"},"ip":{"addr":"185.129.100.248","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.me/app.html#/login.html","date":"2026-03-05T06:02:46.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrwallet.me","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 22:33:49 GMT","end":"Fri, 29 May 2026 22:33:48 GMT"},"fingerprint":{"sha1":"9F:B2:87:C9:F7:6E:8E:B5:BF:55:50:DB:03:5C:51:6F:99:EE:6F:04","sha256":"38:1F:D0:57:AB:A2:64:DC:4B:3E:32:2B:E7:6B:6C:4B:A4:83:E0:98:22:8D:AE:21:BC:6E:FA:41:DE:82:19:AC"}}},"request":{"raw":"GET /favicon-16x16.png HTTP/1.1\r\nHost: www.xmrwallet.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.me/app.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=RlwBiIJc4GQ6XeO8; __ddg10_=1772690566; __ddg9_=91.90.42.154; __ddg1_=9FGq7DESu0NQ2lCddm4S\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=TSN1FaTcsaPoTTD0; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg10_=1772690566; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.me; Path=/; Expires=Thu, 05-Mar-2026 06:22:46 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 05 Mar 2026 06:02:46 GMT\r\nlast-modified: Thu, 12 Jul 2018 15:41:08 GMT\r\netag: \"4e3-570cf311bcd00\"\r\naccept-ranges: bytes\r\ncontent-length: 1251\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/png\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced","md5":"e2345c5a59ed872310c93e727f8c211a","sha1":"2b0dad35a21f43f8eabdb2723d8932a5fd7cb735","sha256":"2f1b81ad12d9dfe9d9573e08ba061d733d744772bfdd9819c43ccac04977e7fe","sha512":"cd69dd3fd04aa5673bc061e2cea256c0770b4990bfa06a1a90a57c3b9066771eb887a1a94663742ada358482755641f092160b0744d32cdf638674ff8d600b8b","ssdeep":"","tlshash":"252154e9f123f087d51626b36a768260ef570ec39e9d97487ec6d01464ad2b912f0b43","first_seen":"2025-07-13T12:50:12.329521Z","last_seen":"2026-03-05T06:04:31.383779Z","times_seen":5,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"www.xmrwallet.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}